The recent article in Storyboard18 flagged how the newly notified Digital Personal Data Protection Rules, 2025 (DPDP Rules) pose a “compliance stress test” for India’s MSMEs and startups: a structural reset demanding that even the smallest digital businesses overhaul their data operations, vendor contracts, and product workflows. The piece quotes SFLC.in founder Mishi Choudhary, highlighting that while the rules may appear simple on paper, implementing them will require significant investment, something large firms might absorb, but smaller players will struggle with. With steep penalties and strict consent, retention, audit, and breach-reporting norms, the article foregrounds SFLC.in’s perspective that compliance under DPDP represents not just regulatory burden, but a major operational challenge for early-stage firms.
Impact of New DPDP Rules for MSMEs & Startups: SFLC.in to Storyboard18
