By Manisha Sahu | America News World
November 21,2025
As India’s eagerly awaited Digital Personal Data Protection (DPDP) Act, 2023 officially moves into its enforcement phase, Google India has stepped forward with a fresh suite of privacy-enhancing technologies and new security features aimed at strengthening user protection. The company also announced key partnerships with research institutions and digital safety organisations, reinforcing its commitment to working closely with academia and civil society as the new regulatory regime takes shape.
The DPDP Act represents India’s first robust, comprehensive attempt to standardise how personal data is collected, stored, processed, and secured. With its rules taking effect, both government agencies and private companies will now be required to adopt stronger safeguards for user information. At a Google event in New Delhi, senior officials highlighted how innovative technologies such as federated learning, homomorphic encryption, and differential privacy will form the backbone of compliant, secure data ecosystems moving forward.
A Critical Moment for India’s Data Protection Journey
Speaking at the event, Vikash Chourasia, Scientist D at the IT Ministry’s Cyber Laws and Data Governance Group, offered a compelling analogy to describe India’s current stage in its data-protection evolution. Drafting the law, he said, was akin to buying a car. Now, with the legislation in effect, the country must learn to drive it—responsibly, effectively, and with safety as the highest priority.
According to Chourasia, this is where Privacy-Enhancing Technologies (PETs) will play a decisive role. These technologies help organisations process and analyse large volumes of data while minimizing the need to expose or identify individuals.
“PETs are the core agents for us to deliver the implementation of the DPDP,” he said. “And that is where we look forward to partnering with institutions and academic groups.”
The DPDP Act places strong emphasis on consent-based data collection, purpose limitation, data minimisation, and rapid reporting of breaches. Implementing these principles at scale will require deep technological innovation—an area where Google claims to have been investing for years.
Google’s New Suite of Privacy Tools
During the showcase, Google India demonstrated several of its advanced privacy technologies designed to ensure user data cannot be reverse-engineered, misused, or exploited.
Federated Learning: This method allows machine-learning models to be trained across millions of devices without centralizing the data. Instead of sending personal data to a server, federated learning brings the AI model to the device itself, trains it locally, and only uploads anonymised improvements. This maintains user privacy while still enabling high-quality AI experiences.
Homomorphic Encryption: An advanced cryptographic technique, homomorphic encryption allows data to remain encrypted even while being processed. This means sensitive information can be analysed by algorithms without ever being decrypted, drastically reducing privacy risks.
Differential Privacy: Used in Google Maps, Chrome, and several core platforms, differential privacy injects statistical “noise” into datasets, making it nearly impossible to isolate any one user’s information. It allows Google to identify broad trends—such as popular routes or app performance issues—without exposing individual behaviour.
Together, these tools act as pillars for an AI-driven but privacy-conscious digital ecosystem, one that aligns strongly with India’s DPDP standards.
A New Defence Against “Digital Arrest” Scams
Beyond data privacy, Google also revealed that it is piloting a new safety feature designed to combat the fast-growing menace of digital arrest scams. These scams, which have spread rapidly in India, involve fraudsters impersonating law enforcement agencies, coercing victims with fake video calls, forged documents, or falsified arrest warrants. Victims are often terrorised into transferring large sums of money under the pretext of avoiding immediate arrest.
Google’s proposed feature uses real-time threat detection and AI-powered behavioural signals to identify when a user may be interacting with a suspicious caller or fraudulent website. If detected, the device triggers a visible warning and suggests a safe course of action.
The company said it plans to expand this pilot in collaboration with cybersecurity experts once initial tests are completed.
Stronger Partnerships with Academia and Digital Safety Organisations
Google India also unveiled an expansion of its existing collaborations with IIT Madras’ Centre for Responsible AI (CeRAI) and the CyberPeace Foundation. These partnerships aim to drive more research into responsible AI adoption, cybercrime awareness, and digital safety literacy—especially for youth and vulnerable online users.
The collaboration with CeRAI focuses on developing frameworks for responsible data processing that align with the principles of the DPDP Act. Meanwhile, the expanded partnership with the CyberPeace Foundation will include nationwide workshops, digital-hygiene campaigns, and community outreach to help users detect scams, fraud attempts, and privacy risks.
Industry experts believe such collaborations are essential in a nation as digitally expansive and diverse as India, where millions of new users come online every month and remain at risk of exploitation.
DPDP Act: A New Era of User-Centric Data Governance
For India, the DPDP Act arrives at a time when global discourse on data protection, AI ethics, and digital sovereignty is intensifying. The Act gives Indian citizens greater control over how their personal information is used and introduces significant obligations for companies operating in the country.
Non-compliance could invite steep penalties, with fines going up to ₹250 crore for severe violations. Businesses are therefore under mounting pressure to adopt technologies that reduce risk while maintaining operational efficiency.
In this context, Google’s push towards PETs and anti-scam measures signals a shift toward deeper alignment with India’s policy vision. It also reflects the company’s efforts to position itself as a responsible stakeholder in a fast-evolving regulatory landscape.
Looking Ahead
As the DPDP Act transitions from theory to real-world practice, the role of technology giants like Google will continue to attract close scrutiny. With billions of data points flowing through its ecosystem every day, the company’s ability to combine innovation with accountability will play a crucial part in shaping how digital privacy evolves in India.
For now, Google’s announcement of new privacy tools, experimental anti-scam features, and expanded institutional partnerships marks a significant milestone in the country’s push toward safer, more transparent data governance. As India “drives the car” of data protection into its next chapter, the collaboration between policymakers, technologists, and civil society will determine how smooth—and how secure—the journey ahead will be.