A CRITICAL STUDY OF DATA PROTECTION AND PRIVACY LAWS IN INDIA IN THE DIGITAL AGE

The rapid growth of digital technologies has transformed the collection, processing, and use of personal data, making data privacy a critical legal concern in India. This paper critically examines the evolution of privacy rights, beginning with judicial recognition under *Justice K.S. Puttaswamy (Retd.) v. Union of India*, and analyzes the transition from the fragmented framework under the Information Technology Act, 2000 to the comprehensive regime introduced by the Digital Personal Data Protection Act, 2023. It evaluates the key provisions of the Act, including the rights of Data Principals, obligations of Data Fiduciaries, consent requirements, enforcement mechanisms, and the role of the Data Protection Board of India. The paper further explores contemporary challenges such as government surveillance, data breaches, cross-border data transfers, artificial intelligence, and regulatory enforcement, while comparing India's framework with international models such as the European Union's GDPR. It concludes that although the Digital Personal Data Protection Act, 2023 marks a significant advancement in safeguarding personal data, effective implementation, stronger institutional independence, enhanced public awareness, and technology-specific regulations are essential to ensure a balanced framework that protects privacy while supporting innovation and economic growth in the digital era.