Scroll Top



Data is one of the important parts of individual information. Data refers to a kind of representation of various facts, concepts, views, ideas, instructions, or vital information in a way that is appropriate for communicating, interpreting, or processing them by people or by any automated means (SEC. 2(4) OF DPDP, 2022)[1].

DPDP bill, 2022 is a long-awaited bill BJP released the fourth draft of India’s proposed privacy laws. At first look, the Bill presented was quite surprising. It was not a redraft of the earlier bill but a completely new draft and was too easy to understand and shorter than the earlier version. It focuses on various aspects of data protection. It applies to all data collected digitally or online or data collected offline but which is digitalized. Bill helps in creating a bulwark of most data protection legislation consisting of allowing most control to data principals over their data.

“Data Principal” refers to the person in whose relation personal data is given & if such a person is minor then his/her lawful guardian or parents. “Data Fiduciary” refers to any individual who either himself or in affiliation with other individuals determines the motive & means of processing personal data[2].  For processing personal data, data fiduciaries have to take consent primarily and limited circumstances for non-consent-based processing of personal data exist, but it still gives the data principal the right to access, correct, delete, etc their data. The purpose of data privacy was important to protect the right to privacy preserved in Article 21 particularly & part III of the Constitution of India. This act provides for the processing of data provided by the person to protect their personal information and for legal purposes.


Minors seem to be one of the major concerns under this act as the country continues to see an increase in the use of technology and the internet among children. And this all leads to more exposure to online abuses. So the question which arises is how freely should Indian teenagers access the internet. And what are the responsibilities of the platform towards their minor user? Minors’ security was put to the prime concern under the Data Protection Bill, 2022 (SEC 10)[3].

  • Obligations of Data Fiduciaries regarding the personal data processing of minors include obtaining the consent of parents in the way prescribed. Also, he shall not include in any processing of personal data which might cause any kind of harm to a child. He shall not trace or do any form of monitoring of behaviors of minors or any kind of aimed advertising directed towards children[4].


  1. This bill mainly focuses on parental consent for child cyber safety and security instead of making the site security stronger and websites accessible for all. The main concern is with the country where literacy regarding computers or the digital world is so low whole responsibility is lied on the parents, whom themselves rely on children for their digital problems. The office’s statistics show that while over 55 percent of Indians have broadband access, only 20 percent could use the Internet.
  2. The Bill does not factor in how teenagers use various Internet platforms for self-expression and personal development and how central it is to the experience of adolescents these days. It disregards the “best interests of the child” standard, which originated in the 1989 Convention on the Rights of the Child. India has upheld this standard in acts like the Right of Children to Free and Compulsory Education Act, 2009[5], the Commissions for Protection of Child Rights Act, 2005[6], and the Protection of Children from Sexual Offences Act, 2012[7]. However, it has not been applied to the issue of data protection.
  3. As more websites require parental consent it will completely change the internet we know. The government will prescribe later whether verifiability will be based on ID proof, facial recognition, reference-based verification, or some other means. Since it is not possible to tell if the user is a minor without confirming their age, platforms will have to verify the age of every user. This all leads to the giving of more personal data than before. The need of the hour is to remove the blanket ban, tracking, monitoring, etc and should use the risk-based approach instead of parental consent and age verification and other obligation should try to develop a safer product for children. Relaxing the age of consent as the current norm fixes the age of 18 for parental consent, but it should be relaxed to 13 years as it seems to be the normal age when a child develops a normal level of understanding a graded approach has been suggested by Bharti under which children below 13 years of age and children who fall in the age group of 13-16 should be treated differently[8] . This relaxation in the age of consent in tandem with the risk mitigation approach elucidated above will achieve protection for children online while allowing them access.


In the Indian context, the government should be doing a wide survey that will include a huge survey of Indian society including children and adults knowing their internet routine and habits. That will help in developing in more friendly and safe policy at a wide range. To keep the young generation safe we should focus on major social awareness and not only put pressure, particularly on parents but instead should make a society-wide objective. At last, it is important to raise awareness among minors about the rights provided to them and what should be done to uphold their rights online as an increase in the use of the internet and wider sharing of information their rights must be upheld.

Author(s) Name: Shivakant Swami (Amity University, Gwalior)


[1] (Recommendations by on the Digital Personal Data Protection Bill 2022),

<>  accessed on 6

February 2023.  Section 2(4) – “data” means a representation of information, facts, concepts, opinions or instructions in a manner suitable for communication, interpretation or processing by humans or by automated means.



%202022_0.pdf> accessed on 5 March 2023

[3]  THE DIGITAL PERSONAL DATA PROTECTION BILL, 2022, Section 10 – Additional obligations in relation to processing of personal data of children.



%202022_0.pdf> accessed on 5 March 2023




[8]> accessed on 7 February 2023