Data Protection
Privacy cannot be confined to legal or compliance teams: Ashok Hariharan
IDfy's Ashok Hariharan says privacy must move beyond checkbox consent, with firms embedding accountability, governance and breach readiness into everyday operations
 "Privacy cannot be confined to legal or compliance teams: Ashok Hariharan")
USTR flags issues in DPDP Act, IT Rules provisions impacting firms
USTR flags lack of deemed consent for credit information firms under DPDP Act, says provisions and data rules may affect operations of US credit bureaus in India
 "USTR flags issues in DPDP Act, IT Rules provisions impacting firms")
It will be reasonable to go slow on AI regulations, says Jules Polonetsky
Jules Polonetsky says India's DPDP Act lays a workable foundation for AI governance, even as global consensus on regulation remains elusive
 "It will be reasonable to go slow on AI regulations, says Jules Polonetsky")
Proposed DPDP timelines a challenge: Meta's Chief of Global Policy
Martin, who was in India to attend the AI Impact Summit, also said the AI talent base in India was unparalleled
 "Proposed DPDP timelines a challenge: Meta's Chief of Global Policy")
SC issues notice to Centre on plea challenging 2023 data protection law
The Supreme Court on Monday issued a notice to the Centre on a plea challenging the constitutional validity of several provisions of the Digital Personal Data Protection (DPDP) Act, 2023. The plea, moved by The Reporters' Collective and renowned journalist Nitin Sethi, argues that the new data regime severely dilutes the Right to Information (RTI) Act and grants the Centre "sweeping powers" over personal data. A bench comprising Chief Justice Surya Kant and justices Joymalya Bagchi and Vipul M Pancholi, while agreeing to examine the legal complexities of the Act, refused to grant an interim stay on the impugned provisions. Representing the petitioners, advocate Vrinda Grover said that the Act lacks surgical precision in its attempt to protect privacy. "Instead of using a chisel, (the legislature) has used a hammer, and has thus rendered a body blow (to RTI), " the senior lawyer said. The petition said the DPDP Act creates a blanket bar on the disclosure of personal information, ..
 "SC issues notice to Centre on plea challenging 2023 data protection law")
India's AI moment: Summit can pave the way for accountable AI at scale
As AI adoption accelerates, India's AI Impact Summit aims to shape global rules, attract capital, and offer a Global South alternative to US- and China-led models
 "India's AI moment: Summit can pave the way for accountable AI at scale")
US investigates claims Meta could access private WhatsApp messages
Meta has previously been accused of running afoul of rules meant to protect user privacy, including several data and privacy mishaps that ultimately led to a record $5 bn fine by the US FTC in 2019
 "US investigates claims Meta could access private WhatsApp messages")
Zero trust is pervasive, but gaps remain on emerging cybersecurity threats
As AI adoption accelerates, zero-trust security, continuous monitoring, and stronger customer awareness are critical to counter deepfakes, fraud, and evolving cyber threats
 "Zero trust is pervasive, but gaps remain on emerging cybersecurity threats")
KPMG expert’s analysis of DPDP
In this session of Guru gyaan, Akhilesh Tuteja, Partner & National Leader, Clients and Markets, KPMG in India, explains the DPDP rules and why it matters to BSchool students
 "KPMG expert’s analysis of DPDP")
Will give data to restaurants with user consent: Food delivery firms
Zomato, Swiggy and other delivery firms say customer phone numbers will be shared with restaurants only after clear opt-in consent
 "Will give data to restaurants with user consent: Food delivery firms")
UIDAI to launch new app to allow for QR-code-based offline verification
UIDAI will launch a mobile app for consent-based Aadhaar verification via QR codes, ending the use of photocopies and allowing users to share only required details under the DPDP Act
 "UIDAI to launch new app to allow for QR-code-based offline verification")
India's DPDP rules: Govt in talks with industry to slash compliance time
Ashwini Vaishnaw said the Centre is consulting industry to cut the 18-month window for implementing new data protection requirements
 "India's DPDP rules: Govt in talks with industry to slash compliance time")
DPDP rules 2025: Why Indian businesses must act now on data compliance
The notification of the Digital Personal Data Protection Rules 2025 on November 13, 2025, marks a significant milestone in India's journey towards a harmonised data privacy regime
 "DPDP rules 2025: Why Indian businesses must act now on data compliance")
India's DPDP rules explained: Here's how your personal data will be handled
The new DPDP rules will be introduced over the next 18 months to give organisations time to adapt to the guidelines.
DPDP Act: IT services firms likely to have a short learning curve
Despite higher compliance costs, India's top IT firms expect minimal disruption from DPDP Rules 2025, leveraging years of experience with global data-privacy frameworks
 "DPDP Act: IT services firms likely to have a short learning curve")
DPDP rules: Training AI models using data likely to need a rethink
The new rules require informed consent along with easy provisions to revoke it for any personal data processing
 "DPDP rules: Training AI models using data likely to need a rethink")
Social Security whistleblower quits after alleging data mishandling by DOGE
A Social Security official who has filed a whistleblower complaint alleging the Department of Government Efficiency officials mishandled Americans' sensitive information says he's resigning his post because of actions taken against him since making his complaint. Charles Borges, the agency's chief data officer, alleged that more than 300 million Americans' Social Security data was put at risk by DOGE officials who uploaded sensitive information to a cloud account not subject to oversight. His whistleblower disclosure was submitted to the special counsel's office on Tuesday. In a letter to SSA Commissioner Frank Bisignano, Borges claimed that since filing his whistleblower complaint, the agency's actions make his duties impossible to perform legally and ethically and have caused him physical, mental and emotional distress. After reporting internally to management and externally to regulators, serious data and security and integrity concerns impacting our citizens' most sensitive ...
 "Social Security whistleblower quits after alleging data mishandling by DOGE")
Data protection rules likely by year-end, says DSCI chief Vinayak Godse
DSCI chief Vinayak Godse says this will pave way for rollout of the data privacy law
 "Data protection rules likely by year-end, says DSCI chief Vinayak Godse")
New Cloud lobby seeks 'national asset' status for India's strategic data
B-DIA is further lobbying for mandatory government-backed data backups, physical audits, and source code access from all foreign vendors operating in sovereign sectors
 "New Cloud lobby seeks 'national asset' status for India's strategic data")
Overlapping concerns, multi-sector impact delaying data protection law
The Digital Personal Data Protection (DPDP) Act has been delayed due to non-release of administrative rules; govt may undertake another round of inter-ministerial consultations to weed out any errors