We are excited to share a brand-new episode of the PrivacyRules Privacy Espresso series, where we explore global developments in privacy, data protection, cybersecurity, and technology-driven risks.
In this episode, Alessandro welcomes Stephen Matthias, Head of the Bangalore office at Kochhar & Co and Co-Chair of the firm’s Technology Law Practice, to discuss the major updates coming from India with the implementation of the new Indian Data Protection Board and the staged entry into force of the Digital Personal Data Protection Act (DPDPA).
Stephen walks us through the key milestones just announced — including the recent notification of the statute, the timeline for the Board’s formation, and the important dates that data controllers and processors must already mark on their calendars. He also breaks down the core structure of the DPDPA, how it differs from the GDPR, why consent will be the central ground of processing in India, and what the new “consent manager” role means for businesses operating in such a vast SME-driven market.
The conversation also touches on India’s stringent data-breach notification framework, the limits of the Board’s delegated powers compared to counterparts like the EDPB, and what companies — both Indian and multinational — should start doing now to prepare for full enforcement by May 2027.
It’s an insightful and practical overview of one of the most important regulatory developments in the region.
Listen to the full episode now and stay ahead of India’s upcoming compliance requirements. 👉 https://bit.ly/4pHPayx