data protection

Deepfake Rules Mark a Thoughtful Turn

/ Blog, data protection, Featured Posts, Information Technology Act, Technology Law /

Introduction India is facing a surge in AI-generated content (including deepfakes), causing reputational abuse, financial fraud, and electoral/ political misinformation. To counter this, the Ministry of Electronics & IT (“Meity”) released the draft amendments to the Information Technology (Intermediary Guidelines and Digital Media Ethics) Rules, 2021 (“IT Rules, 2021”), which propose a due diligence mechanism […]

Deepfake Rules Mark a Thoughtful Turn Read More »

Interpreting “In Relation To”: Towards a Functional Test for Personal Data under India’s DPDP Act

/ Featured Posts, Blog, data protection /

Introduction The Digital Personal Data Protection Act, 2023 (“DPDP Act”) is India’s first dedicated data privacy law. The Act applies only to digital personal data, leaving out other categories of data from its ambit. However, even in this limited category, the meaning of personal data is not entirely clear. Section 2(t) of the act defines

Interpreting “In Relation To”: Towards a Functional Test for Personal Data under India’s DPDP Act Read More »

Artificial Empathy, Tangible Risks: Consent, Confidentiality and Compliance in AI-Enabled Therapy

/ Blog, Artificial Intelligence, data protection, Featured Posts, Technology Law /

Introduction Recently, approximately 1.5 million regular users of the mental health chatbot ‘Woebot’ were confronted with the platform’s termination. Founder Alison Darcy cited regulatory hurdles coupled with the immense disparity between the pace at which Artificial Intelligence (“AI”) and legal frameworks are evolving as reasons for Woebot’s discontinuation. While accessibility and timely responses are being

Artificial Empathy, Tangible Risks: Consent, Confidentiality and Compliance in AI-Enabled Therapy Read More »

RBI’s 2025 Digital Lending Directions: A New Framework for Trust and Transparency

/ Blog, digital, Featured Posts, RBI /

Abstract The Reserve Bank of India (Digital Lending) Directions, 2025 aims at enhancing transparency, borrower protection, and systemic accountability, marking a significant evolution in regulating the digital lending industry from not only a financial but also from a data-governance perspective. This article analyses the key changes introduced and critically evaluates their strengths and drawbacks. While

RBI’s 2025 Digital Lending Directions: A New Framework for Trust and Transparency Read More »

Bridging Regulatory Gaps for PwDs in Data Protection Rules 2025

/ Blog, data protection, digital, Featured Posts /

Introduction The much awaited draft Digital Personal Data Protection Rules 2025 (“DPDP Rules”) have been finally released for public consultation by the Ministry of Electronics and Information Technology (“MEITY”). There are several issues lawyers and activists are flagging on the implementation and clarity of specific rules read with the Digital Personal Data Protection Act 2023

Bridging Regulatory Gaps for PwDs in Data Protection Rules 2025 Read More »

India’s Draft Data Protection Rules 2025: An analytical primer of what lies ahead in the Indian Privacy Paradigm: Part II

/ Privacy, Blog, data protection, digital, Editorial Board Post, Featured Posts /

Introduction  The introduction of the Draft Data Protection Rules 2025 (“Draft Rules”) under the Digital Personal Data Protection Act, 2023 (“DPDPA”) marks a significant step in India’s data protection journey. In the previous part of the article, we looked at the provisions and rules related to the protection of Children’s Data, intimation of personal data

India’s Draft Data Protection Rules 2025: An analytical primer of what lies ahead in the Indian Privacy Paradigm: Part II Read More »

India’s Draft Data Protection Rules 2025: An analytical primer of what lies ahead in the Indian Privacy Paradigm: Part 1

/ Privacy, Blog, data protection, digital, Featured Posts /

Introduction The Draft Digital Data Protection Rules, 2025 (DPDP Rules), enacted under the framework of the Digital Data Protection Act, 2023 (Principal Act), signify a landmark shift in India’s approach to digital privacy and data governance. These rules offer a structured mechanism for addressing contemporary challenges, particularly in the domains of children’s data, breach management,

India’s Draft Data Protection Rules 2025: An analytical primer of what lies ahead in the Indian Privacy Paradigm: Part 1 Read More »

A Functional Taxonomy On Online Intermediaries In India

/ Blog, Commercial Law, digital, E-Commerce, Featured Posts /

  Introduction The 21st century has witnessed the rapid proliferation of online intermediaries. However, this expansion has also exposed significant regulatory gaps, particularly in how these platforms are legally classified and held accountable. The current Indian taxonomy largely treats intermediaries as passive facilitators, granting them negative or limited liability under the assumption that they do

A Functional Taxonomy On Online Intermediaries In India Read More »

BNPL in India: A Convenient Solution with a Dark Side

/ BNPL, Blog, Featured Posts, Fintech, RBI /

In this post, the author addresses the exponential growth of India’s fintech sector, particularly highlighting the rise of Buy Now Pay Later (BNPL) services driven by a lack of specific regulatory frameworks. They elucidate how while some companies offering BNPL are under NBFC regulations, there’s a need for tailored guidelines to oversee and protect consumers engaging in BNPL transactions. The article further discusses the burgeoning concerns in India’s BNPL market, advocating for a more encompassing regulatory approach to mitigate issues like transparency, fraud, and data protection, aiming to bolster consumer confidence and legitimacy in these services.

BNPL in India: A Convenient Solution with a Dark Side Read More »

THE NEW PRIVACY REGIME FOR STARTUPS A DREAMY VISION OR A WAKE up call

The New Privacy Regime For Startups: A Dreamy Vision or a Wake-up Call?

/ data protection, Blog, Featured Posts, Privacy /

In this post, the Author aims to delve into a complete analysis of what changes have been introduced (in the form of duties of Data Fiduciaries) that will cause corporate data processors to up their game, with a special focus on the position of Startups in the status quo, and the exemptions with respect to the desirability of the same vis-à-vis rights of citizens under the Privacy Law.

The New Privacy Regime For Startups: A Dreamy Vision or a Wake-up Call? Read More »