Digital Personal Data Protection Act will likely enter a mature stage: expert at Tech Summit

The Digital Personal Data Protection Act (DPDP), which has been enforced in India, will probably mature to the second or third versions, preventing privacy failures by companies, said Skylark Information Technologies Enterprise Manager G.M. Jagan.

He was speaking at The Hindu Tech Summit 2026, presented by the Vellore Institute of Technology and co-presented by Sify Technologies, in Chennai on Friday.

In a conversation with Suresh Vijayaraghavan, Chief Technology Officer, The Hindu, Mr. Jagan said: “We have our prism in multiple countries. In India, we have got DPDP, which is fully enforced, probably it would also get into a mature stage… version two, version three would come out. We also have worked with IT customers who have a global presence. What happens is with data, proper authorisation factor is not being put up… A small phishing email could cause great havoc… it could bring your entire system down. In that case, we make sure the entire data protection happens in a proper way. Privacy failure is a loss of trust. Because technology is not failing them, trust is failing them. We have to make sure zero trust is in place, and it must focus on integrating multiple end-user devices as well.”

On how integrated IT services across infrastructure, security, cloud, and data keep organisations safe in the face of disruption, he said: “The first disruption happens with identity and access. Nowadays, even customers are more mature than other players.”

Continuity gaps

To a question about what was the biggest gap in continuity planning, Mr. Jagan said: “Skylark works for the top banks in India. We work for manufacturing plants, the IT sector, retail, healthcare, automobile [sectors]. Continuity plan and resilience, both are different. When we talk about continuity, it is more about documents, of a procedure. To have my business continuity, I have to follow these are the procedures, the documents that we have. But something being resilient is more of a behavioural pattern. If any disruption happens, how our organisation remains resilient matters a lot. Most organisations say they have a business continuity plan as per compliance and that they will use its key parameters. But when it comes to real-life scenarios with disruption, we see most of our customers say that though they followed the protocols, it didn’t help. So, we need something more — you need to engineer yourselves and your systems.”

Providing an overview of the modern environment recovery, Mr. Jagan said: “Most of the traditional systems talk about backup… we need to have a proper recovery plan [when an issue arises]. Backup is just having the copies of your data. But recovery is the capability to keep the momentum up.”

On cybersecurity, Mr. Jagan said it must be “proactive.”

.