Understanding the email marketing regulations active in the country you’re working in will save you some costly consequences. Currently, there is no set legislation in place regarding data protection and email marketing in India. While a draft bill was created in 2018, referred to as the Personal Data Protection Bill (PDPB), the passing of the bill is expected to come into force some time in 2023. The draft bill draws heavily from the EU’s GDPR regulations, with similar guidelines and penalties.
The PDPB and its role in email marketing
As yet, the PDPB isn’t legally binding, since it hasn’t been passed. The bill would grant Indian data subjects comprehensive data protection rights and impose limitations on how businesses collect and process personal information and sensitive data. In its place, India is required to abide by the rules outlined by the Information Technology Act 2000 regarding data privacy.
The proposed PDPB guidelines came under criticism from the international tech industry because the data localisation policy stated it would require any company processing personal data from Indian subjects to store a copy of the data on Indian territory. As such, it’s likely that the draft bill will be amended in some way before it’s submitted to parliament.
While there are currently no laws regarding personal data in India, under the Information Technology Act 2000, there is a restriction on publishing obscene content in electronic form. If data is held insecurely or is stolen, compensation can also be due.
The long-awaited PDPB is likely to come into effect later in 2023, and the proposed legislation intends to create a clearer framework for data collection, storage, processing and transfer in India. Organisations and government agencies will be required to pay much closer attention to how they utilise data and this will have a far-reaching effect on businesses operating here, especially those who handle personal data.