Law4u - Made in India
Home
Lawyer Signup Download Apps

What Are The Penalties Under The DPDP Act, 2023?

Cyber and Technology Law

Answer By law4u team

The Digital Personal Data Protection Act, 2023 (DPDP Act) establishes a comprehensive framework for the protection of personal data in India. It outlines specific penalties for various breaches to ensure compliance and safeguard individuals' privacy. The Data Protection Board (DPB) is empowered to impose these penalties, considering factors such as the nature and gravity of the breach, the type of personal data affected, and the actions taken by the data fiduciary to mitigate the breach.

Penalties Under the DPDP Act, 2023

Offence Maximum Penalty
Failure to take reasonable security safeguards to prevent data breaches ₹250 Crores
Failure to notify the Board or affected data principal of a data breach ₹200 Crores
Breach of obligations related to children's data ₹200 Crores
Breach of obligations by significant data fiduciaries ₹150 Crores
Breach of duties by data principals ₹10,000
Breach of terms of voluntary undertaking accepted by the Board Up to applicable breach penalty
Breach of any other provision of the Act or rules made thereunder ₹50 Crores

Note: All penalties are credited to the Consolidated Fund of India.

Factors Considered in Determining Penalties

The Data Protection Board considers the following factors when determining the amount of monetary penalty:

  • Nature, gravity, and duration of the breach
  • Type and nature of the personal data affected
  • Repetitive nature of the breach
  • Gain or loss resulting from the breach
  • Mitigating actions taken and their effectiveness
  • Proportionality and effectiveness of the penalty in ensuring compliance
  • Likely impact of the penalty on the offender

Example

Scenario:
A significant data fiduciary fails to implement reasonable security safeguards, resulting in a data breach affecting a large number of individuals' personal data.

Steps:

  • Incident Occurrence: The data fiduciary's system is compromised due to inadequate security measures.
  • Notification: The fiduciary fails to notify the Data Protection Board or the affected individuals within the stipulated time frame.
  • Investigation: The Data Protection Board conducts an inquiry and determines the breach is significant.
  • Penalty Imposition: Considering the factors mentioned above, the Board imposes a penalty of ₹150 Crores on the data fiduciary.

This example illustrates the process and considerations involved in the imposition of penalties under the DPDP Act, 2023.

Our Verified Advocates

Get expert legal advice instantly.

Advocate Chokshi Preamit

Advocate Chokshi Preamit

Anticipatory Bail, Arbitration, Bankruptcy & Insolvency, Banking & Finance, Cheque Bounce, Child Custody, Civil, Consumer Court, Court Marriage, Criminal, Cyber Crime, Divorce, GST, Domestic Violence, Family, High Court, Muslim Law, Property, Recovery, RERA, Succession Certificate, Supreme Court, Tax, Wills Trusts, Revenue

Get Advice
Advocate Ronak Ali

Advocate Ronak Ali

Anticipatory Bail, Cheque Bounce, Child Custody, Civil, Consumer Court, Criminal, Cyber Crime, Family, Motor Accident, Muslim Law, Property, Divorce, Court Marriage, Banking & Finance, Insurance

Get Advice
Advocate Mohanjeet Singh

Advocate Mohanjeet Singh

Anticipatory Bail, Cheque Bounce, Child Custody, Civil, Court Marriage, Criminal, Cyber Crime, Divorce, Domestic Violence, Family, High Court, Landlord & Tenant, Media and Entertainment, Motor Accident, Muslim Law, Property, R.T.I, Recovery, Wills Trusts

Get Advice
Advocate Anupam Singh

Advocate Anupam Singh

Cheque Bounce,Consumer Court,Motor Accident,Family,Divorce,

Get Advice
Advocate Suresh Kumar Choudhary

Advocate Suresh Kumar Choudhary

Cheque Bounce,Civil,Property,R.T.I,Revenue,

Get Advice
Advocate Eraz Alam

Advocate Eraz Alam

Criminal, Motor Accident, Arbitration, Divorce, Domestic Violence

Get Advice
Advocate Ambrish Dwivedi

Advocate Ambrish Dwivedi

Cheque Bounce,Civil,Criminal,Documentation,GST,Domestic Violence,High Court,Labour & Service,Landlord & Tenant,Revenue

Get Advice
Advocate Vivek Singh Ahlawat

Advocate Vivek Singh Ahlawat

Anticipatory Bail, Breach of Contract, Cheque Bounce, Child Custody, Court Marriage, Criminal, Divorce, Domestic Violence, High Court, Motor Accident

Get Advice

Cyber and Technology Law Related Questions

Discover clear and detailed answers to common questions about Cyber and Technology Law. Learn about procedures and more in straightforward language.

28-Oct-2025 | Cyber and Technology Law

Are Lok Sabha/MLA Representatives Required to Raise Issues Related to Elder Abuse?
Read Now By Law4u
28-Oct-2025 | Cyber and Technology Law

How Do Civil Society and Legal Institutions Collaborate on Elder Issues?
Read Now By Law4u
28-Oct-2025 | Cyber and Technology Law

Can a Senior Citizen Start a Public Interest Litigation (PIL)?
Read Now By Law4u
28-Oct-2025 | Cyber and Technology Law

What Is the Difference Between Elder Abuse and Domestic Violence?
Read Now By Law4u
28-Oct-2025 | Cyber and Technology Law

Can Elders Get Access to Legal Interns or Law School Support?
Read Now By Law4u
28-Oct-2025 | Cyber and Technology Law

Can Court-Appointed Guardians Misuse Their Power Over Elders?
Read Now By Law4u
See More Questions