UPSC Prelims Practice Questions — The elephant in India’s data room
Q1. With reference to the Digital Personal Data Protection (DPDP) Rules, 2025, consider the following statements: Which of the statements given above is/are correct?
- The Data Protection Board of India is designed to function as a fully digital body.
- The Board is to consist of four members.
- Appeals against the decisions of the Board lie directly with the Supreme Court of India.
- The DPDP Rules, 2025 were notified by the Ministry of Electronics and Information Technology.
- A. 1 and 2 only
- B. 2 and 4 only
- C. 1, 2 and 4 only
- D. 1, 3 and 4 only
Q2. Under which one of the following statutes has the Data Protection Board of India been established?
- A. Information Technology Act, 2000
- B. Digital Personal Data Protection Act, 2023
- C. Telecommunications Act, 2023
- D. Bharatiya Nagarik Suraksha Sanhita, 2023
Q3. With reference to India's data-governance architecture, consider the following statements. Which of the statements given above is/are NOT correct?
- data.gov.in was launched in 2012 under the National Data Sharing and Accessibility Policy (NDSAP).
- The National Data and Analytics Platform (NDAP) is an initiative of NITI Aayog.
- The Digital Personal Data Protection Act was enacted by Parliament in 2023.
- The National Statistical Commission functions under the Ministry of Electronics and Information Technology.
- A. 1 and 4 only
- B. 2 and 3 only
- C. 3 only
- D. 4 only
Q4. Which one of the following is the nodal Union Ministry for the implementation of the Digital Personal Data Protection Act, 2023?
- A. Ministry of Statistics and Programme Implementation
- B. Ministry of Electronics and Information Technology
- C. Ministry of Home Affairs
- D. Ministry of Law and Justice
Q5. With reference to the National Data Sharing and Accessibility Policy (NDSAP), 2012 and the Digital Personal Data Protection (DPDP) Rules, 2025, consider the following statements: Which of the statements given above is/are correct?
- The NDSAP, 2012 deals primarily with sharing of non-personal government data, whereas the DPDP Rules, 2025 deal with processing of digital personal data.
- Unlike the DPDP Rules, 2025, the NDSAP, 2012 was issued under a parent statute enacted by Parliament.
- The DPDP Rules, 2025 establish a statutory adjudicatory body in the form of the Data Protection Board of India, whereas the NDSAP, 2012 did not create any equivalent body.
- A. 1 only
- B. 1 and 3 only
- C. 2 and 3 only
- D. 1, 2 and 3