Jain, Aditya Sushant (2025) Decoding consent managers under the Digital Personal Data Protection Act, 2023 : empowerment architecture, business models and incentive alignment. Journal of Data Protection & Privacy, 7 (4). p. 406. ISSN 2398-1687
![[thumbnail of Jain paper-Vol.7.4 JDPP (Summer 2025)[75].pdf]](https://pure.jgu.edu.in/style/images/fileicons/text.png)
Jain paper-Vol.7.4 JDPP (Summer 2025)[75].pdf - Published Version
Restricted to Repository staff only
Download (678kB) | Request a copy
Abstract
The Digital Personal Data Protection Act, 2023 (DPDP Act) represents a pivotal shift in India’s data governance framework, emphasising consent as the foundation of personal data processing. Within this landscape, consent managers emerge as critical intermediaries, addressing structural inefficiencies in data sharing, mitigating consent fatigue and enabling data portability. While earlier conceptualisations, such as Justice Srikrishna’s ‘dashboard model’, envisioned consent managers as passive facilitators of consent tracking, the Data Empowerment and Protection Architecture (DEPA) framework expands their role significantly. Under DEPA, consent managers function as intermediaries that facilitate seamless, interoperable data exchange between fiduciaries, thereby dismantling monopolistic data silos and fostering competitive innovation. Their viability, however, hinges on overcoming several economic and operational challenges, including the sustainability of business models, the resolution of the fee dilemma, and the incentivisation of fiduciary participation. This paper critically examines the consent manager ecosystem, exploring its potential to empower data principals through personalised consent management, behavioural nudges and privacy-preserving mechanisms. It further evaluates how reciprocity, cost savings and exemptions for inferred data could encourage large fiduciaries to engage in this ecosystem voluntarily. The analysis in this paper situates consent managers within the broader context of India’s Digital Public Infrastructure (DPI), arguing that their successful implementation could set a global precedent for decentralised, user-centric data governance. Achieving this requires regulatory clarity, standardised technical frameworks and robust market-driven solutions. By addressing these challenges, consent managers could serve as the keystone of India’s digital economy, balancing individual autonomy with technological innovation in an increasingly data-driven world. This paper is also included in The Business & Management Collection which can be accessed at https://hstalks.com/business/.
Item Type: | Article |
---|---|
Keywords: | consent | consent managers | data fiduciary | data principal | data privacy |
Subjects: | Social Sciences and humanities > Business, Management and Accounting > Strategy and Management Social Sciences and humanities > Business, Management and Accounting > General Management Social Sciences and humanities > Business, Management and Accounting > Management of Technology and Innovation Social Sciences and humanities > Social Sciences > Law and Legal Studies Social Sciences and humanities > Social Sciences > Public Policy |
JGU School/Centre: | Jindal Global Law School |
Depositing User: | Mr. Gautam Kumar |
Date Deposited: | 02 Jul 2025 07:19 |
Last Modified: | 02 Jul 2025 07:19 |
Official URL: | https://doi.org/10.69554/MHLP2916 |
URI: | https://pure.jgu.edu.in/id/eprint/9741 |
Downloads
Downloads per month over past year