Notes from the Asia-Pacific region: India’s regulatory heat wave hits privacy, AI, dark patterns

Staff Editor 2026-06-04
Notes from the Asia-Pacific region: India’s regulatory heat wave hits privacy, AI, dark patterns

Notes from the Asia-Pacific region: India’s regulatory heat wave hits privacy, AI, dark patterns

https://iapp.org/news/a/notes-from-the-asia-pacific-region-india-s-regulatory-heat-wave-hits-privacy-ai-dark-patterns

Publish Date: 2026-06-04 15:59:00

Source Domain: iapp.org

It has been a brutal summer here in India — where it starts early and temperatures touch 50 degrees Celsius in some parts of the country. What keeps the average Indian going during the peak month of May is cricket’s Indian Premier League, the second-richest sports league in the world by per-match value, trailing only America’s National Football League. And, of course, we have the king of fruit — Mangos.

There is no off season for India’s digital governance landscape, however. The past month has been action packed.

The big news that did not garner the attention it should have is that full enforcement of India’s Digital Personal Data Protection Act is now one year away. On 13 May 2027, all key compliance obligations under the DPDPA will kick in — consent management, data principal rights, security safeguards, breach reporting and the full penalty regime, with fines of up to INR2.5 billion. The clock is now ticking loudly.

There are important intermediate deadlines, too. The consent manager registration framework becomes mandatory 13 Nov. — less than six months away. And the Data Protection Board is getting ready, as well. The board’s budget was increased fivefold — from INR20 million to INR100 million — in the Union Budget 2026, a clear signal that the enforcement machinery is being operationalized.

Another fascinating trend became unmistakable this month: multiple Indian regulators are now addressing the issue of dark patterns. The core issues are manipulative design, inadequate consent and poor data governance. The result is a web of overlapping compliance obligations that organizations ignore at their peril.

The most significant development here is the Reserve Bank of India’s upcoming dark pattern ban. The Draft RBI (Commercial Banks — Responsible Business Conduct) Amendment Directions, issued in February, take effect 1 July — just one month away. This makes the RBI the first sectoral financial regulator in India to formally define and prohibit dark…

Source

More Stories

Ag data privacy: Now protected by law

Ag data privacy: Now protected by law

Staff Editor 2026-06-06
Prince Harry Did a Total 180 About His & Meghan Markle’s Kids Privacy

Prince Harry Did a Total 180 About His & Meghan Markle’s Kids Privacy

Staff Editor 2026-06-06
Brave Origin strips AI, Rewards, and VPN for privacy purists

Brave Origin strips AI, Rewards, and VPN for privacy purists

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy