India's gaming federation urges practical data protection rules for gamers
The All-India Gaming Federation (AIGF) recently issued a on the country’s . With more than 120 members boasting a massive $10 billion valuation and 400 million digital citizens as the user base, AIGF is instrumental in fostering the country’s ethical gaming environment.
Imagine a regulatory battlefield where gaming companies strive to balance user privacy, technological innovation, and business practicality. This is precisely the terrain the AIGF is traversing with its detailed submission to the Ministry of Electronics and Information Technology (MeitY).
AIGFs response is based on ensuring that the regulations bring clarity, practicability, and a business-friendly environment while upholding high standards of data protection. According to its statement, AIGF aspires to create a strong, transparent, and responsible gaming industry consistent with the vision of a $1 trillion digital economy.
Key points and concerns raised by AIGF
The federation is pushing back against blanket encryption mandates. AIGF suggests that companies should have the flexibility to design security measures that fit their unique business models. Its akin to telling chess and basketball players they must use the same training regime.
AIGF proposes a two-stage reporting framework for notifying the Data Protection Board (DPB) about personal data breaches. They recommend up to 72 hours to provide critical information and a longer timeline for updated details. A staggered timeline for reporting is suggested to allow proper investigation before public disclosure.
The federation has also sought clarification on whether the user-base threshold of 5 million registered users applies to individual platforms or the aggregate number of users across all platforms operated by an online gaming intermediary (OGI).
Adding to that, AIGF has also urged the government to interpret the standards of due diligence required to assess algorithmic software and the extent of the restrictions placed on transferring personal data out of India. They also seek clarity on which categories of data would be barred from being transferred out of India.
The federation also highlights the need for guidance on navigating conflicting compliance requirements with foreign jurisdictions. They seek confirmation that exemptions for research activities extend to AI model training, fraud detection, and similar private-sector applications.
Impact on the gaming industry: Whats at stake?
The DPDP Rules will notably impact the online gaming industry in India, particularly concerning data protection and user privacy. Gaming companies are not just facing technological challenges; they are reimagining their data-handling strategies. AIGFs recommendations aim to balance robust data protection with the practical realities of the gaming industry. Key impacts include:
- Data security: Implementing robust protection mechanisms.
- Breach protocols: Developing transparent reporting frameworks.
- Infrastructure redesign: Potentially restructuring data storage solutions.
- Algorithmic transparency: Ensuring user rights are protected at every algorithm level.
