How DPDP will rewrite growth playbooks for Indian brands

India’s Digital Personal Data Protection (DPDP) Act 2025 has long been positioned as a consumer-rights legislation. But as the enforcement cycle begins, its most profound impact may not be on tech firms or policy circles but may be on the country’s marketing ecosystem. With most app SDKs still firing before consent, a clear violation under the Act, the industry faces nearly ₹250 crore in potential exposure. Reduced data pipelines, diminished attribution, collapsing lookalike models, and increased CAC for businesses with few first-party ecosystems are all immediately apparent consequences of the ripple effect. Legal experts echo this transformation. Yajas Setlur, Partner at JSA Advocates & Solicitors, notes that SDKs can no longer trigger before consent, which will “break many legacy workflows.” But he stresses that early compliance is a competitive advantage, not a cost. As Indian consumers become more privacy-aware, they will “reward companies they can trust with their data and loyalty.” In his view, the initial pain is the price of a healthier, more accountable ecosystem. Read more