'India's data protection rules could hinder innovation': Expert
Jules Polonetsky, CEO of Future of Privacy Forum, thinks India's new data protection rules might actually slow down innovation if they're too strict.
At the India AI Impact Summit 2026, he pointed out that relying too much on constant notifications and consent forms could make things tricky for companies.
"If the law effectively makes companies feel that nothing can be done unless everything is perfectly clear, people will hesitate," he shared.
Polonetsky suggests including tech experts on Data Protection Board
India's Digital Personal Data Protection (DPDP) Rules, 2025, were notified in November 2025 and provide a staggered rollout of provisions—some immediate, some within three months, others within 12 months—aiming to regulate how personal data is handled.
Polonetsky suggested bringing tech experts onto the Data Protection Board so they really get how data moves around—something Europe has struggled with when it comes to cross-border transfers.
India should learn from Europe's challenges, keep framework clear
He also flagged that Europe's AI Act and GDPR sometimes overlap in confusing ways, while many US states have their own patchwork of rules.
His advice? India should learn from these challenges and keep its own framework clear and practical for everyone involved.