Introduction India’s new era of digital accountability has begun with the introduction of Digital Personal Data Protection Act, 2023 (hereinafter referred to as “DPDPA“) which is expected to be implemented in the near future. The legislation establishes a comprehensive framework on the collection, use, storage, and transfer of an individual’s personal data. For some organizations,…
INTRODUCTION In recent years, cloud service providers and telecommunications companies have increasingly become prime targets of cyber-attacks due to the extensive amounts of sensitive data they store and manage. These sectors hold critical customer information, business secrets, and infrastructure details that are highly valued by cybercriminals. The frequency and scale of data breaches in cloud…
INTRODUCTION In the era of digital transformation, multinational corporations increasingly rely on integrated HR platforms, shared service centers, and global cloud-based tools to manage their workforce. India, with its immense and skilled talent pool, frequently serves as a key hub for employment, making the mapping and management of India-based employee data a business and legal…
INTRODUCTION In today’s interconnected digital economy, organizations collaborate with a complex network of vendors, ranging from IT service providers and cloud platforms to payment processors and outsourced HR and marketing firms. These vendors often handle vast volumes of personal and sensitive data, making vendor due diligence and robust data protection contractual safeguards essential for legal…
Introduction Loyalty programs form the bedrock of customer retention and promotion strategies in Indian retail and e-commerce. They help in understanding and predicting customer behaviour. Loyalty programs also collect and analyze vast troves of personal data. This includes mobile numbers, transaction histories, geolocation, and behaviour insights. The Digital Personal Data Protection Act, 2023 (“DPDPA”), has…
INTRODUCTION The Digital Personal Data Protection (hereinafter referred to as “DPDP”) Act, 2023, represents a landmark statutory framework aimed at safeguarding the privacy of individuals’ digital personal data in India. Enacted on August 11, 2023, and expected to be operationalized in phases by 2025, this is India’s first comprehensive data protection law, superseding previous patchwork…
Introduction In recent years, a new monetization strategy has emerged in digital services: the “consent-or-pay” model. Under this approach, users of a platform are given a binary choice: either agree to pervasive data collection and personalized advertising (consent) or pay a fee for an ad-free experience. One recent example of this model is Meta’s “pay-or-consent”…
INTRODUCTION Consent in healthcare is no longer a matter of routine paperwork. It has become a statutory and governance obligation under India’s Digital Personal Data Protection Act, 2023 (“DPDP Act”), the National Digital Health Mission (“NDHM”), and the oversight of ethical guidelines in medical practice. Hospitals and clinics are data fiduciaries. They carry a direct…
INTRODUCTION India’s e-commerce industry is undergoing rapid and significant expansion. With widespread internet access and the normalisation of digital payments, online retail has evolved from a mere convenience to an essential service. The sector is expected to cross USD 350 billion by 2030, establishing it as a central pillar of the nation’s digital economy. However, this…
INTRODUCTION Artificial Intelligence (“AI“) chatbots are becoming integral to our everyday lives as educational resources and even psychological aides. Their design and conversational mechanisms attract the young and adolescent demographic, who are looking for help and communication in the digital world. The recent lawsuit filed by the parents of a teenager against OpenAI, alleging that…
The Paradigm Shatter: Understanding India’s Negative List Breakthrough Every major data protection framework from GDPR to China’s Cybersecurity Law operates on a restrictive foundation. Likewise, under the Digital Personal Data Protection Act,2023(DPDPA), the data of “Data Principal”( Subject Data in GDPR) cannot cross borders unless specific conditions are met. The European Union’s “adequacy decisions”…
INTRODUCTION In the modern-day economy, data is no longer an afterthought of a business, it has become an invaluable resource. It is the currency that drives commerce, innovation, and consumer confidence. In this regard, the question of where data should reside is polarizing governments, businesses, and consumer trust. The increasing number of cyber threats, evolving…
INTRODUCTION In the digital era, the term data has evolved for businesses spread across various economic sectors. The rise of e-commerce, fintech, and digital startups has led to massive personal data collection, making privacy a central concern. In a landmark step and paramount legislation, Indian legislators have passed the Digital Personal Data Protection Act (hereinafter…
In the case of PhonePe Private Limited v. State of Karnataka & Ors. (W.P. No. 3757 of 2023), (GM-Police), pronounced on 29 April 2025, the Hon’ble Karnataka High Court (“HC”) was confronted with a critical question at the intersection of fintech regulation, privacy, and police investigative powers. BACKGROUND: THE REGULATORY FLASHPOINT PhonePe Private Limited…
INTRODUCTION The digitalization of workplaces has been one of the most profound advancements of the 21st century. As remote work, cloud infrastructure, instant messaging platforms, and employee productivity tools gain popularity, organizations now operate in highly networked environments. While this digitization enhances flexibility and scalability, it has also enabled extensive workplace surveillance. Increasingly, employers are…
Disclaimer & Confirmation
As per the rules of the Bar Council of India, law firms are not permitted to solicit work and advertise. By clicking on the “I AGREE” button below, user acknowledges the following:
However, the user is advised to confirm the veracity of the same from independent and expert sources.
