Editors Guild of India joins chorus against new Digital Personal Data Protection Act rules

The Editors Guild of India has warned that the framework of the Union government’s newly notified Digital Personal Data Protection Rules 2025, could categorise journalism as data processing, which would require consent even for newsgathering.

The Guild cautioned that such an interpretation could undermine investigative journalism and public-interest reporting

The Guild said the rules, introduced under the Digital Personal Data Protection Act 2023, retain several ambiguities that place newsgathering, investigative reporting and routine editorial processes at risk.

The Guild said that the legislation weakens the Right to Information (RTI) framework and does not provide a clear journalistic exemption. Even after the detailed rules were published, several questions remain unanswered, noted the Guild.

The Guild recalled that the electronics and IT ministry had met media bodies in July 2025 and verbally assured them that journalistic activity would not fall under the scope of the law. But no written clarification has followed.

During that consultation, media organisations had submitted 35 questions seeking clarity on issues such as consent requirements, access to data, the status of research and reporting-related exemptions.

Also Read

Lopsided

The Guild said these concerns remain unresolved.

One of the principal fears is that journalistic work could be categorised as data processing, which would require obtaining consent even for newsgathering.

The Guild cautioned that such an interpretation could undermine investigative journalism and public-interest reporting. It urged the government to issue an immediate clarification exempting bona fide journalistic work from the law, stating that press freedom and the public’s right to information deserve equal protection alongside data security.

The DIGIPUB News India Foundation also issued a statement on Tuesday, arguing that the new rules endanger journalism and weaken India’s transparency regime by diluting the Right to Information Act.

The rules, notified on November 15, operationalise specific provisions of the DPDP Act 2023 and stagger the enforcement of others.

“The DDPPA, 2023 and DPDPR, 2025, collectively cripple the Right to Information Act, which is one of the most important legislations for democratic accountability, but also create a regulatory framework that endangers journalism,” DIGIPUB said.

The organisation highlighted that the rules lay out procedures for consent managers, data retention, processing of children’s data, obligations for significant data fiduciaries, and carve-outs for the state when processing personal data.

DIGIPUB said the framework grants sweeping access and enforcement powers to the government without providing any statutory exemption for journalists.

“They endanger source confidentiality, hinder public-interest investigations, obstruct anti-corruption disclosures, and weaken the information framework essential for democratic accountability. The Rules also create avenues for disproportionate state overreach and covert interference with editorial independence,” the statement said.

DIGIPUB said it had earlier opposed the removal of the journalistic carve-out from the Act and pointed out that Section 44(3) alters Section 8(1)(j) of the RTI Act. This substitution abolishes the public-interest override and further restricts access to information.

Like the Guild, the DIGIPUB said it had submitted these concerns in writing and held meetings with senior officials at the ministry, followed by a consolidated list of critical questions and objections sent by post.

None of these communications elicited a response.

The foundation also noted that a government source had informed the Press Trust of India in August that FAQs would soon be released to address concerns raised by journalists and RTI activists.

DIGIPUB said even those FAQs have not materialised, calling the silence a departure from the democratic consultative process and a disregard for press freedom and the constitutional right to information.

It said the new law and rules impose an unreasonable burden on independent media and pose a serious threat to freedom of speech under Article 19(1)(a).

The organisation called on the government and the electronics and IT ministry to begin a reform process to restore a clear statutory exemption for journalistic and public-interest processing.

It urged the ministry to initiate a transparent and time-bound consultation on the issues submitted by media groups and amend provisions that undermine media freedom, access to information and the integrity of the digital public sphere.

A free and independent press, it said, is indispensable to any democratic republic.

The Digital Personal Data Protection Rules 2025 include expected features of a modern data protection framework. These include clearer notices on data use and storage, mandatory breach disclosures, parental consent requirements for minors, obligations for grievance redressal and the establishment of a digital Data Protection Board.

The rules also increase accountability for companies through stricter audits for significant data fiduciaries, enhanced obligations for sensitive sectors such as healthcare and finance, and penalties of up to 250 crore rupees for violations.

Industry bodies like NASSCOM and IAMAI have expressed concern that heavy certification and compliance requirements, including annual data protection impact assessments and audits, may burden start-ups and smaller enterprises.

Among the most debated aspects is Rule 23, which authorises the government to seek personal data from any data fiduciary without the citizen’s consent. The grounds cited include national security, sovereignty, integrity of India, public order or any function of law.

Companies are prohibited from informing individuals when such requests are made. At the same time, Section 44(3) of the Act amends the RTI Act to block the disclosure of almost all personal information, leaving citizens with fewer avenues for transparency while widening the State’s access.

Although the rules promise greater citizen control over personal data, the only provision taking effect immediately is the one that expands the State’s authority and tightens restrictions on information access.

Editors Guild of India joins chorus against new Digital Personal Data Protection Act rules

The Guild said that the legislation weakens the Right to Information (RTI) framework and does not provide a clear journalistic exemption

Lopsided

RELATED TOPICS

The fraud case against Gautam Adani is stuck in legal limbo in America

Maharashtra: Shiv Sena fumes at BJP, Ajit Pawar’s son ‘gets reprieve’ in ‘land scam’

Markets bounce back: Sensex jumps 513 points to settle at 85,186, Nifty reclaims 26,000

I have done nothing. I am also a victim, I too want justice

Musk was there. Who else attended Trump’s lavish dinner with the Saudi Crown Prince?

Dhaka: Student body that spearheaded anti-Hasina protests registers as political party

Ghost of Franco haunts Spain, far-right revival sparks glorification of dictator

Submitted SIR form? Here’s a quick guide to check if your BLO has digitised your details

Salil Chowdhury @100: 8 songs by the music legend we still can't stop humming

Dhruv Rathee slams Aditya Dhar over gore in ‘Dhurandhar’, compares it to ISIS beheadings

Pradhan emerges as top contender for BJP chief role as Bihar win shifts dynamics

Donald Trump hosts Saudi Crown Prince: Major deals, F-35 talks and a display of bromance