"Users must know how their data is used, especially when AI is involved in decision-making. High security standards, including encryption and breach management protocols, will be expected by both users and regulators."
What shifts would you say are shaping the legal and regulatory environment in high-growth sectors like quick commerce and retail-tech?
In today’s dynamic business environment, sectors like quick commerce and retail-tech are undergoing a seismic shift, reshaping their legal and regulatory landscapes. Several key forces are influencing this transformation.
We are witnessing rapid technological innovation artificial intelligence, automation, and IoT are becoming foundational to operations. With these advancements comes the urgent need for updated regulatory frameworks that ensure transparency in algorithms, data privacy safeguards, and fair competition in digital marketplaces.
At the same time, consumer behavior is evolving rapidly. The expectation of instant, seamless service is prompting regulators to tighten their focus on consumer protection measures. This includes transparency in pricing and terms, trade practices and ensuring that delivery personnel, often part of the gig workforce, are treated fairly in terms of earnings and working conditions.
The growing gig economy is drawing scrutiny from policymakers. Regulators are grappling with how to categorize gig workers, what social security benefits they are entitled to, and how laws should evolve to reflect this shift.
In your experience, how do teams stay ahead of shifting regulatory benchmarks in emerging digital-first sectors?
In digital-first and high-growth sectors, staying ahead of regulation is no longer optional, it’s a competitive necessity. Organizations that succeed in this space typically adopt a proactive approach. They keep a tab on the regulatory developments across jurisdictions in real time and evaluate the impact on the sector in the home country.
Industry collaboration is also critical. By engaging with associations and working groups, companies can both influence and anticipate emerging legal standards. Internally, businesses are adopting agile compliance frameworks that adapt quickly to change, without derailing operations.
What helps strike the right balance between operational agility and the need for structured, compliant frameworks?
As sectors grow, forward-looking companies use AI to automate complex processes. For instance, instead of just running periodic data privacy audits, AI-powered compliance tools monitor operations in real-time. In Contract Lifecycle Management (CLM), AI analyzes agreements against standardized templates, instantly flagging risks and ensuring policy adherence.
This automation of routine tasks, like KYC verifications and tax filings, frees up employees for more strategic work. More importantly, these AI platforms create a single, unified environment where legal, operations, and technology teams can collaborate effectively from the earliest stages of planning.
AI helps transform compliance from a reactive checklist into a core part of the organizational culture. By providing intelligent insights and automating enforcement, AI ensures all employees are aligned with evolving regulatory expectations. This fosters a culture where compliance and agility aren't competing priorities but are dual outcomes of an innovative smart, technology-driven strategy.
How should legal frameworks evolve to keep pace with the integration of AI, automation, and predictive systems in consumer tech?
The legal system is playing catch-up as AI and predictive technologies become embedded in everyday business operations. One of the most pressing needs is algorithmic accountability.
Data governance is another important pillar. Organisations must not only protect consumer data but do so in ways that are transparent and aligned with their innovation goals. Legal clarity is also needed in determining liability for AI errors or biases, especially in use cases like delivery drones or automated order fulfilment. Ethical considerations are gaining prominence, with calls for frameworks that prevent discrimination and ensure equitable digital experiences.
As companies go global, there’s a growing push for international regulatory harmonization, enabling smooth and lawful deployment of AI across markets.
What are the biggest legal or compliance pain points in sectors where delivery models outpace regulation?
In sectors moving faster than regulatory frameworks, legal teams face unique challenges. The pace of innovation in quick commerce, for example, often outstrips the ability of regulators to keep up, leading to legal gray zones around worker classification.
The current regulatory mechanisms are not meant to enable speed. The need of the hour is enabling a regulatory framework and mechanisms that compliment growth of the new – age organization with speed and flexibility.
Also, operating across jurisdictions only compounds these issues, what is permissible in one region may be restricted in another. This inconsistency burdens companies with complex compliance overheads. Meanwhile, earning and maintaining consumer trust remains a priority, requiring businesses to balance speed and convenience with clear, honest communication on pricing, quality, and timelines.
In the coming years, what do you see as the core legal responsibilities when it comes to protecting user data and digital trust?
Looking ahead, legal responsibilities will increasingly center on building and protecting digital trust. Companies must align with global data protection regimes such as the GDPR and CCPA in addition to DPDPA, ensuring that user consent is meaningful and that data collection is minimized and secure.
Equally important is empowering users with control. Whether it allows opt-outs, providing access to personal data, or enabling portability, user rights must be front and centre. Finally, businesses will need precise accountability mechanisms like transparent policies for reporting and remediating breaches that uphold user confidence and brand credibility.
Transparency will be key; users must know how their data is used, especially when AI is involved in decision-making. High security standards, including encryption and breach management protocols, will be expected by both users and regulators.
About Panduranga Acharya :
Panduranga Acharya is an experienced legal professional, recognized by Legal Era as one of India’s ‘Distinguished Legal Minds.’ He currently serves as the General Counsel at Zepto, leading the company’s legal, compliance, and secretarial functions. Panduranga began his career as a litigating counsel in Bangalore before transitioning to an in-house capacity. Since then, he has been an integral part of the leadership at iconic startups like Flipkart, Swiggy, and CarDekho Group. His expertise lies in building the foundational legal and governance structures that enable hyper-growth. He has guided these companies through critical milestones, including major funding rounds, pre-IPO financing, and scaling to billion-dollar valuations.
A frequent speaker at industry forums, Panduranga is passionate about sharing knowledge and helping founders build durable, successful companies.
