New Delhi: The DIGIPUB News India Foundation and the Editors Guild of India have raised deep concerns over the Digital Personal Data Protection Rules, 2025, that were notified last week, bringing its controversial provisions into effect.The media watchdogs have warned that it undermines press freedom, cripples the Right to Information Act and exposes journalists to various compliance burdens. The rules were notified on November 15, two years after it was first drafted.On pen and paper, the DPDP Act is India’s first law to preserve the privacy of individuals and lays the onus on platforms to secure informed consent from users. This is bound to change the way individuals interact with platforms, and will also make platforms liable to preserve – or delete on request – private information of all citizens. The government has said that its implementation will be in a staggered manner over a period of 18 months to give companies time to raise their standards to the level of the law. Also read: Data Protection for Whom?At the moment, the government has enforced terms related to setting up a data protection board (and the salaries and conditions of employment of its members), and its powers to enforce penalties, etc.However, the DIGIPUB has expressed its deep concern. “The DPDPA, 2023 and DPDPR, 2025 collectively cripple the Right to Information Act which is one of the most important legislations for democratic accountability but also create a regulatory framework that endangers joumalism,” the DIGIPUB stated. “By excluding journalists from any statutory exemption and granting the State broad access and enforcement powers, they open the door to indirect censorship, a chilling effect on free expression, and disproportionate surveillance of legitimate newsgathering activities. They endanger source confidentiality, hinder public-interest investigations, obstruct anti-corruption disclosures, and weaken the information framework essential for democratic accountability. The Rules also create avenues for disproportionate state overreach and covert interference with editorial independence,” it added.DIGIPUB expresses its deep concern over the Digital Personal Data Protection Rules, 2025. pic.twitter.com/FEtsrSl0pg— DIGIPUB News India Foundation (@DigipubIndia) November 18, 2025DIGIPUB had earlier submitted formal objections to the removal of the journalistic carve-out from the DPDPA, 2023 and also highlighted that Section 44(3) substitutes Section 8(1)(j) of the RTI Act, thereby abolishing the public-interest override and making access to information even more restrictive. Representatives had also met the MeitY secretary to formally present these concerns in the consultation hosted by the ministry. However, they did not receive any response any further, nor were the concerns resolved.Also read: ‘Unchecked Powers to Govt, New Barriers to Transparency’: IFF on Digital Personal Data Protection Act“As reported by the Press Trust of India on August 08, 2025 through various forums including the Business Standard, in response to the concerns of journalists and RTI activists, a source from MEITY noted that they would be publishing FAQs on the DPDPA, 2023. However, even such FAQ has not been issued despite objections from multiple press bodies including DIGIPUB. This reflects a serious departure from the democratic consultative process expected in delegated legislation and demonstrates disregard for press freedom and the constitutional right to information,” the DIGIPUB stated, adding that the new rules pose “a serious threat to the fundamental right to freedom of speech and expression under Article 19(1)(a) and imposes an unreasonable, constitutionally suspect burden on independent media”. Meanwhile, the Editor’s Guild, along with other media organisations, had earlier urged the MeitY to issue a legally tenable clarification or amendatory provision to explicitly safeguard journalistic activities with a detailed set of 35 questions. They too said that there has been no official response since then.“The notified Rules do not alleviate these concerns. Ambiguous obligations around consent risk exposing journalists and newsrooms to compliance burdens that may impede routine reportage. Without explicit exemptions or clarifying guidance, the possibility remains that journalistic activities could be interpreted as “processing” requiring consent, thereby chilling newsgathering and hindering accountability journalism,” the Guild stated.Statement on the Notified Rules Under the Digital Personal Data Protection Act pic.twitter.com/wF9DqJANIS— Editors Guild of India (@IndEditorsGuild) November 19, 2025The Editors Guild has urged MeitY to urgently issue a clear and categorical clarification exempting bona fide journalistic activity from the consent and processing requirements of the Act. “In the absence of such clarity, confusion and over-compliance will weaken press freedom and obstruct the media’s essential role in a democratic society. The Guild reiterates that data protection and privacy are vital objectives, but they must be balanced with the constitutional guarantee of freedom of speech and the public’s right to know,” it stated.