Data Privacy & Security

Innovation in data privacy and security products

Our Data Privacy Practice was identified as a key sub-area within our overall corporate practice, over a decade ago.   Our Data Team closely monitors the evolving data privacy and security landscape in India, and   consistently advises multinational clients across a broad spectrum of data related matters.

We regularly undertake data-related due diligence exercises for corporate transactions and have advised on innovative structures seeking to monetise data (most recently, by using data lakes as security for financings).  As the overlap between data and anti-trust issues continues to increase, our Data and Competition Teams collaborate closely to ensure that we provide expert multi-dimensional advice to our clients.

Our Data and Privacy Law experience includes matters  that range from advising on Indian personal data compliance requirements (including on how such requirements are likely to change as and when new legislation is finally put in place, and how the Indian framework interacts with other data regimes such as GDPR, especially in light of Schrems II), to dealing with the Indian aspects of global data breaches (where we are often required to make notifications and respond to authorities within extremely compressed timeframes).

Our team addresses a wide range of data related issues for multinational clients across several sectors.

Representative transactions

  • Advising clients across various sectors on data compliance requirements in various contexts (including data localisation, employee data sharing, privacy policies, e-marketing, screen scraping, and data collected by camera equipped vehicles).
  • Advising US and Europe-headquartered corporations on data breaches impacting Indian users (which has involved notifying and liaising with the relevant authorities).
  • Advising a European client on surveillance laws in India, against the backdrop of Schrems II.
  • Advising a US headquartered client in relation to a financing where “data lakes” held by the borrower group are proposed to be used as security.