The Ministry of Electronics and Information Technology in India is set to introduce the Digital India Act in 2023, which will replace the outdated Information Technology Act (IT Act) of 2000. The need for a new act arises from the growing complexities of the digital landscape and the need for robust regulations to address emerging challenges such as cybercrime, data protection, and online safety.The Digital India Bill 2023 has been making waves in the news as it promises to revolutionize India’s internet landscape. As a successor to the Information Technology (IT) Act, 2000, this bill will impact various entities on the internet, including social media, e-commerce, and artificial intelligence-based platforms. With the need for an update in the IT Act to align with the current internet era, the Digital India Bill aims to ensure an open and safe internet in the country, protect users’ rights, and accelerate technology innovation. 

Need for the New Act

The IT Act of 2000, with its subsequent amendments, was originally designed to regulate e-commerce transactions and define cybercrime offenses. However, it failed to adequately address the rapid advancements in technology and the evolving cybersecurity threats. The Digital India Act aims to be a catalyst for the Indian economy, fostering innovation and supporting startups, while also prioritizing the safety, trust, and accountability of Indian citizens.

The provisions under the Digital India Act are expected to cover a wide range of areas, including freedom of expression, online safety, artificial intelligence, deepfakes, competition issues among internet platforms, and data protection. The Act is also likely to establish a new adjudicatory mechanism to handle criminal and civil offenses committed online, and revisit the concept of “safe harbour” that allows social media platforms to avoid liability for user-generated content.

In parallel with the Digital India Act, the Indian parliament is also considering the Digital Personal Data Protection Bill of 2022, which aims to regulate the processing of personal data within India, both online and offline. The bill emphasizes the importance of consent, accuracy, security, and erasure of personal data, and grants certain rights to individuals for information, correction, erasure, and grievance redressal. The bill also establishes a Data Protection Board of India to oversee compliance.Let’s dive deeper into the key highlights of the Digital India Bill.

Key components of the proposed DIA are as follows:

In 2022, the Indian Government proposed the enactment of a comprehensive Digital India Act (DIA) to modernize the existing Information Technology Act 2000 (IT Act) and regulate the country’s rapidly evolving digital technologies. Recently, the Ministry of Electronics and Information Technology organized a consultation to discuss the core tenets of the DIA, which aims to ensure an open internet, online safety and trust, and accountability. Let’s take a closer look at the key components of the proposed DIA and its potential impact on India’s digital landscape.

1)Enabling an Open Internet:

One of the fundamental principles of the DIA is to promote an open internet that fosters choice, competition, online diversity, and ease of doing business. The DIA may mandate interoperability of digital services, such as ad-tech platforms and mobile application stores, to promote fair trade practices and non-discriminatory access to digital markets. This is expected to create a level playing field for all players in the digital ecosystem and encourage innovation and competition.

2)Enhanced Obligations for Intermediaries and Entities:

The DIA is likely to impose enhanced obligations on intermediaries, which include search engines, e-commerce platforms, social media platforms, and other digital content platforms. The scope of intermediaries under the DIA is expected to be wide, and compliance requirements may vary based on the nature of their business. Furthermore, entities operating on the internet, even if not classified as intermediaries, may also be subject to specific obligations under the DIA. This approach aims to ensure that intermediaries and other entities take responsibility for the content and services they provide, and thereby protect the interests of users.

3)Safe Harbour Principle:

The DIA is expected to modify the safe harbour principle under Section 79 of the IT Act, which provides protection from liability for intermediaries. Compliance with specific obligations related to hosting third-party information may be a prerequisite for availing safe harbour protection under the DIA. This is aimed at striking a balance between user protection and intermediary liability, ensuring that intermediaries act responsibly in dealing with content on their platforms.

4)Ensuring Online Safety and Trust:

The DIA is expected to introduce robust provisions for protecting users against harmful content and cyber offenses. Specific measures may be proposed, such as periodic risk assessments, algorithmic transparency, and disclosures by data intermediaries to ensure an open internet framework, increase accountability, and enable informed choices for users. In particular, the DIA may focus on protecting children by regulating their access to addictive technology and harmful content through age gating measures.

5)Curbing False Information:

False information, commonly known as fake news, has been a concern on social media platforms and messaging services. The DIA is expected to introduce specific compliance requirements for intermediaries, such as social media platforms, to moderate false information. This is aimed at curbing the spread of misinformation and protecting users from the harmful effects of false information.

6)Regulating Artificial Intelligence:

Given the widespread use of artificial intelligence (AI) in critical fields such as healthcare, banking, and aviation, the DIA may impose rigorous requirements for the development and deployment of AI. This may impact the regulation and safeguarding of emerging technologies such as machine learning, Web 3.0, wearable technology, blockchain, virtual reality, and autonomous systems. The aim is to ensure responsible and ethical use of AI in a rapidly evolving technological landscape.

7)Regulation for Privacy Invasive Devices:

The DIA may introduce provisions to regulate devices that may invade privacy, such as spy camera glasses and wearable technologies. This may include implementation of “Know-Your-Customer” requirements before these devices are approved for sale in markets. This is aimed at protecting the privacy and security of users and ensuring that such devices do not compromise the personal data and privacy of individuals.

8)Data Protection and Consent:

The DIA is expected to strengthen data protection and consent requirements for businesses and intermediaries operating in the digital ecosystem. This may include provisions for obtaining explicit consent from users before collecting their personal data, ensuring transparency in data handling practices, and imposing strict penalties for data breaches. The DIA may also introduce provisions for data localization, requiring businesses to store data within the country, to protect the data sovereignty of India and safeguard against unauthorized access to sensitive information.

9)Cybersecurity Measures:

The DIA is likely to emphasize the importance of cybersecurity and introduce measures to protect critical infrastructure, businesses, and individuals from cyber threats. This may include mandatory cybersecurity audits, incident reporting requirements, and measures to promote cybersecurity awareness and capacity building. The DIA may also lay down standards and best practices for securing digital systems and networks to ensure the integrity, confidentiality, and availability of data.

10)E-commerce and Consumer Protection:

The DIA may introduce provisions to regulate e-commerce, including online marketplaces, payment gateways, and digital payment providers. This may include measures to protect consumer rights, such as clear pricing, transparent return and refund policies, and addressing complaints and grievances of online consumers. The DIA may also introduce mechanisms for dispute resolution and consumer redressal to ensure a fair and safe online shopping experience.

11)Promoting Innovation and Startups:

The DIA is likely to have provisions to promote innovation and entrepreneurship in the digital ecosystem. This may include incentives for startups, such as tax breaks, funding support, and simplified regulatory processes. The DIA may also foster collaboration between academia, research institutions, and industry to promote research and development in emerging technologies and promote India as a global hub for digital innovation.


The proposed Digital India Act (DIA) aims to modernize and regulate India’s digital ecosystem to ensure an open internet, online safety, and accountability. With provisions for promoting competition, protecting user interests, regulating AI, ensuring data protection, cybersecurity measures, and promoting consumer rights and innovation, the DIA is expected to have a far-reaching impact on India’s digital landscape. As the digital economy continues to grow and evolve, the DIA is anticipated to provide a comprehensive legal framework that promotes responsible and ethical use of digital technologies while safeguarding the interests of users and businesses alike.

In comparison to other nations, the European Union has the General Data Protection Regulation (GDPR), which provides comprehensive data protection laws for the processing of personal data. The United States, on the other hand, has limited sector-specific regulations for data protection, with different approaches for the public and private sectors. China has recently introduced the Personal Information Protection Law (PIPL) and the Data Security Law (DSL) to address data privacy and security concerns.

Overall, the Digital India Act and the Digital Personal Data Protection Bill reflect India’s efforts to modernize its digital laws and align with global best practices in protecting the interests of its citizens in the digital realm. These legislative measures are expected to promote innovation, safeguard personal data, and enhance cybersecurity, contributing to the growth of India’s digital economy in the years to come.


Leave a Reply

Your email address will not be published. Required fields are marked *