DPDP Act

Frozen Wallets and Fading Trust: Legal Remedies available in cases of Cryptocurrency frauds and data breach

Summary: This two-part series uses the WazirX cyberattack of July 18, 2024, in which crypto assets worth approximately USD 230 million were stolen from a multisig wallet, as a factual anchor to map the full spectrum of legal remedies available to Indian crypto users whose assets have been frozen, eroded, or subjected to proposed “socialisation” haircuts following a platform breach. Part I examines the criminal, cyber law, and data protection remedies available to crypto users following a platform breach and explains how a layered strategy combining these remedies offers the most effective path.Continue Reading Frozen Wallets and Fading Trust: Legal Remedies available in cases of Cryptocurrency frauds and data breach (Part 1)

Summary: This article is the second part of a two-part series, examining the implications of India’s Digital Personal Data Protection Rules, 2025, on internal investigations conducted by organisations and their legal counsel. While Part I addressed the foundational framework and the applicability of exemptions under the DPDP Act, particularly Section 17(1)(c); Part II focuses on the practical compliance obligations that Data Fiduciaries must navigate during internal investigations, including security requirements, breach notification protocols, data retention and erasure mandates, and cross-border transfer complexities.Continue Reading Implications Of The Digital Personal Data Protection Rules, 2025:  Stoking Internal Investigations – Part II

Implications Of The Digital Personal Data Protection Rules, 2025:  Stoking Internal Investigations – Part I

Summary: India’s Digital Personal Data Protection Rules, 2025, effective November 13, 2025, have fundamentally transformed the regulatory landscape for internal investigations. This analysis is the first part in a two-part series examining the critical compliance challenges facing organisations and law firms navigating data-sensitive proceedings under the new regime.Continue Reading Implications Of The Digital Personal Data Protection Rules, 2025:  Stoking Internal Investigations – Part I

The Right To Be Forgotten: Reclaiming Dignity In Digital Age

Summary: In today’s digital age, the Right to Be Forgotten (RTBF) is emerging as a vital extension of the right to privacy under Article 21. Sparked by the Hon’ble Supreme Court’s landmark Puttaswamy judgment, RTBF seeks to protect individuals from lasting online stigma. While courts have offered relief in select cases, India’s legal framework remains incomplete. The Supreme Court now faces a pivotal decision: can dignity and privacy outweigh open justice in judicial archives? RTBF isn’t just an abstract legal right, it’s a call for redemption, and the right to move on in a world that never forgetsContinue Reading The Right To Be Forgotten: Reclaiming Dignity In Digital Age

Internal Investigations Under the Digital Personal Data Protection Act, 2023

Introduction

The Digital Personal Data Protection Act, 2023 (“Act”), marked a pivotal development in India’s framework for data protection by addressing the longstanding need for safeguarding personal information, data protection, and data handling. Continue Reading Internal Investigations Under the Digital Personal Data Protection Act, 2023