Code: Section 35 – DPDP Act, 2023
No suit, prosecution or other legal proceedings shall lie against the Central
Government, the Board, its Chairperson and any Member, officer or employee thereof for
anything which is done or intended to be done in good faith under the provisions of this
Act or the rules made thereunder.
—
Explanation of Section 35 – DPDP Act
Section 35 of the Digital Personal Data Protection Act, 2023 offers legal protection to the Central Government, the Data Protection Board, and its personnel. It safeguards them from lawsuits or legal action when they act in good faith while performing their duties under this Act or its rules.
The key term here is “good faith.” If an action is taken honestly, with the intention to follow the law—even if the outcome is not perfect—this section protects the official or body from legal consequences.
Such provisions are common in Indian law. They are meant to allow government bodies to act efficiently without fear of personal liability when doing their jobs lawfully and sincerely.
Key Highlights
- Covers actions taken by the Central Government, the Data Protection Board, and its officials.
- Applies only to acts done in good faith.
- Prevents misuse of legal processes against sincere officials performing their duties.
- Ensures that lawful implementation of the DPDP Act is not hindered by fear of litigation.
—
Illustration
Example 1: Unintentional Error During Investigation
A Board officer sends a notice to the wrong organization while investigating a data breach. The mistake was unintentional and corrected quickly. Because the officer acted in good faith, they are protected from a lawsuit under Section 35.
Example 2: Policy Issued by the Government
The Central Government issues a data handling guideline under the DPDP Act. A company affected by this policy cannot sue the government if the policy was framed sincerely, even if they disagree with it.
—
Common Questions and Answers on Section 35 DPDP
- What does “good faith” mean in this context?
It refers to actions taken honestly and with sincere intent to follow the law. It does not cover actions taken with negligence, bad intent, or personal gain.
- Who is protected under Section 35?
The Central Government, the Data Protection Board, the Chairperson, Members, officers, and employees are all protected—provided their actions are lawful and done in good faith.
- Can someone still challenge the Board’s decision?
Yes. While Section 35 protects individuals from personal legal action, it does not prevent legal review or appeal against official decisions or orders under the Act.
- Does this protection apply if there is proven misconduct?
No. If an action is proven to be taken with malice, fraud, or bad intent, this section will not offer protection. It only applies to genuine, honest efforts made under the law.
- Why is such a clause important?
It allows government bodies to enforce laws without fear of constant legal retaliation. Officials can focus on their responsibilities, provided they act sincerely and lawfully.
—
Conclusion
Section 35 of the Digital Personal Data Protection Act plays a crucial role in supporting fair and efficient enforcement. By protecting officials and institutions acting in good faith, it ensures that the law is implemented smoothly. At the same time, it does not shield bad actors or those acting outside the law.
This protection strengthens the trust in governance while preserving the balance between authority and accountability.
To explore more legal insights into India’s digital laws, visit ApniLaw.
