The National Association of Software and Service Companies (Nasscom) said while the Digital Personal Data Protection Rules 2025 marks a significant milestone in strengthening India’s personal data protection architecture, there were some industry concerns during consultation that could not be addressed through subordinate legislation.

Some of these concerns include “overarching structure of parental consent, the statutory age threshold for children and the requirement that all personal data breaches be notified.”

“Our focus now moves to supporting implementation in a manner that is practical, proportionate and aligned with the objectives of the law,” the technology industry body said following the government’s notification of the DPDP Rules on November 14 .

Nasscom commended the Minis

See Full Page