GSTIN and Personal Data Under India’s DPDPA 2023: A Detailed Analysis
Is a GSTIN personal data under the DPDPA? The answer is not a simple yes or no. It…
Anonymous Today, Known Tomorrow
Stripping names from data used to be enough. In the age of AI, it no longer is —…
Building Case for Standardizing DPDPA Consent Notices
Why India’s data protection regime needs a design framework, not just legal text When Legal Compliance meets Design…
The Hidden Compliance Cost: Cost of Data Request
A data-driven analysis of the operational economics of privacy request fulfilment in the Indian enterprise context When Indian…
Employee Data Privacy in India: What the DPDP Act Says About Employer Access
India’s data privacy landscape changed significantly when the Digital Personal Data Protection Rules, 2025 (DPDP Rules) were notified…
Difference between DPDPA & GDPR
Explore the differences between the DPDPB and the European Union's General Data Protection Regulation (GDPR), including their scope and applicability.
Meaningful Consent: What Does India’s DPDPA Actually Require?
Section 5 of the Digital Personal Data Protection Act demands clear, informed consent. But when does transparency cross…
AI, LLMs, and Consent: The Looming Challenge for India’s DPDP Act
Consider an application that generates personalised study plans. Or a chatbot that writes your job application. Or a…
From SMS to RCS: The Evolution of Spam in India
If you have checked your inbox in Android recently, you may have noticed messages that are not just…
When “Sign in with Google” Becomes “Google Acting as the User”: What the Recent Lawsuits Mean for Indian Regulation
A spate of high-profile lawsuits and settlements against Google over its data collection practices has shifted the public…