India's Digital Personal Data Protection Act covers over 900 million internet users. Non-compliance penalties reach ₹250 crore. And yet, most businesses...
March 5, 2026
Read
Category: Regulation Update
The Consent Audit — The First Thing Every Business Needs to Do
If you run a business that collects personal data — and in 2025, almost every business does — the most important first step toward DPDPA compliance is ....
March 5, 2026
Read
Data Breaches — What the Notification Obligation Means at Scale
Data breaches in India have historically been underreported. There was no law mandating disclosure, no standard for what constituted a notifiable ....
March 5, 2026
Read
E-Commerce and Retail — When Personalisation Meets Purpose Limitation
India's e-commerce sector has been built, in large part, on the intelligence that comes from data. The ability to show you a product you didn't know ....
March 5, 2026
Read
Fintech and Banking — When Data Minimisation Meets KYC
Indian fintech sits at an unusual intersection under the DPDPA. On one side, financial regulators — the RBI, SEBI, IRDAI — mandate extensive data ....
March 5, 2026
Read
EdTech and Children’s Data — The Parental Consent Challenge
This is not about India’s Edtech industry. Not exactly. India has one of the largest student populations in the world ....
March 5, 2026
Read
DPDPA and Healthcare — Patient Data, Consent, and the Stakes of Getting It Wrong
Of all the sectors that the DPDPA will reshape, healthcare may carry the highest stakes. A person's health data is among the most sensitive ....
March 5, 2026
Read
Why India Needed a Data Protection Law — and Why Now
Think about the last time you signed up for a new app. You tapped "I Agree" without reading a word, and moved on. That data — your name, phone number, ....
November 18, 2024
Read