The Impact of Digital Personal Data Protection Laws on Right to Privacy in India
Abstract
In the twenty-first century, personal data has emerged as the new currency of power, determining not only
commercial success but also political control, social participation, and individual dignity. The digital
transformation of India has been both unprecedented and unparalleled in scale, encompassing every
dimension of daily life—from banking, healthcare, and education to governance and civic engagement. Yet,
this rapid datafication has produced a parallel universe of vulnerabilities where personal information is
incessantly collected, stored, analyzed, and monetized by both state and private actors. Against this backdrop,
the constitutional guarantee of privacy under Article 21 of the Indian Constitution has gained renewed
significance. The recognition of privacy as a fundamental right in the landmark K.S. Puttaswamy judgment
of 2017 laid the normative foundation for a comprehensive data protection regime, which finally materialized
through the Digital Personal Data Protection Act of 2023. This paper investigates how this new legislation
reconfigures the legal and ethical landscape of privacy in India, and whether it successfully reconciles the
competing imperatives of innovation, economic development, and individual autonomy. The research begins
by situating the concept of privacy within India’s constitutional framework, tracing its evolution from mere
implicit recognition to explicit articulation as a fundamental right. It then examines the theoretical
underpinnings of data protection as an extension of informational self-determination, highlighting the
philosophical tensions between collective welfare and personal control. Through a rigorous doctrinal and
empirical analysis, this paper evaluates how far the Indian data protection model aligns with global
standards, particularly the European Union’s General Data Protection Regulation (GDPR), while also
accommodating India’s developmental realities and digital diversity.
commercial success but also political control, social participation, and individual dignity. The digital
transformation of India has been both unprecedented and unparalleled in scale, encompassing every
dimension of daily life—from banking, healthcare, and education to governance and civic engagement. Yet,
this rapid datafication has produced a parallel universe of vulnerabilities where personal information is
incessantly collected, stored, analyzed, and monetized by both state and private actors. Against this backdrop,
the constitutional guarantee of privacy under Article 21 of the Indian Constitution has gained renewed
significance. The recognition of privacy as a fundamental right in the landmark K.S. Puttaswamy judgment
of 2017 laid the normative foundation for a comprehensive data protection regime, which finally materialized
through the Digital Personal Data Protection Act of 2023. This paper investigates how this new legislation
reconfigures the legal and ethical landscape of privacy in India, and whether it successfully reconciles the
competing imperatives of innovation, economic development, and individual autonomy. The research begins
by situating the concept of privacy within India’s constitutional framework, tracing its evolution from mere
implicit recognition to explicit articulation as a fundamental right. It then examines the theoretical
underpinnings of data protection as an extension of informational self-determination, highlighting the
philosophical tensions between collective welfare and personal control. Through a rigorous doctrinal and
empirical analysis, this paper evaluates how far the Indian data protection model aligns with global
standards, particularly the European Union’s General Data Protection Regulation (GDPR), while also
accommodating India’s developmental realities and digital diversity.
Keywords: Digital Rupee, Central Bank Digital Currency, Indian Trade, Financial Inclusion, Digital Transformation, Monetary Policy, Cashless Economy