Author: Aman Verma

In October 2025, reports emerged from Ahmedabad about large-scale irregularities in clinical drug trials conducted on human volunteers. Investigations later revealed that several pharmaceutical companies and intermediary Clinical Research Organisations (CROs) had been running multiple trials simultaneously, often through unauthorised private...

India formally enforced the Digital Personal Data Protection Act, 2023 (DPDPA) on November 14, 2025. The Act applies horizontally to all entities operating in India across both B2B and B2C contexts where personal data is processed, irrespective of the scale of such...

Under the Digital Personal Data Protection Act (DPDPA) also, any data related to the inherited or acquired genetic characteristics of a natural person can be considered as “personal data”. And since it is personal data which is capable of identifying any person, the processing of this is now subject to the compliances of the newly released...

Unlike the legal profession, the medical profession and medical institutions in India are not regulated solely by laws made by Parliament. In India, a typical healthcare provider or medical practitioner is subject to an interplay of central and state laws. This is because the healthcare regulatory landscape in India is fragmented across central...

This paper explores the growing data privacy concerns surrounding in-vitro fertilization (IVF) clinics and the evolving responsibilities these clinics face in managing sensitive patient information. It aims to understand how privacy practices within IVF facilities operate under their existing regulatory framework particularly the Assisted...

The Digital Personal Data Protection Act, 2023 (DPDPA) has been made in force as of 14.11.20252 with the DPDP Rules, 2025 being released by the Central Government on that very day. The DPDP Rules, 2025 have further clarified on the registration and obligations of consent manager. This article goes into understanding how the DPDP Rules, 2025...

The Digital Personal Data Protection (DPDP) Rules, 2025 – framed under Digital Personal Data Protection Act (DPDPA) – have been released as of November 13, 2025. The Rules are somewhat similar to the draft version which was shared on January 3, 2025 for...

Traditionally, law firms in India have operated in a largely self-regulated environment, governed by professional bodies like the Bar Council of India (BCI). They are rarely the subject of litigation themselves and typically feature in legal proceedings only as representatives of...

India’s Digital Personal Data Protection Act, 2023 (DPDPA), imposes uniform data protection obligations across sectors, significantly affecting healthcare, pharma, and biotech firms due to their use of sensitive personal data. Section 17(2)(b) provides limited exemptions for “research, archiving, or statistical purposes,” which some stakeholders...

In 2023, two significant regulatory developments reshaped India’s digital legal framework. First was the Digital Personal Data Protection Act, 2023 (DPDPA)1 India’s novel data privacy law enacted on 13-8-2023. The second was the Guidelines for Prevention and Regulation of Dark Patterns, issued on 30-11-20232 under the Consumer Protection Act,...