With the rapid pace of digitalisation and connectivity, the automotive sector has transformed by adopting advanced technologies such as connected vehicles, autonomous driving systems and vehicle-to-everything (V2X) communication. While these innovations have improved convenience and efficiency for manufacturers and consumers, they have also brought forth data privacy and security challenges. The Digital Personal Data Protection Act (DPDPA), 2023, addresses these challenges by setting clear guidelines for data protection practices and ensuring compliance across the industry. The Act safeguards personal information collected through various digital channels within the automotive ecosystem.

Gathering and usage of data within the upstream and downstream automotive value chain

Opportunities arising from DPDPA 2023

A few opportunities which can be utilised by the companies on their journey towards becoming compliant include:

Enhanced customer trust

Once customers are assured that their personal data not being misused, they will engage more, which is expected to foster higher trust levels and result in better customer engagement. 

Augmented risk mitigation

Aligning with the DPDPA requirements can improve the overall cybersecurity infrastructure of companies, reducing the risk of data breaches. Consequently, this will enhance their overall risk mitigation processes. 

Ease of doing business globally

Improved risk mitigation and data processing procedures will facilitate companies and the automotive industry to align with the global data protection standards, making it easier to conduct business in international markets.

Publication

Auto Byte - November 2023

The Act empowers both customers and automakers by establishing clear guidelines for the collection, storage and sharing of data.

How Grant Thornton Bharat can help

  • Automated tools
    Implement automated tools for streamlined compliance 
  • Assist CIOs and CSOs
    Collaborate with our technical experts to align your IT systems and security measures with DPDPA requirements 
  • Tailored solutions
    Customised approach for different industries
  • Data Protection Office setup
    Support in setting up and managing the Data Protection Office
  • Efficient data management
    • Guide in identifying and gathering data as per DPDPA requirements
    • Streamline data assimilation and management without manual complexities
  • Independent data auditor focus
    • Fulfill the need for an independent data auditor as mandated
    • Impartial assessments to guarantee compliance 
  • Protecting reputation and governance
    • Integrate DPDPA compliance into governance practices
    • Ensure airtight compliance to uphold the reputation of Independent Directors
  • Expert dispute resolution
    Expert assistance in resolving disputes arising from data breaches