Digital
Leading with purpose creates wins for consumers, community and country: Hina Nagarajan of Diageo India
How India is catching up on user data protection with DPDPA
India may not have a dedicated cookie law, but the Digital Personal Data Protection Act (DPDPA) sets clear principles for obtaining granular consent from users
India may not have a dedicated cookie law, but the Digital Personal Data Protection Act (DPDPA) sets clear principles for obtaining granular consent from users
The Advertising Standards Council of India (ASCI) Academy, in collaboration with PSA Legal and Tsaaro Consulting, has released a comprehensive white paper titled 'Navigating Cookies: Recalibrating your cookie strategy in light of the DPDPA' to commemorate Data Privacy Day. The white paper explains in detail how granular consent takes shape in India towards building better privacy standards.
India may not have a dedicated cookie law, but the Digital Personal Data Protection Act (DPDPA) sets clear principles for obtaining granular consent from users, especially in cookie banners and privacy statements. Since cookies collect and store user data, consent under the DPDPA must comply with Sections 5 and 6 of the Act.
Under Section 5(1)(i), data fiduciaries must provide users (referred to as "data principals") with a notice outlining the personal data being collected and the purpose of its use before requesting consent. This mirrors Article 6(1)(a) of the GDPR, which requires data subjects to be informed about each purpose for processing their data before giving consent.
Section 6(1) of the DPDPA highlights that consent must be free, specific, informed, unambiguous, and given explicitly for a specific purpose. It further limits the use of personal data to that stated purpose alone. Moreover, Section 6(3) mandates that consent requests must be presented in plain, simple language, ensuring clarity for users. Importantly, under Section 6(4), users retain the right to withdraw their consent at any time.
These provisions align closely with Article 4(11) and Article 7 of the GDPR, which define consent as freely given, specific, informed, and unambiguous. The GDPR also requires that consent requests be clear, accessible, and understandable, and ensures users can withdraw consent whenever they wish.
The DPDPA’s emphasis on specificity and clarity ensures compliance with global standards, paving the way for the adoption of granular consent mechanisms in India.
SPOTLIGHT
At the Storyboard18 DNPA Conclave 2025, Union Minister Ashwini Vaishnaw spotlighted the critical role of traditional media in an evolving digital landscape. He emphasized that such gatherings can aid the govt in formulating more effective policies for a balanced and sustainable media ecosystem.
Read MoreIN PHOTOS: At Global Pioneers Summit, visionaries chart the future of business and creativity
From the chiefs of Nestle, Diageo, Colgate, PepsiCo, Zetwerk and CRED to AI visionaries, marketing mavens, top creators, ad legends and leading global agencies' CEOs, the brightest minds converged at the Storyboard18 Global Pioneers Summit for an action-packed day of meaningful dialogues on creativity, commerce and culture.