MCQ
Digital Personal Data Protection (DPDP) Rules, 2025 MCQ - Practice Questions with Answers
Solve 5 Digital Personal Data Protection (DPDP) Rules, 2025 questions for RAS/RPSC preparation.
Practice questions
Q1On which date were the Digital Personal Data Protection Rules, 2025 notified by the Government of India?
The Government of India notified the Digital Personal Data Protection Rules, 2025 on 14 November 2025. The notification gave effect to the framework of the DPDP Act, 2023; the PIB backgrounder carrying this fact was published later, on 17 November 2025.
Q2Which institution hears appeals against decisions of the Data Protection Board of India under the digital personal data protection framework?
The Telecom Disputes Settlement and Appellate Tribunal, commonly referred to as TDSAT, is the designated appellate authority. It hears appeals against decisions of the Data Protection Board of India, while the Board itself handles compliance inquiries and complaints digitally.
Q3Consider the following statements about the Digital Personal Data Protection Rules, 2025: 1. The Data Protection Board of India is designed as a fully digital body with 4 members. 2. Data Fiduciaries must address requests concerning access, correction, updating or erasure within a maximum of 90 days. Which of the statements given above is/are correct?
Both statements are correct. The Data Protection Board of India is a fully digital body comprising 4 members, with online complaint filing and case tracking. Data Fiduciaries must also address requests for access, correction, updating or erasure within a maximum period of 90 days.
Q4Match List I with List II and select the correct answer using the code below. List I (Default) 1. Failure to maintain reasonable security safeguards 2. Failure to notify a personal data breach or violation of obligations relating to children 3. Any other violation by a Data Fiduciary List II (Maximum penalty) a. ₹50 crore b. ₹200 crore c. ₹250 crore
The correct matching is 1-c, 2-b and 3-a. Failure to maintain reasonable security safeguards can attract up to ₹250 crore. Failure to notify a breach or a violation of obligations relating to children can attract up to ₹200 crore, while another violation by a Data Fiduciary can attract up to ₹50 crore.
Q5Which of the following is incorrect regarding the protection of children's personal data under the Digital Personal Data Protection Rules, 2025?
Option C is incorrect. The Rules ordinarily require verifiable consent from a parent or guardian before a child's personal data is processed; the specified exceptions concern essential services such as healthcare, education and real-time safety. They do not create an unrestricted permission for commercial profiling.
You've seen 5 of 5 sample questions
Unlimited practice on Digital Personal Data Protection (DPDP) Rules, 2025 comes with the RAS Test Series + Practice pack or Gate Pass.
