Business Standard

MeitY lets tech firms, data fiduciaries decide on parental consent methods

The Ministry of Electronics and Information Technology has urged tech firms to adopt advanced methods for obtaining parental consent while allowing them to determine the best practices independently

TV, television channel, Free to air, FTA

DRDP Act mandates digital platforms to get parental consent before using the data of children. (Representational Photo)

Prateek Shukla New Delhi

Listen to This Article

The Union Ministry of Electronics and Information Technology (MeitY) has asked big tech companies to follow the best possible technology to comply with the parental consent norm, according to a Financial Express report quoting sources. Similarly, data fiduciaries (those who determine the purpose and means of processing personal data) have also been asked to decide on the parental consent framework themselves for processing children’s personal data.

The development indicates that the government will not provide any modalities around the parental consent norm. This is in line with global norms as several developed nations, including the US, have left it to the data fiduciaries to use a relevant technology for the purpose. However, if any user complaint regarding parental consent comes to notice, the government may step in to assess what kind of steps were followed by the platforms to comply with the norm.
 
Parental consent mandate

Platforms were mandated to get parental consent before using the data of children below 18 years of age through the Digital Personal Data Protection (DPDP) Act, which was passed last year. The Act, however, did not specify what method could be adopted to comply with the parental consent norm.

Meanwhile, industry stakeholders have said that they could ask for additional time from the government to comply with the norm as it would require ‘architectural changes’. Notably, educational institutions, health establishments, and certain government entities have been exempted from the restrictions on the processing of children’s data, sources told FE.

What is DRDP Act?

The DPDP Act regulates the processing of the digital personal data of its citizens. According to the DPDP Act, companies can be booked for a data breach if they use data for any other purpose than for which it was originally collected. Under the Act, a penalty of up to Rs 250 crore can be levied on the company in case of any incidents of data breaches and non-compliance.

Don't miss the most important news and views of the day. Get them on our Telegram channel

First Published: Jul 19 2024 | 10:52 AM IST

Explore News