Cybersecurity Laws and Privacy Protection in India

DOI

10.2991/978-2-38476-426-6_3How to use a DOI?

Keywords

Cybersecurity Legislation; Privacy Protection; Digital Personal Data Protection Act 2023; IT Act 2000

Abstract

Robust cybersecurity and privacy protection legislation has become imperative as India embraces rapid digitization across all sectors. This article critically examines India’s present cybersecurity and data privacy legislation framework in light of its relevance in today’s networked and data-driven environment. An urgent need exists for a comprehensive legal framework to properly tackle emerging challenges posed by the increasing incidence of cyberattacks, data breaches, and surveillance issues. The Information Technology (IT) Act of 2000, while revolutionary at its inception, has been criticized for its inadequacy in tackling contemporary issues such as advanced cybercrimes, challenges posed by artificial intelligence, and the regulation of cross-border data. The proposed enactment of the Digital Personal Data Protection Act, 2023 (DPDPA) aims to address these inadequacies, superseding the previously suggested Personal Data Protection Bill. The new legislation reconciles innovation, privacy, and national security by prioritizing individual permission, data minimization, and responsibility.

The article discusses current trends, specifically the mandatory cybersecurity reporting rules implemented by the Indian Computer Emergency Response Team (CERT-In) and an increased focus on data localization regulations. It assesses the effects of the regulations on all stakeholders, including companies facing compliance challenges, citizens advocating for their privacy rights, and the government pursuing digital sovereignty. Additionally, the report considers India’s engagement with global cybersecurity frameworks and initiatives, reflecting the nation’s efforts to safeguard sovereignty while aligning its policies with international standards. Nevertheless, it raises a warning regarding the abuse of surveillance authority and a pervasive lack of transparency, which are enduring issues. This study underscores the necessity for continuous legislative advancement to address the evolving cybersecurity landscape, protect citizens’ rights, and stimulate economic growth inside the digital realm. This document serves as a valuable resource for policymakers, legal experts, and technology professionals engaged in establishing a secure and equitable digital future for India.

Copyright

© 2025 The Author(s)

Open Access

Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 4.0 International License (http://creativecommons.org/licenses/by-nc/4.0/), which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.

Download article (PDF)

TY  - CONF
AU  - Aarti Lamba
AU  - Priti Ramani Nayyar
AU  - Twinkle Tanwar
PY  - 2025
DA  - 2025/06/06
TI  - Cybersecurity Laws and Privacy Protection in India
BT  - Proceedings of the National Seminar on Enhancing Privacy Protection in the Digital Age: Legal Challenges & Innovations (NSEPPDA 2025)
PB  - Atlantis Press
SP  - 22
EP  - 39
SN  - 2352-5398
UR  - https://doi.org/10.2991/978-2-38476-426-6_3
DO  - 10.2991/978-2-38476-426-6_3
ID  - Lamba2025
ER  -