Search

India’s new data law misses critical protections for users of assistive technologies, raising concerns over consent and data minimisation

Robust data protection measures need to govern fintech solutions in India, and certain immediate short-term adjustments could accelerate this process

India’s consent-driven data rules may unintentionally hinder AI by limiting access to the large datasets essential for training

भारताच्या डेटा स्थानिकीकरण आणि डेटा सार्वभौमिकतेच्या ध

While India’s data localisation and data sovereignty policy will bolster AI and cloud infrastructure, this will make it difficult for local small an

India’s regulatory approach to fintech demonstrates a balanced concern for both technological advancement and consumer rights

Fintech companies are using alternative data to create new credit-scoring systems, expanding access to credit and fostering economic empowerment despi

पाळत ठेवण्याच्या तंत्रज्ञानाचे सकारात्मक परिणाम दिसत अ

Although there are positive results of surveillance technology, questions regarding the invasion of privacy are being raised.

The absence of oversight mechanisms to curtail the misuse of technologies by the State carries big risks for the citizens.

The recent iteration of Digital Personal Data Protection Bill has welcome changes, however, has lacunae that needs to be addressed

Responsible and ethical AI is premised on an infrastructure of trust; it is imperative that accountability and governance frameworks establish transpa

In the coming years, many will be watching to see whether mobile network operators will manage to retain the 2.8 million new mobile money subscribers

Third party data collection — whatever the motivation — has the potential to blur the lines between data privacy and complete identification.

While the geopolitical contestation in emerging technologies will continue, the importance of strengthening policies towards network security cannot b

Any new framework for non-personal data must consider that data is not just an economic resource to be commodified, neither is it an instrument of sov

As we move more towards a cash-flow based system of lending, companies are building their own risk assessment models for borrowers using both payment

As technology evolves and new solutions emerge, governments have taken greater interest in regulatory matters, particularly in Indo-Pacific economies

While India is still in its nascent stages in the evolution of its health data ecosystem — it is important to diagnose some of the early challenges

As India still does not have a Personal Data Protection law in place, it would be unwise to expand the scope of Aarogya Setu far beyond its original p

African countries should learn from mistakes that have already been made while pursuing their own path in Internet security.

The requirement of retaining one “serving copy” of all personal data collected within India is shrouded in mystery.

The Ministry of Electronics and Information Technology (MeitY), Government of India, released the draft Digital Personal Data Protection Rules, 2025 (DPDP Rules) in early January this year and invited feedback by 5 March 2025. On 18 February 2025, MeitY organised a consultative session on the draft DPDP Rules; the event, held in New Delhi, was attended by the Observer Research Foundation (ORF). Based on the consultative session and discussions wi

Will data localisation — or a diluted mirroring requirement — serve India’s strategic interests as outlined in the Srikrishna Committee’s report? Moving forward, how can India build data ecosystems that not only feed back into domestic innovation but also protect user privacy at scale keeping in mind the interests of the private sector?

The new Digital Personal Data Protection Act (DPDPA) is market-friendly but is lacking in attention to privacy requirements for sensitive personal data. This report highlights three types of sensitive personal data—i.e., biometric, financial, and health—and emphasises the need for transparent consent mechanisms that will safeguard an individual’s data. It underscores the role of data fiduciaries, urging the formulation of clear operational

The recommendations are based on a stakeholder consultation organised by ORF on 1 December 2022. Although the authors have made the best efforts to give voice to the concerns of various stakeholder groups, this is not a consensus document and does not attribute comments to, or claim to represent, the positions of any individual or organisation. All statements, assertions or factual errors are attributable only to ORF.

Ensuring contestability and fairness in India’s digital market—one of the world’s most prominent—is critical to ensuring consumer welfare. This paper outlines a legal and regulatory framework that can ensure contestability and fairness in the Indian digital market.  The paper identifies the following elements of this toolkit: (i) competition law; (ii) ex-ante regulation for digital gatekeepers; (iii) laws for increased transparen

Kazim Rizvi and Shravishtha Ajaykumar, Eds., Privacy in Practice: Strategies for Data Management in India, January 2025, Observer Research Foundation.

Privacy and democracy have always had an uneasy relationship in India. However, now India has a unique opportunity to evolve a progressive and expansive legislation on privacy and protection of personal data. The report of the experts group chaired by Justice Ajit Prakash Shah is a good starting point.

पाच वर्षांतील विविध मसूदे, सल्लामसलती व मुत्सद्देगिरीचा परिपाक म्हणून जरी डीपीडीपी कायद्याकडे पाहिले जात असले तरी एका ठोस उपायापेक्षा या उपायापर्यंत पोहोचण्याची ही सु