Digital Payment Organizations Request Exemption from Certain Provisions of the DPDP Act
In a bid to streamline digital transactions and avoid potential disruptions, four major players in the Indian digital payments landscape - Google Pay, PhonePe, Amazon Pay, and the National Payments Corporation of India (NPCI) - have reportedly sought an exemption from certain provisions of the Digital Personal Data Protection (DPDP) Act.
The core issue revolves around the DPDP Act's emphasis on obtaining explicit consent for every data processing activity, including every transaction. The companies argue that this requirement, which also applies to recurring payments, could significantly complicate the payment system and escalate expenses, potentially hindering the efficiency and user experience of digital payments.
The Case for Exemption
The potential implications of this mandate are far-reaching. For recurring payments, the need for consent with every transaction could make it impractical to process automatic or recurring bills, affecting subscription models and seamless payment experiences. Smaller companies and startups, with their operational challenges, may bear the brunt of this increased procedural and compliance burden, potentially limiting innovation and competition in the digital payments ecosystem.
The Background
PhonePe, a fintech company founded in 2015 and headquartered in Bengaluru, is among the digital payment platforms seeking relief. The company, founded by Burzin Engineer and two other individuals, has raised a total of $2.3 Bn in funding.
The issue has gained traction due to frequent massive UPI outages, prompting the NPCI to roll out additional measures for payment service providers (PSPs) and acquiring banks to streamline UPI transactions in May.
The Future of Digital Payments
As the DPDP Act is yet to be fully operationalized, and its rules are still under consultation, these industry requests highlight the tension between stringent privacy requirements and practical business operations in digital payments. The exemption sought aims to avoid operational disruption and cost escalations, especially for recurring transactions and smaller firms, by relaxing the strict consent mandate currently envisioned under the DPDP Act.
MeitY released the draft rules for DPDP on January 3 and invited suggestions from the public till February 8, later extended to March 5. The NPCI has also been reportedly working on an internet of things (IoT) version of the UPI.
In July, UPI transactions jumped 5.8% to 19.47 Bn, touching a new all-time high, accounting for INR 25.08 Lakh Cr, a 4.3% increase from the previous month. The digital payments sector continues to grow, and the outcome of this exemption request could shape its future significantly.
Recurring bills and subscription models could face practical challenges with the DPDP Act's requirement for explicit consent with every transaction, potentially limiting innovation and competition among smaller digital payments companies. The four major players in the Indian digital payments landscape - Google Pay, PhonePe, Amazon Pay, and the National Payments Corporation of India (NPCI) - have collectively sought an exemption to avoid operational disruptions and cost escalations, especially for recurring transactions, under the DPDP Act.
