Summary: This article is the second part of a two-part series, examining the implications of India’s Digital Personal Data Protection Rules, 2025, on internal investigations conducted by organisations and their legal counsel. While Part I addressed the foundational framework and the applicability of exemptions under the DPDP Act, particularly Section 17(1)(c); Part II focuses on the practical compliance obligations that Data Fiduciaries must navigate during internal investigations, including security requirements, breach notification protocols, data retention and erasure mandates, and cross-border transfer complexities.Continue Reading Implications Of The Digital Personal Data Protection Rules, 2025: Stoking Internal Investigations – Part II
Implications Of The Digital Personal Data Protection Rules, 2025: Stoking Internal Investigations – Part I
Summary: India’s Digital Personal Data Protection Rules, 2025, effective November 13, 2025, have fundamentally transformed the regulatory landscape for internal investigations. This analysis is the first part in a two-part series examining the critical compliance challenges facing organisations and law firms navigating data-sensitive proceedings under the new regime.Continue Reading Implications Of The Digital Personal Data Protection Rules, 2025: Stoking Internal Investigations – Part I