Search Articles

I've been thinking about who gets left out when we design privacy tools and consent systems. On World Down Syndrome Day, that question feels more pressing than usual.

India Stack is brilliant engineering. It's also the most extensive personal data infrastructure any democracy has ever built. Holding both of those thoughts at once is where the interesting conversation starts.

A ten-year-old in Pune opens a gaming app and taps 'I agree' without reading a word. India's DPDPA 2023 says that shouldn't count as consent. But does the law actually protect kids, or does it just look good on paper?

Your smart speaker is always listening. Your Wi-Fi camera is phoning home to servers you've never heard of. Indian households are filling up with connected gadgets and barely anyone's asking what data leaves the house.

So I turned off location services on my phone for a week to see what would happen. The answer: a lot more than I expected. Here's a casual deep dive into how your phone tracks you and what you can realistically do about it.

We've been talking about women's online safety in India for years, and the numbers keep getting worse. This Women's Day, here's a warm but honest guide to the threats, the tools, and the complicated reality of being a woman online in this country.

You handed your Aadhaar, PAN, and address proof to a bank. Now what can they do with it? A flat-toned walkthrough of what's allowed, what's not, and the gray zones nobody clarifies.

India's cyber insurance market wants you to believe it's mature. It's not. Here's a dry-eyed look at what these policies actually cover, what they exclude, and why you'll probably still need one anyway.

A friend got spam-bombed after one IRCTC booking. Here's what happened, what these portals actually collect, and the casual fixes that keep your data from leaking everywhere.

Most people assume India's Data Protection Board will function like a court. It won't. Here's a thoughtful breakdown of how the DPBI actually operates, what it can do, and the quiet structural problems no one's talking about.

February 2026 was a busy month for privacy in India — a fintech breach exposed 2.3 million records, the Data Protection Board got its full bench, and UPI fraud numbers got worse. Here's what happened.

Something you did ten years ago still shows up on Google when someone searches your name. Should you have the right to make it disappear? India's answer is complicated, evolving, and worth understanding.

Your fingerprints can't be reset like a password. India holds biometric data on 1.4 billion people through Aadhaar alone, and the legal protections around that data remain thinner than most citizens realize.

Indian e-commerce platforms promise personalized shopping while quietly building profiles that would make a private investigator jealous. Here's a flat look at what Flipkart, Amazon India, Meesho, and others actually collect — and what they do with it.

Your boss might be watching your screen right now. No, really. Since the work-from-home boom, Indian companies have quietly installed keystroke loggers, screenshot tools, and GPS trackers on employee devices. The law on whether any of this is legal? It's a mess.

Most people assume AI in India is still experimental, mostly chatbots and Netflix suggestions. They're wrong. Indian companies are already using machine learning to decide your loan eligibility, set the prices you see online, and scan your face in public. Here's what that means for your data.

So I googled myself last month and found my phone number, old address, and a photo I deleted years ago — all on the first page. Here's what happened when I tried to scrub it all, what worked, what didn't, and the one thing you should do this weekend.

Practo knows your prescriptions. 1mg knows your lab results. PharmEasy knows what you're treating. Apollo 247 has your vitals. And the Ayushman Bharat Health ID might soon tie it all together. Who else is looking at your medical records?

What exactly does a Data Protection Officer do all day, and why are Indian companies suddenly willing to pay lakhs for someone to fill the role? The DPDPA has created a career that barely existed here three years ago. Here's what the job looks like, what it pays, and how to break in.

People keep saying the DPDPA will let you ask what data the government holds on you. I disagree. The RTI Act has been doing that since 2005, for ten rupees, and most people haven't thought to try it.

Most Indian startups are already violating the DPDPA and don't even know it. The consent banners are wrong, the data maps don't exist, and the clock is ticking toward penalties that could shut a company down.

Your kid logs into an EdTech app for a math lesson, and the company records their age, location, quiz mistakes, how long they stared at a video, and which ads they tapped. Here's what Indian EdTech platforms actually do with student data -- and why parents should be paying closer attention.

Insurance companies in India collect and analyze vast amounts of health data to assess risk and set premiums. Understand how your health information is used and what rights you have.

You've got more digital rights than you probably think. From the Puttaswamy privacy ruling to the DPDP Act to net neutrality protections, here's what the Constitution and Indian law actually guarantee you online — and how to use those rights when it matters.

Over 1.8 billion records belonging to Indian citizens were exposed between 2018 and 2025. Here's a year-by-year breakdown of the biggest data breaches, what went wrong each time, and what ordinary people can actually do about it.

You ported out of Airtel two years ago, but they've still got your Aadhaar scan, your call logs, and a record of every cell tower you pinged. Here's what actually happened when I tried to get Indian telecoms to delete my data.

I deleted my Flipkart app for a month. When I reinstalled it, the app already knew what I'd been browsing on Myntra. Here's the uncomfortable truth about how Indian tech companies follow you across the internet.

My daughter's tablet knew her school name, her best friend's birthday, and which park we visit on Sundays. She's seven. Here's what I've learned about keeping kids' data safe in India -- and what most parents still don't know.

A friend's bank leaked her Aadhaar details to a marketing firm. She didn't know where to complain. Turns out, India actually gives you real options -- from Grievance Officers to the Data Protection Board to consumer courts. Here's what I learned helping her fight back.

Those cookie pop-ups aren't just a European thing anymore. India's DPDP Act and IT Act rules now shape what websites must do about cookies — and most sites are getting it wrong.

So I was chatting with a friend about why his Aadhaar got misused, and it hit me -- most of us in India still don't get why our data matters until something goes wrong.

India's DPDP Act took over six years and four drafts to become law — here's what it actually says, who it hits hardest, and why most people I've talked to still don't know their rights under it.