- 07-Jun-2025
- Cyber and Technology Law
Cookie consent laws regulate how websites collect and process user data via cookies, ensuring transparency and user control. While India currently does not have explicit cookie-specific legislation, existing laws and proposed bills address user consent and data protection related to cookies.
Unlike the EU’s GDPR, India does not yet have a standalone law specifically mandating cookie consent or regulating cookies explicitly.
The IT Act and the Reasonable Security Practices Rules (2011) require organizations to implement appropriate security measures for sensitive personal data, which may include data collected via cookies.
The proposed PDPB emphasizes user consent for collection, storage, and processing of personal data, which can cover cookie data that identifies individuals.
Indian websites generally follow global best practices by providing cookie notices and obtaining implied or explicit consent, promoting transparency and user control.
Websites are encouraged to disclose cookie usage in privacy or cookie policies, explaining types of cookies, purposes, and how users can manage preferences.
Indian businesses, especially those dealing with international users, often comply voluntarily with GDPR-style cookie consent norms to avoid legal and reputational risks.
Data protection authorities and courts in India increasingly recognize privacy as a fundamental right, signaling future stricter enforcement around cookie consent.
An Indian e-commerce website displays a cookie banner explaining the types of cookies used and allows users to accept or reject non-essential cookies.
Although not mandated by law yet, this practice aligns with global standards and enhances user trust and legal preparedness.
Answer By Law4u Team
Discover clear and detailed answers to common questions about Cyber and Technology Law. Learn about procedures and more in straightforward language.
