Law4u - Made in India
Home
Lawyer Signup Download Apps

What Are The Penalties Under The DPDP Act, 2023?

Cyber and Technology Law

Answer By law4u team

The Digital Personal Data Protection Act, 2023 (DPDP Act) establishes a comprehensive framework for the protection of personal data in India. It outlines specific penalties for various breaches to ensure compliance and safeguard individuals' privacy. The Data Protection Board (DPB) is empowered to impose these penalties, considering factors such as the nature and gravity of the breach, the type of personal data affected, and the actions taken by the data fiduciary to mitigate the breach.

Penalties Under the DPDP Act, 2023

Offence Maximum Penalty
Failure to take reasonable security safeguards to prevent data breaches ₹250 Crores
Failure to notify the Board or affected data principal of a data breach ₹200 Crores
Breach of obligations related to children's data ₹200 Crores
Breach of obligations by significant data fiduciaries ₹150 Crores
Breach of duties by data principals ₹10,000
Breach of terms of voluntary undertaking accepted by the Board Up to applicable breach penalty
Breach of any other provision of the Act or rules made thereunder ₹50 Crores

Note: All penalties are credited to the Consolidated Fund of India.

Factors Considered in Determining Penalties

The Data Protection Board considers the following factors when determining the amount of monetary penalty:

  • Nature, gravity, and duration of the breach
  • Type and nature of the personal data affected
  • Repetitive nature of the breach
  • Gain or loss resulting from the breach
  • Mitigating actions taken and their effectiveness
  • Proportionality and effectiveness of the penalty in ensuring compliance
  • Likely impact of the penalty on the offender

Example

Scenario:
A significant data fiduciary fails to implement reasonable security safeguards, resulting in a data breach affecting a large number of individuals' personal data.

Steps:

  • Incident Occurrence: The data fiduciary's system is compromised due to inadequate security measures.
  • Notification: The fiduciary fails to notify the Data Protection Board or the affected individuals within the stipulated time frame.
  • Investigation: The Data Protection Board conducts an inquiry and determines the breach is significant.
  • Penalty Imposition: Considering the factors mentioned above, the Board imposes a penalty of ₹150 Crores on the data fiduciary.

This example illustrates the process and considerations involved in the imposition of penalties under the DPDP Act, 2023.

Our Verified Advocates

Get expert legal advice instantly.

Advocate Selgin B

Advocate Selgin B

High Court, GST, Anticipatory Bail, Civil, Arbitration, Armed Forces Tribunal, Banking & Finance, Corporate, Divorce, Cyber Crime, Family, Landlord & Tenant, R.T.I, Recovery, Trademark & Copyright, Tax, Motor Accident, Cheque Bounce, Bankruptcy & Insolvency, Consumer Court, Insurance, Property, Wills Trusts, Breach of Contract

Get Advice
Advocate K Rajkumar

Advocate K Rajkumar

Civil, Criminal, Divorce, Domestic Violence, Family, Motor Accident, Property, Child Custody, Banking & Finance, Breach of Contract, Cyber Crime, Insurance, Labour & Service, High Court, Anticipatory Bail, Bankruptcy & Insolvency, Court Marriage, Corporate, Muslim Law, Landlord & Tenant, Documentation

Get Advice
Advocate Vishnu Pratap Narayan Singh

Advocate Vishnu Pratap Narayan Singh

High Court, Criminal, Cheque Bounce, Banking & Finance, Labour & Service, Property, Civil, Motor Accident

Get Advice
Advocate Ankesh Pal

Advocate Ankesh Pal

Anticipatory Bail, Cheque Bounce, Civil, Court Marriage, Criminal, Divorce

Get Advice
Advocate Sudhir Kulshreshtha

Advocate Sudhir Kulshreshtha

Banking & Finance, Cheque Bounce, GST, Domestic Violence, High Court, Tax

Get Advice
Advocate Ravi Kumar Perumal

Advocate Ravi Kumar Perumal

Banking & Finance, Cheque Bounce, Motor Accident, Criminal, Civil

Get Advice
Advocate Ishan Mishra

Advocate Ishan Mishra

Cheque Bounce, Civil, Court Marriage, Criminal, Family, Divorce, Property, Revenue, High Court, Anticipatory Bail, Consumer Court, Domestic Violence, Landlord & Tenant

Get Advice
Advocate Vishnu Solanke

Advocate Vishnu Solanke

Banking & Finance, Cheque Bounce, Criminal, Cyber Crime, Domestic Violence, Family, Property, Anticipatory Bail, Civil, Divorce

Get Advice

Cyber and Technology Law Related Questions

Discover clear and detailed answers to common questions about Cyber and Technology Law. Learn about procedures and more in straightforward language.

16-Dec-2025 | Cyber and Technology Law

Can Elder Abuse Victims Relocate For Safety?
Read Now By Law4u
16-Dec-2025 | Cyber and Technology Law

How Effective Is The Maintenance And Welfare Of Parents And Senior Citizens Act?
Read Now By Law4u
16-Dec-2025 | Cyber and Technology Law

Can You Sue An E-Commerce Platform For Fraud?
Read Now By Law4u
16-Dec-2025 | Cyber and Technology Law

How Does India Collaborate Internationally On Cybersecurity?
Read Now By Law4u
16-Dec-2025 | Cyber and Technology Law

What Are The Legal Duties Of A CISO?
Read Now By Law4u
16-Dec-2025 | Cyber and Technology Law

What Is Penetration Testing?
Read Now By Law4u
See More Questions