 "Social media")
Social media companies are voicing significant concerns over the new Digital Personal Data Protection (DPDP) Act, particularly focusing on the challenges posed by restrictions on behavioural tracking of children and the need for verifiable parental consent (VPC), according to a report by The Economic Times.
As the Indian government prepares to release the rules for the DPDP Act, these platforms hope their issues will be addressed to balance privacy with safety.
What is the Digital Personal Data Protection Act?
The DPDP Act was notified in the Gazette in August last year.
The Act has previously been criticised for allowing the government to access private and government agency data on grounds of sovereignty or public order, raising concerns about potential misuse of power and privacy infringement.
What does the Act say about data protection of minors?
As a protection measure, the Act requires verifiable consent from a legal guardian for processing data of children under 18. This necessitates age verification, potentially compromising digital anonymity and conflicting with India’s obligations under the Convention on the Rights of the Child. It also includes stringent provisions in Section 9 that disallow behavioural tracking of children on digital platforms.
Tech giant concern with behavioural tracking
The inability to track behaviours of children has raised alarms among social media companies, as they argue that behavioural tracking is essential for ensuring the effectiveness of their safety features designed to protect young users.
Major players like Google, Meta, YouTube, and Snap, have expressed their worries about the implications of the DPDP Act. They assert that tracking user behaviour, including that of children, is crucial for detecting and preventing predatory behaviour and other online threats.
More From This Section
 "air cargo airplane aviation")
 "Office, Office space")
 "Tata Hitachi, Tata Group, Hitachi")
 "Office, Office space")
European Union data protection regulations
Similar regulations in the European Union had also banned behavioural tracking, however, this had led to the suspension of certain safety features. After reviewing the consequences, the European regulator eventually allowed exceptions to reinitiate these safety measures.
Parental consent issues
Another concern is the requirement for parental consent before processing a child’s data, as mandated by Section 9. Companies are struggling to find a feasible mechanism to obtain this consent and are looking to the forthcoming rules for clarity. They suggest that the government should identify third parties to handle VPC, as it is challenging for companies to manage this process independently.
Potential solutions and government role
Companies are advocating for exemptions that would allow certain types of data processes to continue, even under the new law, ET reported. They hope the government will provide these exemptions to avoid the unintended consequence of compromising child safety online.
Executives have reportedly proposed a token-based solution for obtaining parental consent, which would be safer and more efficient than requiring parents to share their IDs with multiple companies. They also emphasise the need for clear guidelines on who these third-party verifiers will be.
 "Ed Sheeran (left) and Diljit Dosanjh during their performance at the Mahalaxmi Race Course, Mumbai, in March this year")
 "Homegrown microblogging platform Koo has, however, been India's most successful attempt at recreating the X model social media apps")
 "Donald Trump, Trump")
 "WhatsApp")
 "X, Twitter, X Logo")
