Answer By law4u team
Cookie consent laws regulate how websites collect and process user data via cookies, ensuring transparency and user control. While India currently does not have explicit cookie-specific legislation, existing laws and proposed bills address user consent and data protection related to cookies.
What Are Cookie Consent Laws In India?
Absence of Specific Cookie Law:
Unlike the EU’s GDPR, India does not yet have a standalone law specifically mandating cookie consent or regulating cookies explicitly.
Information Technology Act, 2000 and Rules:
The IT Act and the Reasonable Security Practices Rules (2011) require organizations to implement appropriate security measures for sensitive personal data, which may include data collected via cookies.
Personal Data Protection Bill (PDPB):
The proposed PDPB emphasizes user consent for collection, storage, and processing of personal data, which can cover cookie data that identifies individuals.
Implied Consent and Best Practices:
Indian websites generally follow global best practices by providing cookie notices and obtaining implied or explicit consent, promoting transparency and user control.
Transparency and Disclosure:
Websites are encouraged to disclose cookie usage in privacy or cookie policies, explaining types of cookies, purposes, and how users can manage preferences.
Alignment With Global Standards:
Indian businesses, especially those dealing with international users, often comply voluntarily with GDPR-style cookie consent norms to avoid legal and reputational risks.
Regulatory Trends:
Data protection authorities and courts in India increasingly recognize privacy as a fundamental right, signaling future stricter enforcement around cookie consent.
Example
Scenario:
An Indian e-commerce website displays a cookie banner explaining the types of cookies used and allows users to accept or reject non-essential cookies.
Outcome:
Although not mandated by law yet, this practice aligns with global standards and enhances user trust and legal preparedness.
