Search Articles

I've been thinking about who gets left out when we design privacy tools and consent systems. On World Down Syndrome Day, that question feels more pressing than usual.

Picture this: you open your laptop, visit a medical website, then a job portal, then your bank. Your ISP just logged all three. Encrypted DNS stops that — and setting it up takes about five minutes.

India Stack is brilliant engineering. It's also the most extensive personal data infrastructure any democracy has ever built. Holding both of those thoughts at once is where the interesting conversation starts.

People say they care about phone privacy, then hand every app blanket access to their camera, microphone, contacts, and location. Here's how to actually check what your apps can see and shut down the ones that are overreaching.

You don't need to spend money to take back your privacy. Every tool on this list is free, open source, and works in India. Most of them take less than ten minutes to set up.

Someone asked me last week: 'Can a virus actually steal money from my phone?' The short answer is yes. Banking trojans designed specifically for Indian UPI and banking apps are more common than most people realise.

A ten-year-old in Pune opens a gaming app and taps 'I agree' without reading a word. India's DPDPA 2023 says that shouldn't count as consent. But does the law actually protect kids, or does it just look good on paper?

Tor isn't just for hackers or whistleblowers. It's a legitimate privacy tool, it's legal in India, and most people use it wrong. Here's what happened when I started using it properly, and what you should know before you try.

So you searched for running shoes once, and now every app on your phone is showing you sneaker ads. That's not coincidence. Here's the machinery behind digital ad tracking in India, and whether you can actually escape it.

Your smart speaker is always listening. Your Wi-Fi camera is phoning home to servers you've never heard of. Indian households are filling up with connected gadgets and barely anyone's asking what data leaves the house.

Eighty-three percent of Indians reuse the same password across multiple accounts. Here are real-world methods for building strong, memorable passwords without losing your mind.

India's IT Intermediary Guidelines are the most significant set of rules governing social media in the country's history. They promise accountability and threaten privacy in roughly equal measure. A thoughtful examination of what they mean for you.

So I turned off location services on my phone for a week to see what would happen. The answer: a lot more than I expected. Here's a casual deep dive into how your phone tracks you and what you can realistically do about it.

We've been talking about women's online safety in India for years, and the numbers keep getting worse. This Women's Day, here's a warm but honest guide to the threats, the tools, and the complicated reality of being a woman online in this country.

Most Indian SMEs will get hit by ransomware not because of some sophisticated zero-day attack, but because of weak passwords and unpatched systems. Here's the conversational, practical guide to not being that business.

You handed your Aadhaar, PAN, and address proof to a bank. Now what can they do with it? A flat-toned walkthrough of what's allowed, what's not, and the gray zones nobody clarifies.

India shut down the internet over 80 times in 2025. The economic damage crossed Rs 4,000 crore. And the government keeps calling these measures 'proportionate.' A skeptical look at where things stand in early 2026.

Spy camera busts in Indian hotels and trial rooms keep making headlines, and the response from the hospitality industry is pathetically inadequate. Here's how to check for yourself.

India's cyber insurance market wants you to believe it's mature. It's not. Here's a dry-eyed look at what these policies actually cover, what they exclude, and why you'll probably still need one anyway.

A friend got spam-bombed after one IRCTC booking. Here's what happened, what these portals actually collect, and the casual fixes that keep your data from leaking everywhere.

Most people assume India's Data Protection Board will function like a court. It won't. Here's a thoughtful breakdown of how the DPBI actually operates, what it can do, and the quiet structural problems no one's talking about.

February 2026 was a busy month for privacy in India — a fintech breach exposed 2.3 million records, the Data Protection Board got its full bench, and UPI fraud numbers got worse. Here's what happened.

Google Drive encrypts your files, sure — but Google holds the keys. That's not privacy, that's a filing cabinet where someone else has a copy of the combination. Here's what actually works.

Something you did ten years ago still shows up on Google when someone searches your name. Should you have the right to make it disappear? India's answer is complicated, evolving, and worth understanding.

India isn't ready for deepfakes. Not the government, not the platforms, and definitely not the average WhatsApp user. Here's how bad it's gotten and what you can realistically do about a problem nobody's solving fast enough.

Ever wonder how much your Android phone tells Google about you before you've even opened an app? Probably more than you'd be comfortable with. Here's how to set up your phone so it stops oversharing.

Your fingerprints can't be reset like a password. India holds biometric data on 1.4 billion people through Aadhaar alone, and the legal protections around that data remain thinner than most citizens realize.

Indian e-commerce platforms promise personalized shopping while quietly building profiles that would make a private investigator jealous. Here's a flat look at what Flipkart, Amazon India, Meesho, and others actually collect — and what they do with it.

A colleague lost Rs 4.7 lakh to a single phishing email that looked exactly like an SBI alert. Here's how to spot the fakes, lock down your inbox, and make sure you're not the next easy target.

Your boss might be watching your screen right now. No, really. Since the work-from-home boom, Indian companies have quietly installed keystroke loggers, screenshot tools, and GPS trackers on employee devices. The law on whether any of this is legal? It's a mess.

Most people assume AI in India is still experimental, mostly chatbots and Netflix suggestions. They're wrong. Indian companies are already using machine learning to decide your loan eligibility, set the prices you see online, and scan your face in public. Here's what that means for your data.

So I googled myself last month and found my phone number, old address, and a photo I deleted years ago — all on the first page. Here's what happened when I tried to scrub it all, what worked, what didn't, and the one thing you should do this weekend.

India slaps a flat 30% tax on crypto gains with zero deductions, while exchanges hand over your KYC data on request. Here's a Q&A breakdown of what crypto privacy actually looks like in this country, where the tax math stands, and what you can (and can't) do about it.

That free VPN on your phone is probably selling your browsing history right now. Here's what these apps actually do with your data, why their business model depends on exploiting you, and the handful of free tiers that won't stab you in the back.

Practo knows your prescriptions. 1mg knows your lab results. PharmEasy knows what you're treating. Apollo 247 has your vitals. And the Ayushman Bharat Health ID might soon tie it all together. Who else is looking at your medical records?

What exactly does a Data Protection Officer do all day, and why are Indian companies suddenly willing to pay lakhs for someone to fill the role? The DPDPA has created a career that barely existed here three years ago. Here's what the job looks like, what it pays, and how to break in.

Dating apps promise connection, but they collect some of the most intimate data you'll ever hand over — your location at 2 AM, your photo library, your desires. In a country where a leaked profile can wreck a reputation overnight, here's what Indian users should actually worry about.

You probably spent 70,000 rupees or more on that iPhone. Yet most Indian users haven't touched half the privacy settings buried inside iOS. Here's a no-nonsense walkthrough of every toggle that matters, from App Tracking Transparency to Lockdown Mode.

A single tap on a fake payment link cost a Chennai shopkeeper his entire month's earnings. UPI phishing scams are bleeding Indian wallets dry through bogus SMS blasts, spoofed Google Ads, and WhatsApp traps. Here's how to spot them before your money vanishes.

-- so you're telling me the government installed 15,000 cameras in my city, connected them to a centralized command center, and nobody asked whether residents were okay with being watched 24/7? Yeah. That's basically the situation in most of India's 100 smart cities.

People keep saying the DPDPA will let you ask what data the government holds on you. I disagree. The RTI Act has been doing that since 2005, for ten rupees, and most people haven't thought to try it.

Only 38% of Indian internet users could identify a phishing email in a recent nationwide survey. On Safer Internet Day 2026, that number should trouble us all -- and it should also tell us exactly where to start.

Most Indian startups are already violating the DPDPA and don't even know it. The consent banners are wrong, the data maps don't exist, and the clock is ticking toward penalties that could shut a company down.

A Pune man lost Rs 16 lakh in 47 minutes. His phone just stopped working. That's how SIM swap fraud begins -- silent, fast, and devastating. Here's what happened, and what you should know before it happens to you.

Someone recently asked me: 'WhatsApp says my messages are encrypted. Does that mean nobody can read them? Not even WhatsApp?' The answer is surprisingly interesting, and it affects every single message you send.

Your kid logs into an EdTech app for a math lesson, and the company records their age, location, quiz mistakes, how long they stared at a video, and which ads they tapped. Here's what Indian EdTech platforms actually do with student data -- and why parents should be paying closer attention.

So you found a deal on Flipkart that seems too good. Or someone on Instagram is selling branded shoes at 80% off. Before you punch in your UPI PIN, let's talk about how to shop online without getting scammed -- because the tricks are getting really clever.

India calls itself the world's largest democracy and simultaneously runs one of the most expansive social media monitoring operations on the planet. Here's what that actually looks like on the ground, and what it means for every Indian who posts, shares, or simply scrolls.

Your DigiLocker holds driving licences, Aadhaar, marksheets, and insurance papers all in one place. If someone breaks in, they don't just steal files -- they steal your identity. Here's how to lock it down before that happens.

The Information Technology Act 2000 is the foundational cyber law in India. Learn about its key provisions, amendments, and how they impact your digital privacy.

Your browser is the gateway to the internet, and it can leak enormous amounts of personal data. Explore the best privacy-focused browsers available for Indian users.

Insurance companies in India collect and analyze vast amounts of health data to assess risk and set premiums. Understand how your health information is used and what rights you have.

Most online banking security advice is useless. Here's what actually happens when Indian bank customers get defrauded, what the attacks really look like, and the specific steps that would have prevented each one. Including the RBI rule that could save you lakhs if you act within 3 days.

Have you ever wondered what Google actually knows about you? Your Android phone tracks locations, records voice queries, logs every search, and builds an advertising profile — all with settings turned on by default. Here's how to claw back some of that privacy without throwing your phone out the window.

India's cyber incident response agency wields enormous power over how companies report breaches, store logs, and cooperate with investigations — yet most citizens have never heard of it. Here's what CERT-In actually does, where it falls short, and why its 2022 directives changed the rules for everyone.

You've got more digital rights than you probably think. From the Puttaswamy privacy ruling to the DPDP Act to net neutrality protections, here's what the Constitution and Indian law actually guarantee you online — and how to use those rights when it matters.

Your neighbor might be on your Wi-Fi right now. Default passwords, outdated encryption, and forgotten settings leave most Indian home networks wide open. Here's how to actually lock yours down.

India's data localization story has taken more turns than most people realize. From early drafts that demanded strict local storage to the DPDP Act's more flexible approach, here's what actually changed and why it matters for your data.

That six-digit code your bank texts you? It travels through a telecom system built in the 1970s. SIM swaps, SS7 holes, and plain old trickery make SMS OTP a shaky second factor -- here is what actually works better.

Over 1.8 billion records belonging to Indian citizens were exposed between 2018 and 2025. Here's a year-by-year breakdown of the biggest data breaches, what went wrong each time, and what ordinary people can actually do about it.

I keep seeing people call Telegram a 'secure' app and it drives me up the wall. Here's a Q&A breakdown of how Telegram and Signal actually stack up for Indian users — no fluff, no fanboying.

You ported out of Airtel two years ago, but they've still got your Aadhaar scan, your call logs, and a record of every cell tower you pinged. Here's what actually happened when I tried to get Indian telecoms to delete my data.

India's streets are filling up with CCTV cameras faster than anyone can count them, yet there's barely a rulebook for who watches, who stores the footage, or how long they keep it. Here's what that means for your privacy.

So you think Gmail's free because Google is generous? That inbox gets scanned, profiled, and monetized. Here's what actually changes when you move to encrypted email -- and how to do it without losing your mind.

I deleted my Flipkart app for a month. When I reinstalled it, the app already knew what I'd been browsing on Myntra. Here's the uncomfortable truth about how Indian tech companies follow you across the internet.

Most password advice floating around Indian tech circles is recycled nonsense. Here's what actually works when you've got 80+ accounts, UPI apps, and Aadhaar-linked services to protect -- tested and priced for India.

Someone you love could be sitting on a video call right now, shaking, convinced they're about to go to jail. Digital arrest scams have torn through India, and the people running them are disturbingly good at what they do.

My daughter's tablet knew her school name, her best friend's birthday, and which park we visit on Sundays. She's seven. Here's what I've learned about keeping kids' data safe in India -- and what most parents still don't know.

India slashed its breach reporting window from 24 hours to 6. That's just one piece of the 2026 cybersecurity guidelines -- quarterly CII audits, AI governance rules, and a tiered compliance system round out the rest.

A friend's bank leaked her Aadhaar details to a marketing firm. She didn't know where to complain. Turns out, India actually gives you real options -- from Grievance Officers to the Data Protection Board to consumer courts. Here's what I learned helping her fight back.

Those cookie pop-ups aren't just a European thing anymore. India's DPDP Act and IT Act rules now shape what websites must do about cookies — and most sites are getting it wrong.

Fourteen billion UPI transactions a month and people are still entering their PIN to 'receive' money. Here's what nobody bothers to explain about collect request scams, fake helplines, QR code tricks, and SIM swaps — plus what actually works when you've already been hit.

Ever wonder why your uncle's WhatsApp profile photo ended up on a scam account asking his friends for money? Half a billion Indians use this app daily, and I'd bet most haven't touched a single privacy setting.

Everyone tells you to check if your data's been leaked. I ignored that advice for three years -- until a loan showed up on my CIBIL report that I never applied for, traced back to a telecom breach I could've caught in five minutes.

Most VPN advice for Indian users ignores the one thing that changed everything -- CERT-In's 2022 logging directive. Here's what actually matters when picking a VPN now, and the ten services I'd consider.

I got tired of recycled Aadhaar safety tips that skip the parts that actually matter, so I wrote down everything I've learned from years of cleaning up identity theft messes in India.

So I was chatting with a friend about why his Aadhaar got misused, and it hit me -- most of us in India still don't get why our data matters until something goes wrong.

India's DPDP Act took over six years and four drafts to become law — here's what it actually says, who it hits hardest, and why most people I've talked to still don't know their rights under it.