International Journal of Arts, Commerce, Science and Technology

The rapid expansion of digital technologies in India has significantly increased concerns over data privacy and protection, prompting the evolution of cyber laws to address emerging cyber risks. The Information Technology Act, 2000, along with its 2008 amendment and subsequent rules, forms the foundational legal framework for regulating data governance, preventing unauthorized access, and ensuring accountability for data breaches. Despite these developments, existing cyber laws remain fragmented and insufficient to cope with advanced cybercrime, large-scale data processing, and cross-border data transfers. The emergence of the Digital Personal Data Protection Bill, 2022, marks a progressive step toward establishing comprehensive safeguards aligned with global standards such as the EU GDPR. However, challenges persist in areas including enforcement, breach notification, and data localization. This study examines the historical evolution, statutory provisions, and enforcement mechanisms of Indian cyber laws while assessing their impact on personal data protection. It highlights the necessity for strengthened regulatory frameworks to balance technological advancement, national security, and individual privacy rights in the digital era.