No signup. No paywall. No catch.One of our 10 most-requested practitioner modules — published in full so anyone can learn for free. We earn through consulting, not by gating knowledge.
Why this module exists. DPDP §9 is the strictest section of the Act. It prohibits behavioural tracking of children, prohibits targeted advertising to children, and requires verifiable parental consent for processing children’s data.
Why this module exists. DPDP §9 is the strictest section of the Act. It prohibits behavioural tracking of children, prohibits targeted advertising to children, and requires verifiable parental consent for processing children’s data. Indian edtech, social media, gaming, and even general e-commerce all touch this section. The penalties for §9 violations are uncapped relative to other violations.
Who is a “child” under DPDP
Under §2(g), a child is an individual under 18 years of age. Not 13, not 16 — 18.
This is stricter than COPPA (US, under 13), GDPR-K (EU, under 16 by default; states can lower to 13), and most international precedents.
Want this for your team?
Custom team training + practitioner advisory
Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.
