Regulating Children’s Personal Data Protection in India: No Child’s Play

The rise of technologies, including voice recognition, predictive analytics, and content personalization algorithms, foreshadows a future where decision-making and autonomy are increasingly ceded to machines. This scenario raises critical questions about the configuration of choices for regulating and safeguarding personal data privacy norms, especially for vulnerable groups like children in India. The recently enacted Digital Personal Data Protection Act, (Digital Personal Data Protection Act, 2023, Government of India) by the Government of India contains provisions for the protection of the digital personal data of citizens, with special clauses dealing with the personal data of children (Section 9 of the Act) and people with disabilities. This is significant because children comprise that section of the population, which is often overlooked in any discourse on data privacy. While such legal and policy guardrails are necessary, challenges may appear in their execution. There are grey areas in the Act concerning verifiable parental consent and detrimental effects arising from processing children’s personal data in certain situations. The government must develop deft definitions and robust implementing regulations to minimize uncalled-for effects in processing children’s data. It must also adopt a strategic approach in harmonizing the concerns of protection and privacy of the young, meeting the varied needs of this demographic in the era of information technology. © Society for International Development 2024.