|
Quarterly Newsletter Issue #10
|
|
|
Dear Readers,
Greetings!
In this tenth edition of InnovTech@CUTS newsletter, we present our recent work on the Digital Personal Data Protection Act, 2023, and associated draft Rules, 2025. Our study on the Economic Analysis of Verifiable Parental Consent evaluates the costs and trade-offs of various consent mechanisms, while our research on the Regulation of Behavioural Monitoring and Targeted Advertising proposes age-appropriate, risk-based safeguards to ensure children benefit from personalisation in a safe and inclusive manner.
This edition also highlights our active outreach and advocacy efforts on the draft DPDP Rules and the Report on AI Governance, and recap our recent representations at key forums and policy discussions. We have been proactive in capacity-building and organised cyber-security training workshops for both Micro, Small and Medium Enterprises (MSMEs) and women entrepreneurs.
We continue to engage on a broad range of digital economy and tech policy issues, including data governance, digital rights, digital infrastructure, and emerging technologies, among others.
We hope you find these insights valuable and look forward to your feedback.
Amol Kulkarni
Director (Research)
CUTS International
|
|
|
Economic Analysis of Verifiable Parental Consent Mechanisms: Evaluating Impact on Consumers and Data Fiduciaries
Asheef Iqubbal and Krishaank Jugiani
 The study examined and compared the costs associated with various Verifiable Parental Consent mechanisms, including those proposed under the draft Digital Personal Data Protection Rules, 2025. Using a mixed-methods approach, it assessed each mechanism’s implementation, operational, compliance, privacy, efficiency and scalability costs.
For example, Government ID and DigiLocker-based mechanisms could potentially cost around US$101,440 and US$45,436 annually, respectively. While these methods are reliable, they raise privacy and exclusion, particularly for children and marginalised users.
The study recommends a flexible, risk-based approach supported by an interoperable consent framework, guided by a multi-stakeholder body. This would help ensure safety, inclusivity, and innovation without incurring high costs.
Read the full report here and snapshot of findings here.
|
|
Regulation of Behavioural Monitoring and Targeted Advertisements Directed at Children: Ensuring Personalisation Benefits Children
Krishaank Jugiani
 The study examined the role of personalisation in the children’s digital lives, analysing both the benefits and risks arising from behaviour monitoring and targeted advertising. It also evaluated the exemptions proposed under the draft Rules to assess whether they are adequate or should be expanded to enable a more personalised experience for children in a safe and secure manner.
Recommendations include adopting age-appropriate, risk-based safeguards that balance safety, access, and innovation. The report further emphasises the importance of data minimisation, privacy-by-design, and tailoring personalisation strategies by age group–young children (eight and below), tweens (ages 9–12), and teenagers (ages 13–17), with ongoing evaluation based on parental feedback and psychological well-being.
Read the full report here and snapshot of findings here |
|
CUTS International Welcomes India’s Decision to Eliminate 6% Levy on Online Advertisement
KNN, March 28, 2025
CUTS International faults MultiChoice over abrupt price hike
The Business & Financial Times, March 28, 2025
CUTS hails India's move to scrap 6% equalisation levy, calls it a boost for digital business
Fortune India, March 28, 2025
Government must intervene in DStv subscription hike – CUTS International
Ghana Web, March 26, 2025
Consumers deserve fair notice – CUTS International on DSTV subscription hike
Citi Newsroom, March 25, 2025
Give fair notice to consumers over increase in subscription fees – CUTS International to MultiChoice
MyjoyOnline, March 25, 2025
DPDP Draft consultation window closes: Are businesses ready?
Exchange4media, March 10, 2025
Industry stakeholders flag compliance costs and obligations in DPDP Rules before finalisation
The Hindu Business Line, March 10, 2025
Upcoming DPDP rules spark industry concerns over compliance costs
Communications Today, March 10, 2025
Stakeholders say draft DPDP rules could degrade children’s online experience
The Hindu Business Line, March 10, 2025
How Much Does Parental Consent Verification Cost Under India's DPDP Act?
MediaNama, March 03, 2025
Verifiable parental consent may cost Rs 1 crore annually to firms: CUTS
Financial Express, February 27, 2025
Technological innovation will be the foundation of India's economic diplomacy
The Economic Times, February 18, 2025
Parental consent: Smaller platforms say they face disadvantage against big tech
Financial Express, January 15, 2025
|
|
CUTS Comments on Draft Digital Personal Data Protection Rules, 2025
Asheef Iqubbal and Krishaank Jugiani
CUTS CCIER, March 05, 2025
CUTS submitted its comments on the draft Digital Personal Data Protection Rules, 2025, and made the following key recommendations:
- Recommended the use of privacy labels and easy, penalty-free consent withdrawal mechanisms to enhance user understanding.
- Urged the adoption of transparent cross-border data rules, developed through public consultation and cost-benefit analysis.
- Called for clear risk-based algorithmic standards, with lighter audit requirements for low-risk platforms.
- Proposed the creation of a public registry of independent Consent Managers, featuring trust marks and oversight by the Data Protection Board.
|
|
CUTS Comments on the Subcommittee’s Report on ‘AI Governance and Guidelines Development’
Asheef Iqubbal
CUTS CCIER, March 04, 2025
CUTS submitted its comments on the report of the Sub-Committee constituted by the Ministry of Electronics and Information Technology on ‘AI Governance and Guidelines Development,’ and made the following key recommendations:
- Techniques, such as watermarking and hashing in AI outputs must balance attribution with privacy, ensuring that tracking mechanisms do not treat all users as suspects.
- AI developers should be held liable for harms caused by negligent design, including failure to disclose limitations or fix reported issues.
- India currently lacks a risk-based AI framework. The Inter-Ministerial AI Committee should classify AI risks sector-wise, in consultation with civil society and sectoral regulators.
- AI systems must be designed with grassroots involvement to ensure accessibility and minimise harm. A “design with people” approach can help promote inclusivity.
|
|
|
Krishaank Jugiani and Asheef Iqubaal presented CUTS' studies on children's data privacy at ‘Balancing Privacy and Agency – DPDPA’s Impact on Children and Persons with Disabilities’ organised by The Quantum Hub in collaboration with CUTS and other organisations in New Delhi on February 10, 2025.
Samridh Shastry attended the inaugural edition of the “Digital Public Infrastructure Conclave” organised by the Observer Research Foundation in New Delhi on March 20, 2025.
Ujjwal Kumar attended the “1st International Sub-Sea Cable Systems Conference in India: Impact of Sub- Sea Cable Systems on the Indian Digital Economy” organised by Broadband India Forum in collaboration with Global Digital Inclusion Partnership in New Delhi on March 25, 2025.
|
|
Understanding the Draft Data Protection Rules, 2025
February 07, 2025, New Delhi
 CUTS International partnered with MediaNama for a roundtable discussion on “Understanding the Draft Data Protection Rules, 2025” organised at India Habitat Centre, New Delhi on February 07, 2025. The aim of this roundtable was to discuss about various concerns and operational challenges associated with implementing the rules.
More details are here.
Illegal Online Gambling in India
March 19, 2025, New Delhi
 CUTS International organised a roundtable discussion on “Illegal Online Gambling in India” in New Delhi on March 19, 2025. The objective of this event was to present the findings and recommendations from its study on illegal online gambling in India. The event brought together officials, policymakers, industry experts, and professionals from relevant fields to discuss actionable strategies for addressing regulatory gaps and improving enforcement measures.
More details about the projects are here.
Workshops on Cybersecurity Capacity Building for MSMEs in India
 CUTS International conducted Cybersecurity Building Workshops for MSMEs in West Bengal and Tripura. The workshops, organised in collaboration with local industry associations, brought together entrepreneurs and workers from various industries, such as rubber harvesting and processing, food processing, agriculture-based businesses, jewellery and accessory making, small retail businesses, handicrafts, and local transportation services. The workshop aimed to raise awareness among MSME owners, employees, and business associates about both common and often overlooked cybersecurity threats.
More details are here.
|
|
CUTS International
Jaipur • New Delhi • Chittorgarh • Kolkata • Hanoi • Nairobi • Lusaka • Accra • Geneva • Washington DC
Copyright © 2024 CUTS International, All rights reserved.
|
|
|
|
|
|
|
|
