India DPDPA + AI agents

India's Digital Personal Data Protection Act introduces consent obligations that no AI agent stack currently satisfies cleanly. The implementation guide for global enterprises operating in India.

What the DPDPA says

India's DPDPA () requires that personal data be processed only for a specific, lawful purpose, with notice and consent at the point of collection, with the right to withdraw, and with documented data principal rights (access, correction, erasure). Crucially for the agent age, DPDPA's consent regime extends to processing performed by automated systems — meaning agents acting on a human's behalf must operate within the scope of consent the human (or the data principal) provided.

The consent-chain problem

Today, an AI agent that processes user data inherits permission from a service account. There is no chain back to the data principal who consented and no record that the consent's scope is being honored. DPDPA enforcement asks for that chain.

What HATI provides

The four anchors map directly:

• Identity — the data principal is bound to a verified Manav identity. Consent records reference the DID.
• Authority — the consent itself becomes a delegation token: scope (purpose), magnitude (data fields), TTL (consent expiry), revocation endpoint (withdrawal).
• Action — every agent processing the data carries the consent token in its delegation chain.
• Audit — the tamper-evident log shows what was processed, by which agent, under which consent, on which date.

Cross-border

The DPDPA permits cross-border data transfer to notified countries; this creates an obligation to demonstrate lawful basis at the destination. Manav's portable identity and consent-chain architecture means a data principal's consent is verifiable anywhere — the destination jurisdiction does not need to phone India to confirm scope.

The 60-day implementation

• Weeks 1–2: map every AI agent that touches data of an Indian data principal.
• Weeks 3–4: issue consent-as-delegation tokens at the point of collection. Wire withdrawal to the revocation endpoint.
• Weeks 5–6: enforce scope at every agent action. Reject calls that exceed the consent's purpose or magnitude.
• Weeks 7–8: tabletop a withdrawal — full chain stops within the SLA. Document for the Data Protection Board.

Why this matters globally

India is the second-largest software market by developer population and the largest by AI adoption rate among knowledge workers. Any global enterprise's AI footprint touches India. DPDPA enforcement begins shaping vendor selection criteria across the Indian market through the last few years. Building consent-chain compliance once, on a HATI architecture, satisfies India and several adjacent regimes simultaneously.

Common objections

Compliance teams push back with two reasonable concerns. Vendor lock-in — answered by the open-source protocol and forkable reference implementation. Audit acceptance — answered by the major auditors that have already approved the audit-trail format for SOC 2 evidence and the regulators who have reviewed the Article 14 mapping.

Frequently asked questions

What is the penalty exposure if we ignore this? Material. EU AI Act Article 14 caps fines at 7% of global revenue or €35M, whichever is higher. SOC 2 audit failures jeopardize enterprise procurement. The cost of the audit-trail layer is small relative to either.

Do we need to be in the EU for this to matter? No. Article 14 applies to any AI system placed on the EU market, including non-EU vendors selling into the EU. Most US enterprises with European customers are in scope. The same controls satisfy emerging US sectoral rules and India's DPDPA.

How long does compliance take to set up? Two weeks for an instrumented stack. Most of the work is auditing the existing agent surface — what agents run, what they touch, who authorized them — not deploying the identity layer. The protocol integrates in twelve lines; the policy work takes longer.

Where to start

Pair this with ai act article 14 playbook for the cross-jurisdictional view and ciso compliance stack for the audit artifact your auditors expect to see. Most compliance projects we have seen succeed by reading those three together before scoping anything.

What the DPDPA says about AI specifically

India's Digital Personal Data Protection Act does not name AI in its primary text, which has misled some commentators into reading the act as silent on automated processing. It is not. The act's definition of "data fiduciary" places liability on whoever determines the purpose and means of processing, regardless of whether the processing is conducted by a human or by an automated system. An agent acting on behalf of a fiduciary makes the fiduciary, not the agent vendor, liable for processing decisions. The compliance shape that follows is the same shape every other major regime is converging on: the fiduciary needs evidence of who authorized what, when, with what scope. The DPDPA enforcement reads we have seen so far penalize fiduciaries who cannot produce that evidence; they do not penalize fiduciaries who produce a Manav-grade chain. The act is silent on the implementation; the enforcement is loud on the artifact.

Consent without a chain is theater. The chain is what makes it law.