This video explores the seriousness of India’s data protection law and what it means for NGOs in practice.

It explains the role of the upcoming Data Protection Board as a regulator—responsible for handling grievances, ensuring compliance, and imposing penalties through due legal process. While penalties can be significant, they are meant as a deterrent, not for routine enforcement.

The video also outlines key action steps for NGOs:

• Review what data you collect and why
• Ensure proper consent, storage, and sharing practices
• Put data security measures in place
• Be cautious when handling sensitive groups (like children)
• Be prepared to delete data when required

It further clarifies that research use of data is not automatically exempt—organizations must assess compliance on a case-by-case basis rather than assuming a blanket exception.