On April 11, 2011, the Ministry of Communications and Information Technology (Department of Information Technology), Government of India (IT Ministry), issued the following rules regarding the protection of personal information:

  • Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011
  • Information Technology (Electronic service delivery) Rules, 2011
  • Information Technology (Intermediaries guidelines) Rules, 2011  

(collectively, the Privacy Rules).

The new Privacy Rules represent a dramatic change in India’s policy on protection of personal information, which previously regulated only data security and hacking but not privacy.