印度执行新的数字数据规则,要求公司同意、安全、违规报告以及更严格地处理数据。 India enforces new digital data rules requiring consent, security, breach reporting, and stricter data handling for companies.

印度实施了《2025年数字个人数据保护规则》,以执行2023年《DPDP法》,给予公司12至18个月的时间来遵守。 India has implemented the Digital Personal Data Protection Rules 2025 to enforce the 2023 DPDP Act, with companies given 12–18 months to comply. 规则要求明确、可核查的用户同意、透明的数据通知以及加密等安全措施。 The rules mandate clear, verifiable user consent, transparent data notices, and security measures such as encryption. 公司必须在72小时内向用户和数据保护委员会报告违规情况,删除不活动数据,除非有法律要求,并任命数据保护干事。 Firms must report breaches to users and the Data Protection Board within 72 hours, delete inactive data unless legally required, and appoint data protection officers. 大公司面临年度审计和AI影响评估,某些数据未经政府批准不能转移到国外。 Large companies face annual audits and AI impact assessments, and certain data cannot be transferred abroad without government approval. 条例旨在加强用户控制,减少垃圾邮件,并使印度与GDPR等全球标准保持一致。 The regulations aim to enhance user control, reduce spam, and align India with global standards like GDPR.