Smitha and I are writing a series of papers on a data protection law for India, based on our research. We hope that our discussion of the options before us and their relative merits and demerits will help other engage with these difficult questions in a nuanced manner.
The first paper sets out the context for the data protection law. It discusses the reasons and purpose for regulation and what specifically will be regulated.
It also discusses who will be regulated, since this is important while considering the regulatory strategies to use while implementing the data protection principles. It is available here.