India: Digital Personal Data Protection (Amendment) Act (277/2024) including age verification requirement was introduced in Parliament

On 5 December 2025, the Digital Personal Data Protection (Amendment) Act (277/2024) was introduced in the lower house of the Indian Parliament (Lok Sabha). The proposed Act amends the Digital Personal Data Protection Act of 2023. It modifies section 9 to add a requirement that the consent obtained by Data Fiduciaries from parents or guardians of minors to process minors' data be digitally authenticated. The Act specifies that the responsibility for age-verification of the responsible adult falls upon the Data Fiduciary, to apply such mechanisms as are suited to the service and risk classification. As section 9 also prohibits Data Fiduciaries from processing any personal data that is likely to cause a detrimental effect on a child, it also clarifies the definition of "detrimental effect" by providing a non-exhaustive list of examples. Examples include behavioural profiling and advertising, sharing of data that may expose children to risks such as identity theft, online harassment, or addiction, and processing of personal data that may harm children's mental health.