Forecasting can be quite subjective. Therefore, let’s begin with some objective numbers. India is poised to be a USD 1 trillion digital economy by 2028. A tenth of the world’s internet subscribers today are in India. The budget allocated to the government’s flagship Digital India program from 2021-22 to 2024-25 is just short of INR 15,000 crores. It follows as a logical corollary that the digital sector in India is a policy priority for the country.
Global events like the second Trump presidency in the US and the EU’s focus on AI and competition regulations will inform some of the discourse in India around tech manufacturing and exports, regulating emerging technologies and established businesses, and evolving bilateral relations. However, India has established itself as a significant player in the global digital economy. In 2025 and beyond, the government will continue to position itself as an active participant in and leader of policy design in technology regulation. The cornerstone of India’s approach to tech policy in 2025 will likely be promoting innovation and safeguarding consumer interest.
Private, Keep Out!
The Digital Personal Data Protection Act, 2023 (DPDP Act) is India’s much-awaited comprehensive privacy and data protection legislation. It outlines principles that guide protecting individuals’ rights, the parameters for businesses as they innovate and service the Indian market, and uphold the public interest.
In 2025, we can expect a more mature implementation of the DPDP Act. Substantial parts of the law require delegated legislation (or rules) to be put in place for the effective operationalisation of the regulatory framework. We will see the establishment of the Data Protection Board of India. We can also expect guidance around provisions on protecting children’s privacy, consent management, data breach notification, processes for cross-border data flows, impact assessments, data principal (known as data subjects in other markets) rights, and obligations of significant and other data fiduciaries (known as data controllers in other markets).
2025 will, therefore, be the year of action for companies operating in India and for them to comply with specific mandates in the law while ensuring overall adherence to the underlying principles and intent.
Bah, Humbug – Spam and Scam
With the rapid growth of digital financial services and increased access to telecom services and the internet, we see an exacerbated risk of spam and scams. Therefore, in 2025, we will see renewed attention from the government to address the challenges of spam calls and scams like digital arrest, courier packages being stuck with the service provider/ authorities, links that compromise payment accounts, etc.
The telecom regulator (TRAI) is expected to enforce enhanced Know Your Customer (KYC) norms involving re-verification of user identities, blocking unregistered or suspicious numbers and setting limits on the number of SMSes and calls that can be sent in bulk, particularly from business numbers. Additionally, we’re seeing the deployment of advanced AI-based detection systems to monitor and prevent spam calls and messages in real-time, and this will likely pick up steam in 2025.
We can expect an increased policy impetus on fraud prevention and nationwide digital literacy campaigns in 2025, educating the common person on online hygiene to prevent scams as well as mitigate their impact when they become victims of such scams.
2025 will present opportunities for enhanced collaboration between the government and private sector to ensure early threat detection, rapid response to incidents, and improved digital literacy programs.
Pinky and the BrAIn
AI innovation in India is on an upswing, and in 2025, the government is likely to advance conversations around AI ethics, use, and accountability. The Indian government has expressed strong interest in promoting AI for inclusion, innovation and social impact while preventing misuse, bias, and the risk of unethical applications. Recent policy papers, the Ministry of Electronics and Information Technology’s work through the AI and Emerging Technologies Group, and the INDIAai portal indicate a drive towards responsible AI development.
While dedicated AI regulation in 2025 is unlikely, we may see the early skeletal outlines of India’s AI principles, particularly as they relate to key pillars around which most AI regulation is focused – transparency, accountability, accuracy, privacy, copyright and labour.
Navigating the Yellow Brick Road Ahead
As India’s tech landscape matures, 2025 is poised to be a landmark year for tech policy. The Indian government’s stance reflects an intention to balance innovation with consumer protection. This evolving regulatory environment offers an opportunity to shape a secure and inclusive digital economy while also posing a heightened compliance landscape for businesses. Multinational corporations and Indian tech firms alike must prepare for these changes, and a cross-section of stakeholders in business, civil society, consumer interest groups and experts should actively participate in dialogue with the government to ensure a truly collaborative regulatory future for India.
India’s tech policy trajectory in 2025 indicates a prioritisation towards a resilient, fair, and consumer-plus-innovation-conscious digital ecosystem. All in all, expect 2025 to be deliberative, consultative, educative, and above all, deeply stimulative for all things tech policy!
