Abstract
The rapid growth of digital technologies, internet usage, and online services has significantly increased the collection and processing of personal data in India. While digitalization has enhanced efficiency and accessibility across various sectors, it has also raised concerns regarding privacy, cybersecurity, unauthorized surveillance, identity theft, and data breaches. This article examines the concept of data protection and privacy in India and analyzes the legal framework governing personal data. It discusses the evolution of privacy rights through judicial interpretation, particularly the landmark decision in *Justice K.S. Puttaswamy v. Union of India*, which recognized the right to privacy as a fundamental right under Article 21 of the Constitution. The article further evaluates the role of the Information Technology Act, 2000, and the Digital Personal Data Protection Act, 2023, in regulating the collection, processing, and protection of personal information. It also highlights the rights of individuals, obligations of data fiduciaries, and challenges associated with the implementation of privacy laws. The study concludes that effective enforcement of data protection laws is essential to safeguard individual rights and ensure a secure digital environment in India.