Hammurabi & Solomon Partners

On 8 May 2025 the Reserve Bank of India issued the Reserve Bank of India (Digital Lending) Directions, 2025,  a single rule-book that repeals and folds into itself every digital-lending circular since 2022, including the default-loss-guarantee (DLG) FAQ and the outsourcing norms for Lending Service Providers (LSPs). By unifying the regime, the RBI seeks to eliminate overlaps in definitions, tighten accountability and rebuild borrower confidence. This endeavour addresses the concerns arising from a series of mis-selling and data-privacy/digital scandals. Based on the recommendations of working group on digital lending, RBI has attempted to consolidate the existing regulations/instructions while incorporating few new measures such as LSP’s partnering with multiple regulated entities (RE’s) and creating a directory of digital lending app for credibility and public awareness.  Addressing the concerns of   unbridled engagement of third parties, breach of data privacy, unfair business conduct, charging of exorbitant interest rates, unethical recovery practices, the directions are aimed at enhancement of accountability and customer trust.  The said directions came into forced on 8th May, 2025 itself, whereas the multi-lender LSP arrangements and Digital Lending Apps shall come into force on 1st November, 2025 and 15th June, 2025 respectively. Wider Perimeter and demarcated Roles:  The Directions apply to all commercial banks, co-operative banks, NBFCs (including HFCs) and All-India Financial Institutions whenever they use a digital channel, whether their own or that of an LSP. “Digital lending,” “DLA” (digital-lending app), “LSP” and “DLG” now carry harmonized definitions, while a new category, multi-lender LSP arrangements, brings aggregator platforms explicitly inside the supervisory net. The terminology of ‘Digital Lending Apps/Platforms (DLAs)’ has been provided an exhaustive definition covering under its ambit all such mobile and/or web based applications with user interface facilitating digital lending services. Furthermore, Lending Service Provider (LSP) covers under its ambit an agent of RE as well, thereby furthering the scope of accountability and applicability.  The inclusive definitions are well received by the industry stakeholders, minimizing the scope of interpretation and subsequent confusion. Stricter Due Diligence of Lending Service Providers (LSPs):  Before outsourcing any part of the credit life-cycle, regulated entities (REs) must maintain a live register of all LSPs, assess each provider’s technical strength, data-protection posture and past conduct, and repeat the fit-and-proper test annually. Contracts must spell out roles, recovery conduct and audit rights; the RE remains “fully responsible and liable” for every act of its agent. The directions have further explicitly laid down that any such outsourcing agreement executed between RE with and LSP shall not immune the RE of its statutory and regulatory duties. In case where LSP has agreements with multiple RE’s for digital lending, LSP has to provide a digital view of the loan offers matching the borrower’s request, further the details of unmatched lenders shall also be disclosed. A consistent approach for similarly placed borrowers shall also be complied with and any such mechanism adopted shall be properly documented to ensure fairness and transparency. Any such usage of dark patterns/deceptive measures to misguide and mislead borrowers into opting of a particular loan offer is strictly prohibited. However, data depicting ranks of loan offers based on pre-disclosed metric available on public platform shall not be construed as promotion of a particular product. Customer-Protection Upgrades and Transparency: Borrowers receive a digitally signed Key Fact Statement showing the Annual Percentage Rate, all fees and a minimum cooling-off window (one day for very short loans, three days for tenors above a week) during which they may exit by paying only proportionate interest and a disclosed processing fee. Disbursal must flow straight to the borrower’s account and repayments straight back to the RE, blocking any LSP pass-through except for recovery of delinquent loans. Nodal grievance officers of both RE and LSP must be named on every DLA, with links to RBI’s Central Management System (CMS)  and Sachet portals. Further, in case of loan defaults, the borrower must be apprised in advance in case any recovery agent is authorized to approach the borrower in advance through email/SMS. Additionally, the borrower shall be provided with an opportunity to exit the digital loan by ensuing the payment to the principal and the proportionate Annual Percentage Range (APR) without any penalty during an initial cooling off period, as prescribed in the loan policy. However, even if the customer is willing to exit during the cooling off period, on –time processing fee may be retained by the RE subject to the fact that the same must be disclosed in KFS. Technology and Data Requirement: The directions have laid down the mandatory procedure of seeking consent from the borrowers before collecting any data by their DLA/LSP, however further recommending to desist from seeking any mobile phone resources such as media/contact list/call logs. Further, the borrower shall be well apprised of the purpose before obtaining their consent and in case of subsequent dissemination of personal information shall be subject to borrower’s explicit consent again. The RE is further mandated to ensure that LSP engaged with them do not indulge in storage of any data except for the basic minimal data. Any usage/storage of biometrics shall be done in accordance of the applicable statutory guidelines. The directions have further made it mandatory for the RE and LSP’s to have a comprehensive privacy policy and details of any third party employed to collect personal information through DLA to be disclosed in the policy and that such policy shall be made publicly available on the website of RE and LSP to ensure informed consent, accountability and transparency. Reporting of Credit Information and DLA’s:  In compliance with the Credit Information Companies (CIC) (Regulation) Act, 2005 and related rules and regulations, the RE is obligated to report it to CCI’s any such lending done through their DLA’s and DLA’s of LSP’s. Further, any such extension of the structured digital lending products by RE involving short term/unsecure/secured credits or deferred payments, needs to be reported to CCI’s too by the RE. One of the most significant and largely hailed provision is that of the mandate imposed upon the RE to ensure reporting of all DLAs deployed/ joined by them on the Centralized Information Management System (CIMS) portal of RBI in the requisite format provide[1]. The said information needs to be updated from time to time and further the Chief Compliance Officer of the RE/ other designated official by the Board of RE shall certify that the data submitted on the CIMS portal is correct. Further, the RBI shall not be responsible for verifying or validating the date submitted on CIMS, and any such concerns or grievances concerning DLA’s shall be dealt with by the RE directly. It is further clarified that any such inclusion of third party DLA’s deployed by RE as a part of such reporting, shall not be construed by the DLAs /entity that it’s conferring any registration, authorization or endorsement by the RBI.  These provisions have amplified the extent of liability and accountability that falls on the RE and its related entities with a larger objective of securing the borrowers interest and trust. Loss sharing arrangement in case of default: Through the said directions , it has been further explicitly clarified that RE can enter into DLG arrangements only with a LSP/other RE engaged as LSP and that such LSP providing DLG shall be incorporated as   a Company under the Companies Act. In addition to the RE-LSP arrangement enumerated the said directions, the accountability is fastened upon the RE to conduct a through due-diligence concerning DLG provider, such as eligibility criteria of DLG provider, nature and extent of DLG cover, process of monitoring and reviewing the DLG arrangement among others. The directions further specifies the restrictions imposed on DLG arrangements, structure of DLG arrangements, forms of DLG, treatment of DLG for regulatory capital and disclosure requirements, wherein the RE has to ensure the compliance with the said directions. Effective Dates and Compliance Window:  All provisions except two took effect immediately on 8 May. The DLA directory requirement (para 17 on Reporting of DLAs to RBI) activates 15 June 2025, and the multi-lender rules (para 6 on RE-LSP arrangements involving multiple lenders) activate 1 November 2025. REs therefore have a six-month runway to cleanse outsourcing contracts, remodel systems to generate uniform KFS/APR disclosures and restructure any DLG that breaches the new cap. Summary of Key Features: a. The ambit and applicability of these directions have been diversified, fastening its applicability on all such regulated entities involved in the process of digital lending, to ensure the ethics and values governing the digital lending landscape are upheld in letter and spirit. b. The accountability on RE has been amplified wherein any such subsequent contractual agreements involved in the digital lending process shall be backed by through due diligence, compliance of statutory and regulatory standards and consistent monitoring of loan portfolios. c. The transparency aspect has been further widened wherein the borrowers shall have access to exclusive Key Fact Statement (KFS) ensuring clear loan terms, disclosures and repayment obligations. d. The cooling off period further upholds the borrower’s right to exit the loan without any penalties subject to clear disclosures and one-time processing fee, if applicable. e. The collection of any necessary data collected from borrowers are in  strict  compliance of the DPDP Act, 2023 wherein informed consent of the borrowers plays a key factor, however with an exclusive right to the borrower to revoke the consent. Any such data collected shall be stored within Indian Jurisdiction and in case of any external processing of data, the same shall be deleted within 24 hours. Hence, strict adherence to existing data protections laws and regulations have been imposed upon the RE’s and its related LSP’s. f. The direction of mandatory reporting to of all DLA’s to RBI in a time bound manner is a key feature, ensuring that no such third party DLA’s shall misrepresent their association/authorization from RBI and the accountability to ensure the same falls on RE. g. The present directions are in addition to the existing regulatory and statutory norms and RE shall ensure compliance of all such applicable laws. However, the former circulars/guidelines issued by RBI on Digital Lending stands repealed. h. The regulation of multi-lender arrangements with strict deterrence to any such attempt on part of LSP to deceit the borrowers is a hailed and welcomed step, ensuring borrower friendly digital lending landscape aligning with the principle of dei sunt clietes (customer is king). i. The concept of public directory of DLA’s ensuring every RE to upload related details on CIMS portal further assist consumers distinguish legitimate apps from frauds. Conclusion: By formalizing first-loss guarantees, increasing transparency requirements for loan aggregators, and granting borrowers the right to exit early, the Directions impose a manageable compliance burden in exchange for clearer risk distribution and enhanced reputational benefits. Fintech LSPs lacking strong capital backing or operational transparency may be driven toward consolidation, while well-regulated platforms are better positioned to scale within a structured and consumer-trust-centric framework. Overall, these Directions are a positive development, reinforcing the principle of caveat emptor and promoting greater economic stability and integrity in India’s digital lending ecosystem.   Authored by Mr. Jyoti Kumar Chaudhary, Senior Partner and Ms. Pranshu Singh, Senior Associate. [1] Such reporting on CIMS shall be completed by 15th June, 2025 in a time bound manner.

In a significant and far-reaching pronouncement, the Hon’ble Supreme Court of India has rendered a watershed judgment under the aegis of the Insolvency and Bankruptcy Code, 2016 (“IBC”), which is poised to operate as a binding judicial precedent in the regime of corporate insolvency resolution processes. In the matter of Kalyani Transco v. Bhushan Power & Steel Ltd., the Apex Court exercised its plenary jurisdiction to implement literal interpretation of statute and accordingly, set aside the Resolution Plan submitted by JSW Steel, which had earlier received approvals from both the Hon’ble National Company Law Tribunal (NCLT) and the Hon’ble National Company Law Appellate Tribunal (NCLAT), and direct for initiation of liquidation proceedings against Corporate Debtor. The Hon’ble Court, while delivering its landmark verdict, found the resolution process adopted by the Committee of Creditors (CoC) and the Resolution Professional to be tainted with procedural irregularities, non-compliance with the mandatory provisions of the IBC, and a blatant abuse of the process of law at every stage of the Corporate Insolvency Resolution Proceedings (CIRP). The judicial scrutiny extended by the Supreme Court in this matter exposes critical lapses, reinforces the sanctity of statutory compliance under the IBC regime, and sets forth a cautionary framework for all stakeholders involved in the resolution process including Resolution Professionals, CoC, Adjudicating Authorities, as well as Appellate Authority. This judgment is not merely corrective but also reformative, providing much-needed jurisprudential clarity on the scope and limits of discretion vested in the CoC and the contours of judicial oversight under the IBC. The key issues deliberated by the Hon’ble Supreme Court in the instant case are highlighted as follows. Strict adherence to the timeline stipulated under Section 12 of the IBC: The Hon’ble Supreme Court has firmly reiterated that one of the primary objectives underlying the enactment of the IBC is the completion of the CIRP process within a strict timeframe. This legislative intent is expressly codified under Section 12 of the IBC, which stipulates a mandatory limit of 330 days for the conclusion of the CIRP, inclusive of any extensions granted and the time consumed in legal proceedings. The Supreme Court reiterated that the said provision is of a mandatory nature and does not permit indefinite or repeated extensions, so as to avoid any protracted or dilatory insolvency proceedings. The Hon’ble Supreme Court further cautioned that where the CIRP cannot be completed within the statutory timeframe, and if further delay threatens to frustrate the objectives of the Code, then the Corporate Debtor ought to be directed towards liquidation. The Code thus mandates a swift, structured, and outcome-oriented insolvency framework, wherein delay is treated as anathema to the resolution process. Mandatory requirement under Section 29 A of IBC The Apex Court has categorically held that there exists a statutory obligation upon the Resolution Applicant to make full and proper disclosure regarding their eligibility under Section 29A of the IBC. This obligation is not merely procedural but goes to the root of the insolvency resolution process, as ineligible applicants are barred from participating in the CIRP process. In terms of Section 30(1) of the IBC read with Regulation 39(1) of the CIRP Regulations, 2016, it is mandatory for every Resolution Applicant to submit, along with the Resolution Plan, an affidavit affirming compliance and eligibility under Section 29A. Thereafter, Section 30(2) casts a legal obligation upon the Resolution Professional (RP) to verify the eligibility of the Resolution Applicant and ensure that the Resolution Plan is in compliance with the provisions of the IBC and other applicable laws before it is placed before the CoC for consideration. Furthermore, under Regulation 39(4) of the CIRP Regulations, when the approved Resolution Plan is submitted before the Adjudicating Authority, the Resolution Professional is duty-bound to file a compliance certificate confirming that the plan satisfies all requirements under the Code and the CIRP Regulations. The Apex Court has emphasized that the question of eligibility or ineligibility under Section 29A being foundational in nature, it is incumbent upon the Resolution Professional to exercise independent scrutiny and verification of the affidavit filed by the Resolution Applicant. Failure on the part of the Resolution Professional to discharge this critical function may result in ineligible persons gaining entry into the CIRP, thereby compromising the integrity, transparency, and legality of the entire resolution process. Resolution Plan must be unconditional and enforceable post its approval: The Apex Court has unequivocally held that once a Resolution Plan is approved by the Adjudicating Authority, such a plan must be unconditional, legally binding, and capable of immediate enforcement. The Resolution Plan, upon approval by the NCLT, acquires the force of law and binds all stakeholders, including the corporate debtor, creditors, and the Successful Resolution Applicant. It is held that any Resolution Plan that remains contingent upon future events such as receipt of statutory approvals, changes in law, or prospective exemptions ought to be treated as inherently defective. It was further clarified that permitting such conditional plans would undermine the certainty and finality envisaged under the IBC, and potentially derail the objective of time-bound insolvency resolution. The Court held that although the IBC does not explicitly codify the mechanism for implementation of an approved Resolution Plan, neither the Adjudicating Authority nor Appellate Tribunal should extend excessive leeway to the Successful Resolution Applicant for implementation of approved Resolution Plan. The Court emphasized that allowing resolution applicants to act in disregard of the approved Plan would amount to frustrating the legislative intent of the IBC, which is predicated on speed, finality, and revival of the corporate debtor. Thus, strict adherence to the implementation timeline and obligations under the Plan is imperative to uphold the integrity and sanctity of the insolvency process. Judicial Scrutiny of Commercial Wisdom of CoC: The Hon’ble Supreme Court has clearly held that the CoC, while exercising its commercial wisdom under the IBC, is required to act within the framework of statutory obligations and with due diligence. The CoC must ensure that its decision is based on the commercial interest of reviving the Corporate Debtor and achieving the objective of value maximization of its assets/value. It is also obligated to strictly adhere to the timeline of 330 days prescribed under Section 12 of the Code for the completion of the CIRP. Additionally, the CoC must verify that the Resolution Applicant is eligible in terms of the statutory requirements and that the resolution plan is feasible, viable, and contains proper provisions for its implementation. It must also ensure that the Resolution Applicant has the capacity to implement the plan within a time-bound manner. The Court held that if such mandatory requirements are not complied with and the CoC nonetheless approves such a resolution plan, it cannot be said that the CoC has rightly exercised its commercial wisdom. In such cases, the decision of the CoC is open to judicial scrutiny. Scope of the word “Any Person Aggrieved” as provided under Section 61 of IBC: The Hon’ble Supreme Court, while interpreting the expression “any person aggrieved” under Section 61 of the IBC, has held that the said expression is not to be construed in a restrictive manner so as to include only those parties who were directly before the Adjudicating Authority, i.e., the NCLT or NCLAT. Rather, once the CIRP is triggered, the proceedings assume the character of proceedings in rem, thereby extending their impact to a broader class of stakeholders beyond the individual applicant or the corporate debtor. In this context, the Hon’ble Court has elucidated that the CIRP proceedings are inherently collective in nature, encompassing all financial and operational creditors, as well as former directors and officers of the corporate debtor. Therefore, the phrase “any person aggrieved” includes all those individuals or entities who have sustained a direct legal injury, or whose rights or interests have been materially prejudiced by the order under challenge. Additionally, the Apex Court underscored the significance of Section 61(3) of the IBC, which delineates the specific and narrow grounds on which an appeal can be preferred before the NCLAT against an order of the NCLT approving a resolution plan. In this regard, the Court reaffirmed that an appeal under this provision shall lie only upon showing that the resolution plan sanctioned by the NCLT is either in contravention of the provisions of the IBC or its allied regulations, or that the process of approval has not adhered to the due procedure established under law. Powers of Adjudicating Authority of Judicial Review over the decision of Statutory Authority under PMLA: The Apex Court has unequivocally held that NCLT and NCLAT are constituted under Sections 408 and 410 of the Companies Act, 2013, and derive their powers under the provisions of IBC. Pertinently, NCLT exercises powers under Sections 31 and 60 of the IBC, whereas the NCLAT is confined to the appellate jurisdiction conferred under Section 61 of the IBC. It has been categorically held that neither the NCLT nor the NCLAT is vested with the jurisdiction to exercise the power of judicial review over administrative or executive actions undertaken by the Government or any Statutory Authority, especially in matters falling within the ambit of public law. The adjudicatory authority under the IBC is not competent to examine or adjudicate upon decisions taken under distinct statutory regimes such as the Prevention of Money Laundering Act, 2002 (PMLA), which are governed by their own institutional mechanisms and judicial hierarchies. Further, it has been reaffirmed that a Corporate Debtor cannot circumvent the statutory framework and approach the NCLT to challenge action of statutory authority, which fall outside the purview of the IBC, particularly those entrenched in the domain of public law. Any such grievance must be agitated before the appropriate constitutional forum vested with the power of judicial review, and not before the NCLT or NCLAT, which lack such jurisdiction by design and legislative intent. Conclusion: The present ruling of the Hon’ble Supreme Court has decisively reinforced the foundational principles of IBC, by upholding procedural discipline, statutory compliance, and institutional accountability in the conduct of the CIRP process. The judgment sends a clear message that procedural irregularities, non-compliance with mandatory legal provisions, and abuse of process whether by Resolution Applicants, Resolution Professionals, or the CoC will not be condoned under the guise of commercial wisdom or judicial deference. This authoritative pronouncement has highlighted the key legal positions including the non-negotiable timeline for CIRP under Section 12, the mandatory verification eligibility of under Section 29A, the requirement for unconditional and compliant Resolution Plans, and the limited jurisdiction of NCLT and NCLAT in matters falling outside the scope of the IBC. It has also reaffirmed that the expression “any person aggrieved” under Section 61 must be interpreted in a purposive and inclusive manner. This Judgment not only rectifies the flawed approval of the Resolution Plan in the case at hand but also sets binding parameters for all future insolvency proceedings. It affirms that while commercial wisdom of the CoC enjoys primacy, such discretion must be exercised within the boundaries of legality, reasonableness, and due process. As such, this verdict stands as a critical precedent ensuring that the objectives of the IBC are fulfilled through transparent, time-bound, and lawful resolution processes that preserve both the letter and spirit of the IBC.   Authored by Mr. Jyoti Kumar Chaudhary, Senior Partner and Mr. Jatin Chadda, Associate

“AI will be the best or worst thing ever for humanity.” - Elon Musk Just weeks ago, Geoffrey Hinton, widely regarded as the 'Godfather of Artificial Intelligence,' expressed his agreement with Elon Musk’s concerns and estimated that there is a 10 to 20 percent risk of AI eventually taking control away from humans. It is no surprise that Artificial Intelligence (AI) is advancing at a scorching pace and transforming the way businesses and industries operate is nothing short of phenomenal. Different organizations are deploying AI models in different ways to refine internal operations and upgrade offerings, sparking new waves of innovation. For instance, in transportation, AI is enabling self-driving vehicles, optimizing logistics and improving traffic management. In the manufacturing sector, AI is enhancing quality control, predictive maintenance and process automation. The retail sector is using AI for personalized marketing, inventory management and customer behavior analysis. In agriculture sector in India, AI is assisting with crop monitoring, precision farming and pest detection. In healthcare sector, AI is being utilized for diagnostics, imaging analysis, disease prediction and treatment recommendations. The National Cloud Initiative by National Informatics Center in India is providing different citizen centric services using AI technology. In the legal profession too, AI powered tools are assisting the lawyers in legal research, contract analysis and automating routine tasks, thereby boosting lawyers’ productivity. Even in the fast-paced world of M&A, AI-powered tools are being used by legal professionals to carry out due diligence of documents with unprecedented speed and accuracy. Supreme Court of India is using an AI tool ‘SUVAS’ to translate judgments from English language into different vernacular languages and as per an estimate of August 2024, around 36000 judgments have been translated into Hindi language. Other High Courts, such as Delhi High Court and Bombay High Court are also using AI tools to translate judgments into Hindi and Marathi, respectively. Yet, the expansive use of AI comes hand-in-hand with substantial responsibilities and emerging regulatory concerns. These AI tools gather information from online sources or existing literature on a specific topic and instantly generate content. The growing use of AI in content generation has sparked critical concerns around copyright, especially where such tools reproduce, adapt, or summarize copyrighted material without proper authorization. Must it be so? To address these challenges, it is imperative to assess whether India’s existing IP laws are adequately equipped to regulate the complexities introduced by generative AI models, or whether there is an urgent need for new, dedicated legislation to ensure that AI continues to serve as a catalyst for innovation rather than a threat to creators’ rights and interests. INTERPLAY BETWEEN AI AND INTELLECTUAL PROPERTY ​Arguably, in the absence of copyright laws in many countries specifically incorporating AI-focused provisions, courts around the world are increasingly witnessing a surge in cases where copyright owners allege that AI models infringe their rights, either by being trained on copyrighted works or by generating outputs that themselves constitute copyright infringement. As a result, courts are grappling with complex issues such as: (i) Who bears responsibility for infringement of third-party rights—is it the AI developer, the user who created the output, or the entity that trained the model? (ii) How can a balance be struck between protecting existing IP rights without hampering AI-driven innovation? and (iii) Whether AI-generated content can fall within the ambit of ‘fair use’ under copyright laws. Further, considering that both copyright and patent laws require the author or inventor to be a human being and that the work or invention must contain a sufficient degree of intellectual creativity or novelty, another critical question arises: whose copyright is actually being infringed when a generative AI tool creates entirely new content or works, whether in the form of images or text? While India has not yet introduced a dedicated regulatory framework that directly governs the development, deployment and utilization of AI models (akin to the EU Artificial Intelligence Act), the current laws pertaining to IP, data protection, IT and consumer protection are being considered to be adequate in regulating and managing certain aspects of AI technology. The central government is of the view that the existing copyright laws are well equipped to protect AI-created works. Additionally, the proposed Digital India Act is expected to address the gaps in the Information Technology Act, 2000 and provide a comprehensive legal framework that balances the need for innovation with principles of accountability. In India, this issue has come to the forefront with a recent legal dispute in the case of ANI Media Pvt. Ltd. vs. OpenAI OPCO LLC (CS (Comm) No. 1028/2024). ANI, a prominent Indian news agency, has filed a copyright infringement case against OpenAI, claiming that the OpenAI used its news content without authorization to train its large-language model (LLMs), ChatGPT. ANI contends that even though its news articles were publicly accessible online, OpenAI had no right to use them for commercial purposes or to generate responses from its proprietary content. OpenAI, however, has opposed these claims, arguing that its technology does not replicate specific articles but generates responses by analyzing linguistic patterns across publicly available datasets, therefore, not requiring prior permission. The case has garnered wider attention, with stakeholders from the music industry and book publishing sector also raising concerns about OpenAI’s use of copyrighted works in training its models. The outcome of the ANI Media case is expected to be a landmark ruling that could shape the future legal framework governing the development and deployment of AI in India. It may ultimately determine if current laws are sufficient to address AI related issues or if specific legislative reforms are needed to regulate the use of AI technologies more effectively. DATA PRIVACY Another pressing issue is the extent to which AI platforms are deploying safeguards when collecting, processing and utilizing personal data—an area that raises significant concerns under data privacy laws across various jurisdictions. The concerns include: (i) the use of compromised or unlawfully obtained data (such as information sourced from data breaches); (ii) unlawful sharing of personal data with third parties; (iii) cross-border data transfers that may contravene data protection regulations; (iv) processing personal data without obtaining the informed consent of the data principal; and (v) the failure to implement adequate legal and technical safeguards to ensure data confidentiality and security. In India, the Digital Personal Data Protection Act, 2023 (DPDP Act) aims to regulate the processing and storage of personal data, the manner of obtaining prior consent from data principals and the intended use of such data. However, the Act does not specifically address the challenges posed by AI. Justifiably, stakeholders developing AI platforms, in their capacity as data fiduciaries, ought to comply with the provisions of the DPDP Act and fulfil the legal obligations prescribed therein while processing personal data. The DPDP Act stipulates that a data fiduciary must provide a notice to the data principal, informing them of the nature of the personal data being collected, the purposes for which it will be processed, the procedure for withdrawal of consent, and other rights available to the data principal under the Act. Notably, while the DPDP Act introduces data localization requirements by restricting certain categories of personal data to India, it does not adequately address issues arising from the use of large-language models hosted or deployed abroad, thereby leaving significant gaps in cross-border data protection. No wonder, India’s data protection regime is still at a nascent stage and that there is currently no dedicated sectoral regulator or a comprehensive AI-specific legislation, numerous challenges are likely to emerge in tackling legal issues involving AI. EVOLVING GLOBAL FRAMEWORKS FOR REGULATION OF AI Several countries have taken proactive steps to regulate AI, offering valuable insights for India. Different international jurisdictions are adopting varied approaches to AI governance. For instance, rather than enacting specific legislation, countries such as Singapore, Japan, the United Kingdom, and Australia are focusing on providing industry guidance aligned with the OECD principles. In contrast, some jurisdictions are actively working towards formal legislation to regulate AI. For example, Canada, through its proposed Artificial Intelligence and Data Act, and the European Union, through its Artificial Intelligence Act, 2021, seek to regulate AI based on a risk-based classification system, ranging from minimal to unacceptable risk, with stringent compliance requirements for high-risk AI applications. Notably, China has implemented the world’s first regulations specifically targeting generative AI. In the United States, a risk-based approach is also being followed, with multiple regulatory frameworks under discussion to address various aspects of AI at both the federal and state levels. PARTING THOUGHTS As the global AI landscape continues to evolve, fueled by significant technological advancements and its growing adoption by both public and private sectors, the idea, rightly, is to establish a robust legal framework that addresses the legal, ethical, and security challenges posed by AI. It is time that law adapts swiftly to keep pace with rapid technological revolution driven by GenAI ensuring that while sufficient protection is afforded to copyrighted works, innovation is not unduly stifled. To this end, a carefully calibrated approach is essential—one that fosters the development of transparent and accountable AI practices while recognizing that the benefits of AI far outweigh the challenges it presents. By Mr. Sumit Jay Malhotra, Partner Designate and Ms. Nishi Rathore, Associate

Insolvency and Bankruptcy Code, 2016 (IBC), and the Prevention of Money Laundering Act, 2002 (PMLA), address different issues and were created for distinct purposes. PMLA was implemented to address the criminal act of legitimizing income or profits derived from illegal activities. It aims to curb money laundering, combat the diversion of funds into illegal activities, and confiscate property linked to money laundering. It also establishes penalties for offenders and sets up an adjudicating authority and appellate tribunal to handle related matters. IBC was enacted to simplify the existing legal framework and establish an effective system for debt recovery. It introduces a structured institutional setup and a two-step procedure for corporate insolvency. IBC aims to simplify and unify the legal framework for insolvency and bankruptcy, replacing complex processes with a more efficient mechanism for recovering dues from both corporate and non-corporate debtors. The Insolvency and Bankruptcy Board of India (IBBI) has played a vital role in raising awareness and regulating the process. The IBC's strength lies in its well-structured institutional framework, which includes the IBBI, insolvency professionals, information utilities, and adjudicatory bodies like the National Company Law Tribunal (NCLT) and National Company Law Appellate Tribunal (NCLAT). It ensures timely, formal resolution of insolvency cases while promoting corporate governance. The Code outlines a two-step process for corporate debtors with a minimum default of Rs. 1,00,00,000: the Insolvency Resolution Process (Sections 6-32), where creditors assess the feasibility of business revival, and Liquidation (Sections 33-54), where assets are distributed among creditors if revival is not possible. Both the PMLA and IBC are specialized laws that include non-obstante clauses (PMLA under Section 71 and IBC under Section 238), which ensure that the provisions of these statutes take precedence over any other conflicting laws. In cases where there is a conflict between two statutes containing non-obstante clauses, the year of enactment of each statute is an important consideration as held by the Hon’ble Delhi High Court in Rajiv Chakraborty Resolution Professional of EIEL v. Directorate of Enforcement which clearly states that: “103. While there can be no doubt that where two special statutes incorporate non obstante clauses it is the later enactment which would ordinarily or normally prevail, the same cannot possibly be recognised as constituting the solitary principle of interpretation which would apply or an inviolable rule. It must be fundamentally borne in mind that a non obstante clause in any statute is looked at principally in case of an asserted irreconcilable conflict between statutes. However, that does not preclude courts from identifying or discerning the core objectives of the competing statutes. This would be manifest from the following pertinent observations that were made by the Supreme Court in Maruti Udyog Vs. Ram Lal- The said Act contains a non obstante clause. It is well settled that when both statutes containing non obstante clauses are special statutes, an endeavour should be made to give effect to both of them. In case of conflict, the later shall prevail…..” However, this rule isn't universally applicable, and other factors such as the purpose and intent of the statute must also be taken into account when resolving such conflicts.  Therefore, the resolution of conflicts between the provisions of the IBC and PMLA cannot be determined solely by the year in which these laws were introduced. Below are a few cases that highlight the conflict between the IBC and PMLA: NCLAT Mumbai, in the matter of Varrsana Ispat Limited Vs. Deputy Director, Directorate of Enforcement, observed that PMLA addresses the proceeds of crime and the offense of money laundering, which leads to the seizure of property linked to or involved in money laundering. As a result, it was concluded that Section 14 of the IBC does not apply to such cases. The NCLAT further pointed out that the punishment for money laundering, which includes a minimum of three years of rigorous imprisonment, applies to individuals such as former directors and shareholders of the corporate debtor, who cannot seek protection under Section 14 of the IBC. Additionally, the NCLAT noted that the attachments occurred before the initiation of the Corporate Insolvency Resolution Process (CIRP), meaning the Resolution Professional cannot benefit from Section 14. It was also highlighted that the PMLA and the IBC are distinct legal frameworks that do not override each other, leading to the rejection of the appeal. NCLAT Mumbai took a similar view in the matter of Rotomac Global Private Limited vs. Deputy Director, wherein the Hon’ble Tribunal observed that that the provisions of Section 14 of the IBC, which imposes a moratorium on legal actions against a corporate debtor during the Corporate Insolvency Resolution Process (CIRP), do not extend to proceedings under the PMLA. The Tribunal explained that the PMLA focuses on penal measures related to money laundering, while the IBC deals with corporate insolvency, meaning the two laws function in distinct areas. Additionally, the Tribunal clarified that penalties under the PMLA, including a minimum of three years imprisonment, apply to individuals such as former directors and shareholders of the corporate debtor, rather than the corporate entity itself. These individuals are not shielded by Section 14 of the IBC and cannot use the corporate insolvency process to evade or postpone punitive actions under the PMLA. Additionally, the Tribunal highlighted that the Directorate of Enforcement's attachments under the PMLA were made prior to the initiation of the CIRP, reinforcing the non-applicability of Section 14 to such proceedings. The appeal was ultimately dismissed, aligning with the judgment in Varrsana Ispat Limited, which affirmed that the provisions of the PMLA and IBC can proceed concurrently without one overriding the other. Although a different view has been taken by NCLAT Mumbai in the matter of The Directorate of Enforcement Vs Manoj Kumar Agarwal & Ors, wherein the Hon’ble Tribunal held: “42. In our view, there is no conflict between PMLA and IBC and even if a property has been attached in the PMLA which is 11 belonging to the Corporate Debtor, if CIRP is initiated, the property should become available to fulfil objects of IBC till a resolution takes place or sale of liquidation asset occurs in terms of Section 32A.” A similar view has been taken by the NCLAT New Delhi in Kiran Shah, RP of KSL and Industries Ltd. Vs. Enforcement Directorate, Kolkata, wherein the Hon’ble Tribunal held that the Adjudicating Authority (NCLT) lacks the jurisdiction to handle issues that fall under the authority of another body, such as those governed by the PMLA. Further in the matter of Nitin Jain, Liquidator, PSL Limited Vs Enforcement Directorate, the Hon’ble Delhi High Court held that: “102. Accordingly, and for all the aforesaid reasons, this writ petition shall stand allowed in the following terms. The Liquidator is held entitled in law to proceed further with the liquidation process in accordance with the provisions of the IBC. The respondent shall hereby stand restrained from taking any further action, coercive or otherwise, against the liquidation estate of the corporate debtor or the corpus gathered by the Liquidator in terms of the sale of liquidation assets as approved by the Adjudicating Authority under the IBC. The Court grants liberty to the petitioner to move the Adjudicating Authority for release of the amounts presently held in escrow in terms of the interim order passed in these proceedings.” Further, the Hon’ble Delhi High Court in Rajiv Chakraborty Resolution Professional of EIEL v. Directorate of Enforcement held that: “101…………..” The aforesaid discussion leads the Court to conclude that the provisional attachment of properties would in any case not violate the primary objectives of Section 14 of the IBC.’’ In conclusion, the issue at hand revolves around the potential conflict between the provisions of the PMLA and the IBC both of which have non-obstante clauses that could give rise to jurisdictional overlaps. PMLA focuses on the prevention of money laundering and the attachment of assets linked to criminal activities, while the IBC seeks to resolve insolvency and facilitate debt recovery. Courts have generally taken the stance that there is no inherent conflict between these laws. In cases where assets are attached under PMLA, the judiciary has upheld that such assets may still be available for resolution or liquidation under the IBC, provided the due process is followed. However, certain rulings, such as those from the Delhi High Court, have emphasized that the adjudicating authority under IBC cannot interfere with matters under the jurisdiction of PMLA authorities. Moving forward, a clearer framework or legislative clarification might be needed to streamline the interaction between these two laws, ensuring that both the objectives of combating money laundering and resolving insolvency are effectively achieved without undermining each other. Authors: Mr. Anil Tiwari, Partner and Ms. Nishi Kashyap, Associate.

With the changing world order and the economic uncertainties the corporates have been facing since the pandemic, there have been a significant rise in unconventional and idiosyncratic corporate restructuring scenarios all over the world for various reasons. Nowadays corporates are aligning towards a different kind of corporate restructuring, in contrast to the traditional ways of restructuring, like a ‘Private Limited’ Company purchase a ‘Public Limited’ Company; or a ‘Subsidiary Company’ acquires its ‘Holding Company’; or a small company in share capital acquiring a large share capital company. Recently Hon’ble National Company Law Tribunal (NCLT) has allowed amalgamation via Reverse Merger of a Quick-commerce company Kiranakart Technologies Private Limited a.k.a Zepto[i] with its Singapore based Holding Company Kiranakart Pte. Ltd, enabling the transfer of its domicile from Singapore to India. Further, Ashok Leyland is also planning to get its vehicle finance unit, Hinduja Leyland Finance (HLF)[ii] listed on the stock exchange via a reverse merger with NXTDigital, a listed media company of the Hinduja Group in order to unlock the true potential of the business. These unconventional types of arrangements are gaining more and more traction among the corporates, wherein such corporate restructurings not only provides for traditional benefits like economies of scale of production, reduction in cost, entrance to new markets, diversification, increase in market shares, etc but also opens new possibilities wherein the corporates can bypass the large web of compliances and regulations, can benefit themselves of opportunities of tax benefits, or can piggyback on the existing goodwill and reputation of the existing large company. Such eccentric and atypical form of corporate restructuring is known as ‘Reverse Merger’ or ‘Reverse Takeover’. Although ‘Reverse Merger’ or ‘Reverse Takeover’ is not defined anywhere in the statutes per se, it can be referred to as a type of acquisition where a financially sound, smaller private company acquires a sick public company by purchasing its majority shares in their attempt to bypass the costly, cumbersome, and complex process of “going public” or getting into the process of Initial Public Offers (IPOs). In this process, the healthy private company loses its identity, whereas the unfruitful public company retains its name and identity. In India, the first ever situation of the arrangement of reverse merger bid under section 394 of the Companies Act, 1956 was observed in the case of ‘Bihari Mills Limited ([1985]58COMPCAS6(GUJ)’. Hon’ble Gujarat High Court, while hearing the petition of amalgamation of Maneklal Harilal Spg. & Mfg. Co. Ltd. ("the transferor company") with the Bihari Mills Ltd. ("the transferee company"), observed that this is not a usual amalgamation of a sick unit which is non-viable with a healthy or prosperous unit, but precisely the reverse of it. Under such scheme, the entire undertaking of the transferor company is to be merged and vested in the transferee company. Subsequently, in the year 1994, one more case was observed where a financial sound ‘Godrej Soaps Ltd’ merged with its loss making subsidiary namely ‘Gujarat Godrej Innovative chemical’, and adopted its original name ‘Godrej Soaps Ltd’ after the said restructuring. As deliberated above, a ‘reverse merger’ as an atypical and unorthodox form of corporate structuring is alluring more and more corporates nowadays for following reasons: Quick access to Stock Market Reverse merger is in effect, offer a more cost-effective way to tap into these public market benefits than going for IPO route. There is a growing trend of companies scouring for listed entities admitted for corporate insolvency before the Hon’ble NCLT, with intentions to acquire them through reverse merger, with an intension to have access to security market in a cost effective and less cumbersome way. Recently, a defunct publicly listed company namely Precision Containeurs Ltd (“Target Company”) which deals in manufacturing of steel and plastic containers, reappeared in news when it was acquired by East India Drums & Barrels Manufacturing Company (“Acquirer Company”)[iii]  in order to avail the benefits of easy access of the security market. Tax Planning and Saving As per Section 72A of the Income Tax Act, 1961, it provides for carrying forward and setting off accumulated loss and unabsorbed depreciation allowance amalgamation or demerger, etc., although, this benefit is not exclusive for corporate restructuring through Reverse Merger, however financially sound small companies acquire loss making big companies in order to avail the benefit of losses and unabsorbed depreciation of the loss making company by setting off the same with the profits of the Transferee Company. Recently Hon’ble NCLT Chandigarh have overruled the objections raised by the Income tax Department that the proposed merger between the loss-making company, Panasonic India Private Limited (Transferor Company) with the profit-making company, Panasonic Life Solutions India Private Limited (Transferee Company)[iv] is designed with an intention for tax avoidance by claiming benefit of carry forward losses and unabsorbed depreciation as provided under the provisions of the Income Tax Act, 1961 and approved the merger of both the companies. Hon’ble NCLT while allowing the scheme of the merger have taken into consideration the commercial wisdom of the shareholders who have sanctioned the scheme and also considered the fact that all the terms and conditions will be satisfied by the Transferee Company while availing the benefits of Section 72A of the Income Tax Act, 1961. Benefits of a Public Company Once a small private company becomes public by way of reverse merger, it in turns avails the benefits of any public limited in a shorter period of time compared to a traditional Public Company, like access to capital market, better liquidity, transparency in the transfer of shares, Capital appreciation, possibility of growth, enhanced creditability etc. Generating Goodwill For the small private companies looking to grab eyeballs, it tends to capitalize on the past goodwill of now sick or loss-making public companies. By choosing the path of the Reverse Merger, the small companies try to revive the lost reputation of the now unlucrative companies rather than make efforts to build up their own reputation and credibility in the market. As a marketing tool, it is less costly and less tedious to resuscitate the name of a company which was once familiar to the public at large than to aggressively build its own credibility in the market.   REGULATIONS IN INDIA In the global scenario, corporate restructuring through Reverse Merger is seen as back door access to the security capital market by avoiding the lengthy and cumbersome process of an Initial Public Offer (IPO) and is perceived to be a quicker and cheaper method of “going public”. In the United States of America, Regulation 7050 of the Securities and Exchange Commission (SEC) covers cases where a private operating company acquires an equity interest in a SEC registered company. Whereas, in China, their China Securities Regulatory Commission (CSRC) have clearly defined ‘Reverse Merger’ in CSRC Order No. 73 of 2011 and in the subsequent regulations, the CSRC have raised the regulatory standards on Reverse Mergers to the same level as IPOs. In India, the term “Reverse Merger/Reverse Takeover” is nowhere mentioned specifically in the rules and regulations as issued by the Ministry of Corporate Affairs (MCA) or Securities and Exchange Board of India (SEBI) and is treated on similar lines with the other forms of Corporate Restructuring. However, there are few rules and regulations concerning corporate restructuring which may fall under the definition of the ‘Reverse Merger’. Details of the same are as follows: a. As per Section 232(3)(h) of the Companies Act, 2013[v], where the Transferor Company is a Listed Company and the Transferee Company is an Unlisted Company, the Transferee Company shall remain Unlisted Company until the process of corporate restructuring is completed. It further states that, if the shareholders of the Transferor Company decides to opt out of the Transferee Company, they shall be paid for the value of their shares in accordance with the valuation as carried out under corporate restructuring. b. The SEBI issued a Master Circular SEBI/HO/CFD/DIL1/CIR/P/2020/249 Dated 22.12.2020[vi], which provides for regulation for merger of a listed company or its division into an unlisted entity, the entire pre scheme share capital of the unlisted issuer seeking listing shall be locked in as follows: (i) Shares held by Promoters up to the extent of twenty percent (20%) of the post-Merger paid-up capital of the unlisted issuer, shall be locked-in for a period of three years from the date of listing of the shares of the unlisted issuer; (ii) The remaining shares shall be lock-in for a period of one year from the date of listing of the shares of the unlisted issuer; (iii) No additional lock-in shall be applicable if the post scheme shareholding pattern of the unlisted entity is exactly similar to the shareholding pattern of the listed entity. c. More recently, the MCA brought amendments in the Companies (Compromises, Arrangements and Amalgamations) Amendment Rules, 2024[vii] in September 2024. Wherein rule 25A was amended to include that the Transferor Foreign Company incorporated outside India being a holding company and the Transferee Indian Company being a wholly owned subsidiary company incorporated in India, enter into merger or amalgamation, – (i) Both the companies shall obtain the prior approval of the Reserve Bank of India(RBI); (ii) The transferee Indian company shall comply with the provisions of section 233; (iii) The application shall be made by the transferee Indian company to the Central Government under sect ion the Act and provisions of rule 25 shall apply to such application; and (iv) The declaration referred to in sub-rule (4) shall be made at the stage of making application under section 233 of the Act. CONCLUSION Despite the upsurge and growing inclination of new startups and reasonably big unlisted companies for choosing this mechanism for going public in a time-saving manner by bypassing the compliances under the Companies Act, 2013, SEBI Act, 1992, Securities Contract (Regulation) Act, 1956 and Issue of Capital and Disclosure (Requirements) Regulations, 2018, the Central Government and the regulatory authorities are yet to frame proper laws and regulation in this respect. Although as mentioned above, there are few compliances specially for ‘Reverse Merger’ kind of corporate restructuring like getting approval from RBI for cross border transactions or putting restrictions on the usage of share capital after merger of a listed company with an unlisted company. However, these compliances are far few and between and these provisions are not as cohesive and harmonized as the rules and regulations as developed by the larger economies countries like the USA or China. The regulatory authorities need to study the acclivity towards the ‘Reverse Merger’ kind of corporate restructuring and it is an opportune moment to frame rules and regulation specifically for this kind of corporate restructuring. Based on the trends and analyzing the reasons for the paradigm shift towards corporate opting for ‘Reverse Merger’, the Central Government may either bring these compliances at par with the compliances as specified for raising money through an IPO by Unlisted Companies or may relax the regulations to provide for a cohesive alternate route for new-startups and unlisted companies in their efforts to go public in a timely fashion. Authored by: Ashutosh Das, Sr. Partner Aeshwarya Sisodia, Sr. Associate Research: Kriti Arora, Intern, 4th year, Symbiosis Law School, Pune Footnotes [i] Article in CNBC18. Click Here [ii] India Today Article. Click Here [iii] Article. Click Here [iv] Panasonic India Private Limited and Panasonic Life Solutions India Private Limited. CP(CAA) No. 8/Chd/Hry/2021. Click Here [v] Section 232(3)(h) of the Companies Act, 2013. [vi] Master Circular SEBI/HO/CFD/DIL1/CIR/P/2020/249 Dated 22.12.2020. Click Here [vii] Gazetted Notification bearing No. G.S.R 555 (E) dated 09.09.2024. Click Here

Introduction In the 1990s, India’s banking sector witnessed a notable rise in Non-Performing Assets (NPAs) due to factors like economic slowdown, liberalization, and new lending practices.To address the increasing NPAs, the Indian government, following the Narasimham Committee II's recommendations, introduced the Securitization and Reconstruction of Financial Assets and Enforcement of Security Interest (“SARFAESI”) Act, 2002. The said act facilitated the creation of Asset Reconstruction Companies (ARCs) in India. ARCs are specialized financial institutions set up to acquire and manage the non-performing assets of banks and financial institutions, and they were established in India in 2003 under the SARFAESI Act, 2002. With the intention of better value realization and to improve the efficiency of ARCs, the Reserve Bank of India (RBI) in terms of the recommendation given by Sudarshan Sen committee, issued the regulatory framework titled “Review of Regulatory Framework for Asset Reconstruction Companies (ARCs)” RBI/2022-23-128 on October 11, 2022. Through the said framework, RBI allowed the ARCs to be resolution applicant entities under the Insolvency and Bankruptcy Code, 2016 (“IBC”). The said framework marked as the revolutionary step in terms of the asset valuation of the Corporate debtor as it focused on enabling the ARC to function in a “more transparent and efficient manner”. While the primary focus of Asset Reconstruction Companies (ARCs) has traditionally been on recovering bad debts, industry experts now anticipate a more proactive role for them. As the sector grows, ARCs are expected to take on a crucial role in reviving struggling companies at an early stage, which could significantly benefit India’s economy. This shift towards timely intervention will require regulatory support. The present article discusses the interplay between the new RBI Guidelines of 2024 and the evolving role of ARCs Significance of ARCs in the resolution process As forecasted, ARCs played vital role in the resolution process than acting merely as the recovery agent. ARCs brought specialized expertise in asset management and recovery. Unlike traditional banks, ARCs employed professionals with experience in turnaround strategies, legal frameworks, and sector-specific knowledge. This expertise enabled them to devise innovative resolution strategies, negotiate with stakeholders, and maximize recovery values. The role of ARCs proved to be indispensable in ensuring that the distressed assets are efficiently managed and productive resources are optimally utilized, ultimately contributed to overall economic growth. Following are the key advantages of including the ARCs as resolution applicants under IBC: ARCs possess in-depth expertise in managing and resolving distressed assets, thus making it the best source for assets realization. Due to high number of NOF, ARCs have the ability to customize resolution plans specific to the needs of each case, enhancing the likelihood of achieving coherent and mutually beneficial outcomes. The ARCs, being are large firms are well equipped with the management which covers every aspect of the resolution process, thus their involvement ensures higher degree of governance in the resolution process. New role of ARCs ARC have primarily played a reactive role, focusing on recovering assets from non-performing assets (NPAs). With nearly 30 licensed ARCs currently operating in the country, this sector has seen significant growth since the Reserve Bank of India first introduced this licensing category. Now with the change in sector, it is expected that the ARCs play more proactive role in early detection of the distressed assets. At present, IBC only applies when businesses are struggling severely. However, with the evolving role of ARCs, the expectation is that they will intervene much earlier to prevent companies from reaching this critical stage. Consequently, in general parlance, ARCs comes into play when the assets of the company are termed as NPAs. While the model was satisfactory when it was first proposed, today ARCs can offer much more than simply reviving bad loans. With the proper setup, ARCs can gain much more by early identification of the assets from turning bad and subsequent repair them for maximum value. To prevent Companies from slipping into the vicious cycle of bad debts and loans, ARCs can use indicators and flags data to show lack of innovation, customer satisfactions, continue demands, future sustainability of the products etc as the early warning signs. By analyzing these warning signs and coordinating effectively with the bank, ARCs can play a more proactive role within the IBC framework. Regulatory Framework and Future Directions As the way to protect the interest stakeholders of the insolvency proceedings and to further strengthen and streamline the role of ARCs, RBI later in 2024 issued the Mater Direction on Asset Reconstruction Companies, 2024 (“Directions 2024”) RBI/DOR/2024-25/116. It is pertinent to mention that while the previous the RBI framework focused on the internal governance of the ARCs, this time the directions were elaborative and covered several aspects of the ARCs workings. Following are the Checks and Balances provision mentioned in the Directions, 2024 to prevent Collusion. Regulatory Oversight and Registration Requirements  Stringent Registration Norms: The RBI requires ARCs to obtain a certificate of registration before commencing operations. This involves a thorough vetting process, including an assessment of the promoters’ background, the company’s financial strength, and its proposed business plan. Continuous Monitoring: ARCs are subject to continuous monitoring and periodic inspections by the RBI to ensure compliance with regulatory norms and to detect any signs of malpractices, including collusion. Governance and Management Controls Fit and Proper Criteria: The RBI mandates that the directors and key management personnel of ARCs must meet the ‘fit and proper’ criteria, which includes assessments of their integrity, experience, competence, and financial soundness. Independent Directors: ARCs are required to have a certain number of independent directors on their boards to ensure impartiality and to provide an external perspective on the company's operations and decision-making processes. Valuation and Acquisition Practices Fair Valuation of Assets: The RBI has set guidelines for the fair valuation of NPAs to ensure that ARCs do not overpay or underpay for these assets, which could be a sign of collusion. As per the Directions, the valuation process should be uniform and is done in a scientific and objective manner. Independent Valuation: The Directions provides provision for engaging independent valuers to assess the value of NPAs before acquisition. This prevents any manipulation of asset prices that could facilitate collusion. Conflict of Interest Policies Code of Conduct: ARCs must adhere to a strict code of conduct that prohibits any activities that could lead to conflicts of interest, including collusion with corporate debtors. Whistleblower Mechanism: A robust whistleblower mechanism should be in place to allow employees and stakeholders to report any suspicious activities or potential collusion without fear of retaliation. Regulatory Penalties and Sanctions Penalties for Non-compliance: The RBI has the authority to impose penalties on ARCs for non-compliance with regulatory norms, including instances of collusion with corporate debtors. Revocation of Registration: In severe cases of malpractice, including proven collusion, the RBI can revoke the registration of an ARC, effectively ceasing its operations. Disclosure Requirements and Transparency Transparency in operations is critical for ARCs to maintain trust with stakeholders and regulators. Key disclosure requirements include: Annual Reports: ARCs must publish detailed annual reports that include financial statements, details of asset acquisitions, recoveries, and resolution strategies. Periodic Filings: Regular filings with the RBI, including quarterly and half-yearly reports on operational metrics and financial performance  Conclusion The inclusion of ARCs as part of the resolution process has undoubtedly contributed to quicker and more effective company resolutions. By acting as resolution applicants, ARCs bring their specialized expertise in asset management, which helps in maximizing the recovery of distressed assets and improving governance during the resolution process. This shift from a reactive to a more proactive role is expected to significantly enhance the overall effectiveness of the insolvency framework in India. As ARCs begin to intervene earlier, their ability to identify potential distress signs before assets turn non-performing can help prevent companies from entering the vicious cycle of bad debts and insolvency proceedings. This proactive approach can not only improve asset recovery but also reduce the economic burden of distressed businesses on the broader economy. However, the success of this initiative will largely depend on the pecific policies and operational frameworks that each ARC establishes, particularly with regard to sectoral exposure limits and their ability to manage early-stage distressed assets. The regulatory changes outlined in the RBI's Directions 2024 are a crucial factor in determining how effectively ARCs can perform their new role. These guidelines, which include stringent registration norms, transparency in operations, and conflict-of-interest policies, will ensure that ARCs operate in a sound and ethical manner, safeguarding the interests of all stakeholders involved in the resolution process. Looking forward, it is essential for ARCs to effectively implement these regulatory directions, focusing not only on financial outcomes but also on ensuring fair, transparent, and efficient resolution procedures. If these guidelines are adhered to, ARCs can play a transformative role in India's insolvency landscape, promoting faster economic recovery and enabling a healthier business environment for the future. References The Securitisation and Reconstruction of Financial Assets And Enforcement Of Security Interest Act, 2002 Insolvency and Bankruptcy Code, 2016 RBI/2022-23/128 DoR.SIG.FIN.REC.75/26.03.001/2022-23. RBI/DOR/2024-25/116 DoR.FIN.REC.16/26.03.001/2024-25. Yash Gupta, Asset Reconstruction Company- A way ahead as a Resolution Applicant under IBC, IBC Laws. Report of the Committee to Review the Working of Asset Reconstruction Companies. Abhizer Diwanji and Srinath Sridharan, Asset reconstruction companies should change their orientation.

Supreme Court In a recent Judicial pronouncement the Supreme Court came up with the decision supporting the implementation of an existing framework for early detection of financial stress of enterprises, particularly in relation to Macro, Small and Micro Enterprises (MSME) sector, before the Bankers/Lenders could to take up steps for classifying their debt as Non-Performing Asset (NPA) in order to assume coercive measures under SARFAESI Act, for recovery of dues. In fact, non-adherence to such framework was held as violative on the part of Lender/Banker, with the result that any steps taken for NPA declaration or resorting to SARFAESI Act measures, to be running the risk of being declared as null and void. The Supreme Court was called upon to decide the challenge to Bombay High Court judgment passed in exercise of its Writ Jurisdiction, wherein the action of Banker/Lender in declaring the Account of an MSME as NPA and subsequent actions of invoking the measures under SARFAESI Act, was impugned for not adhering to the framework of restructuring process contemplated in the Notification dated 29.05.2015 called, “Framework for Revival and Rehabilitation of MSMEs” (Notification), issued by Ministry of MSME, Govt. of India under MSMED Act. The Hon’ble High Court rejected the Writ holding that Bankers/Lenders are not obliged to adopt the restructuring process contemplated in the Notification on their own, when the MSME had not submitted any application for the same. The Supreme Court however setting aside the decision of the Hon’ble High Court of Bombay, noted that Section 9 of the MSMED Act, empowers Central Government to issue Notification prescribing measures for facilitating promotion, development and enhancing competitiveness of MSMEs and in that regard specify programmes, guidelines or instructions. It was further noted that Section 10 of the MSMED Act, requires implementation Policies/Practices ensuring timely and smooth flow of credit facilities to MSMEs in consonance with Guidelines/instructions of RBI, and minimize the incidence of their sickness and enhance their competitiveness. It was further noted that in support of the Notification of 29.05.2015, the RBI, in exercise of its powers under Section 21 read with Section 35A of Banking Regulation Act, issued Master Direction, called, the “Reserve Bank of India [Lending to Micro, Small and Medium Enterprises (MSME) Sector] Directions, 2016,” (Master Directions) vide the Notification dated 21st July, 2016, thereby advising all scheduled commercial banks to follow the guidelines/instructions pertaining to MSMEs. It was further noted from the scheme/arrangement in the Notification, that it required Bankers/Lenders to identify incipient stress in the account of the concerned enterprise registered as MSME by creating three sub categories as set out in the Notification, in order to explore various options to resolve the stress in the account, in terms of the said Notification. It was further noted, that the Bankers/Lenders stood obliged to implement the measures identified in the Notification, before proceeding to classify the account of the concerned MSME as NPA. It was also noted from the Scheme of the Notification that apart from the Bankers/Lenders adhering to the measures set out in the Notification, the borrower was also entitled to voluntarily initiate the process set out in the Notification by making an application to that effect. Keeping in view the scheme of the Notification read with Master Directions, the Supreme Court noticed that no doubt by virtue of Section 35 the SARFAESI Act shall prevail notwithstanding anything inconsistent in any other law in force; however, the provisions of SARFAESI Act gets triggered consequent to classification of the concerned account as NPA upon default in repayment of secured debt. It was observed that the Banks/Lenders are required to take up steps under the Notification, towards identification of incipient stress in the loan account and according categorization, on the basis of authenticated and verifiable material as furnished by the concerned MSME to establish that the loan account is of a MSME. It was accordingly, held that the implementation of the scheme prescribed in the Notification becomes very crucial, before any loan account of MSME can be classified as NPA. Therefore, until the exhaustion of measures under the Notificfation, the accounts of MSME cannot be classified as NPA, without which the measures under SARFAESI Act cannot be triggered. Taking note of the above position, the Supreme Court negated the findings of High Court that Bankers/Lenders of MSMEs were not obligated to follow the measures prescribed under Notification on its own, until MSME applies for initiation of said measures. While observing that it was mandatory for the Bankers/Lenders to follow the scheme prescribed in the Notification on its own, the Supreme Cour found it equally incumbent upon the concerned MSME to remain vigilant and follow the process set out in the framework of Notification. On that count, the Supreme Court cautioned that in case the MSME remains negligent and allows the process of enforcement of security under SARFAESI Act to get completed, such MSME could not be permitted to misuse process of Notification by taking a plea at belated stage. It is significant to highlight from the aforesaid that the Judgment of Supreme Court clearly weighs in favour of revival of an enterprise, before taking up of any coercive measures against it. In this backdrop, it is relevant to highlight that exactly the same objective can be traced with the scheme of the Insolvency and Bankruptcy Code, 2016 (IBC) as well. So far, eight years down the line from enforcement of IBC, the economic thought leaders and think tanks find tremendous reason to rejoice the successful implementation of IBC, while alluding such reasons to encouraging arithmetic figures of ‘debt resolution’ running into several lakhs of crores. However, the legislative objective of IBC towards ‘resolution of enterprises’ is yet to see a positive prospect, much less an encouraging number. In fact, the infrastructure for enterprise resolution is still struggling to settle and stabilize, and is dependent largely on ad-hoc measures, including interim finance support, for pulling on the sick enterprise as a going concern. The present Judgment of Supreme Court is a manifestation of legislative mandate towards ‘enterprise resolution’ (and not merely ‘debt resolution’), which need be implemented with support from an institutionalized infrastructure. It is high time that Policy framers and stakeholders join hands to implement an institutionalized infrastructure, to support the resolution measures of financially ailing enterprises, rather than leaving them on support of ad-hoc measures. Author: Mr. Jyoti K. Chaudhary

DARK PATTERNS India has one of the world's largest internet bases which makes it a crucial market for global online platforms.With the increasing online population, there is also an increase in online fraud and deceit against various customers in the form of dark patterns. Keeping the origin of Dark Patterns in mind, the Ministry of Consumer Affairs, Food and Public Distribution, Government of India have recently established a 17-member task force that could delve into and develop guidelines for consumer protection to address the issue of Dark Patterns. The Ministry had also taken inputs from the Advertising Standards Council of India (ASCI) and consulted with various stakeholders like E-Commerce companies on the issuance of the guidelines that could curb the increasing menace of the dark patterns in India. Accordingly, in the exercise of powers conferred under section 18 of the Consumer Protection Act, 2019, the Central Consumer Protection Authority (Ministry of Consumer Affairs) issued the “Guidelines for Prevention and Regulation of Dark Patterns, 2023”. According to these guidelines, "Dark Patterns" shall mean any practices or deceptive design patterns using UI/UX (user interface/user experience) interactions on any platform; designed to mislead or trick users into doing something they originally did not intend or want to do; by subverting or impairing the consumer autonomy, decision making or choice; amounting to misleading advertisement or unfair trade practice or violation of consumer rights.[1] The guidelines list the following dark patterns: False urgency: Falsely stating or implying the sense of urgency or scarcity to mislead a user/consumer into making an immediate purchase or taking immediate action. This leads to a purchase made by manipulating user decisions by showing false popularity of a product or more limited quantities of a product than they actually are. Basket sneaking: Additional items such as payments to charity, products, or services are added at the time of checkout without the consent of the user. For example, the automatic addition of travel insurance while purchasing flight or train tickets. Confirm shaming: Using a phrase, video, audio, or any such means that creates a sense of fear, shame, or guilt in the mind of the user to manipulate them into continuing a particular service or buying a product. For example, organizations such as Ketto or adding a charity in the users' cart with the phrase “Charity is for the rich, I don’t care”. Forced action: Forcing a user to take an action that would require them to buy an additional good or service to buy the product or service originally intended by the user. Subscription trap: This kind of dark pattern includes making the cancellation of a subscription a very lengthy and complex procedure, hiding the cancellation option for a subscription, forcing a user to provide payment details to enable auto-debit for subscriptions, and making the instructions for cancellation confusing and ambiguous. Interface interference: Manipulates the user into making a decision favorable for the platform by obscuring the relevant, important information and highlighting only specific instructions. Bait and switch: Advertises a particular outcome based on users' actions but deceptively serves an alternative outcome. Drip pricing: Elements of prices are not revealed upfront or are revealed post confirmation of the purchase and a higher amount is charged than what was disclosed at the time of the checkout, advertising a product or service as free and not disclosing the other requirements or conditions attached to it or preventing a person from using a service already paid by him unless an additional purchase is made. Disguised advertisement: Masking advertisements or showing false advertisements. Nagging: An overload of requests, options, and interruptions are posed to the user. Trick Question: Deliberate use of confusing or vague language like confusing wording, double negatives, or other similar tricks, in order to misguide or misdirect a user from taking desired action or leading consumer to take a specific response or action. SaaS Billing : The process of generating and collecting payments from consumers on a recurring basis in a software as a service (SaaS) business model by exploiting positive acquisition loops in recurring subscriptions to get money from users as surreptitiously as possible. Rogue Malwares: Using a ransomware or scareware to mislead or trick user into believing there is a virus on their computer and aims to convince them to pay for a fake malware removal tool that actually installs malware on their computer. IMPLICATIONS OF THE EXISTING LAWS ON DATA PATTERNS The introduction of the draft guideline is a significant action for the protection of the interests of internet users however there has been an existing framework for prohibiting the dark patterns in the form of various legislation like the Consumer Protection Act 2019, Guidelines for Prevention of Misleading Advertisements 2022, the Digital Personal Data Protection Act 2023 (“DPDP”), etc. Although the DPDP Act, 2023 has been notified in the official Gazette of India on 11.08.2023, the date on which this Act will come into effect has yet to be notified. The existing legislation although does not specifically mention dark patterns, however, it offers protection against unfair trade practices and misleading advertisements by using similar tactics, particularly in the realm of Data Protection as well as Consumer rights. Some of the existing legislation are as follows- (A) Digital Personal Data Protection Act, 2023 The Digital Personal Data Protection Act, of 2023, unequivocally decrees that individuals provide their free and clear consent before their data is processed unless it is being used for one of the designated "legitimate uses." A notice outlining the purpose of processing the requested data and outlining the rights of the individual—among which is the ability to withdraw consent at any time—must be included with the request for consent. In addition, this Act stipulates that obtaining consent from a data fiduciary should not be more difficult than withdrawing consent. As a result, a Data Fiduciary may only use personal information for the purposes for which it was collected and cannot "hold hostage" an individual's consent or data. Within the provisions of the newly introduced guidelines, the businesses will have to audit their user interfaces, eliminate any dark patterns they may be employing, safeguard personal information, utilize it only for "legitimate purposes," and obtain users' agreement in clear language through explicit affirmative action. Keeping a balance between user privacy and data access for personalization may prove to be the most difficult task. Additionally, businesses will need to spend more money to make sure that their individualized marketing complies with the strict data protection guidelines set forth by the Act. (B) The Consumer Protection Act, 2019 According to the Consumer Protection Act, 2019 the ‘consumer rights’[2] include- the right to be protected against the marketing of goods, products, or services which are hazardous to life and property; the right to be informed about the quality, quantity, potency, purity, standard, and price of goods, products, or services, as the case may be, to protect the consumer against unfair trade practices; the right to be assured, wherever possible, access to a variety of goods, products, or services at competitive prices; the right to be heard and to be assured that consumer's interests will receive due consideration at appropriate fora; the right to seek redressal against unfair trade practices restrictive trade practices or unscrupulous exploitation of consumers; and (vi) the right to consumer awareness; Forcing or manipulating a consumer into making choices that are against their interest amounts to unfair trade practices as defined under section 47 of the Consumer Protection Act, 2019 For the purpose of regulating the cases concerning unfair trade practices, violation of the rights of the consumers and misleading advertisements, the Central Government formed the Central Consumer Protection Authority (“CCPA”). CCPA has been established as a regulatory body within the provisions of the Consumer Protection Act, 2019. This regulatory body protects the rights of the consumers and takes necessary steps to ensure enforcement and protection of consumer rights such as: Conducting inquiries and investigations into violations of consumer rights and unfair trade practices on receiving a Complaint or Suo moto. Upon investigation, if the CCPA is satisfied that the rights of the consumers have been infringed or amount to unfair trade practices, the authority can directly to pass an order for the removal of such product or discontinuation of the service. Granting compensation or reimbursement to the consumer for the price paid for the product or service. Section 88 of the Consumer Protection Act, 2019 imposes a penalty for non-compliance with the direction of the Central Authority with an imprisonment for a term which may extend up to 6 months or a fine extending up to 20 lakh rupees, or both. Section 89 of the Consumer Protection Act, 2019 punishes for false or misleading advertisement which is prejudicial to the interest of the consumers with imprisonment for terms up to 2 years and a fine extending up to ten lakh rupees and for every subsequent offense, imprisonment up to 5 years and a fine of up to fifty lakh rupees. (C) GUIDELINES FOR PREVENTION OF MISLEADING ADVERTISEMENTS AND ENDORSEMENTS FOR MISLEADING ADVERTISEMENTS, 2022[3] Section 21 of the Consumer Protection Act, 2019 sets forth requirements for "non-misleading and valid advertisements" and "bait advertisements," which draw customers by lowering the cost of a good or service. The Central Consumer Protection Agency released Guidelines for Prevention of Misleading Advertisements and Endorsements for Misleading Advertisements, 2022. According to the Guidelines, advertisements cannot be referred to as "free" if the customer must pay for the packing or delivery, purchase another item at a higher cost to take advantage of the offer, or purchase a lesser quality or quantity in order to take advantage of the offer. (D) THE ADVERTISING STANDARDS COUNCIL OF INDIA (“ASCI”) GUIDELINES FOR ONLINE DECEPTIVE DESIGN PATTERNS IN ADVERTISING[4] Online Deceptive Design Patterns can also be described as 'dark patterns'. As stated hereinabove, these patterns refers to a wide range of practices in online user interfaces that manipulate customers into making choices that are not in their best interest. Chapter 1 of the ASCI code mandates ads to be honest and not abuse the trust and lack of expertise of the consumers. It should not be misleading in any way and there should be no ambiguity in the language of the advertisements. The ACSI guidelines are to be applied to all digital advertising platforms. It recognizes the 4 key dark patterns such as (i) Drip pricing, (ii) Bait and Switch, (iii) False urgency and (iv) Disguised Ads. IMPACT OF THESE GUIDELINES Who will be impacted? Sellers, advertisers, and all platforms that "systematically" offer goods and services in India will be subject to the Draft Guidelines. Interestingly, the Draft Guidelines apply not only to companies established in India but also to companies established abroad that sell goods or services to Indian nationals. What will be the impact? At the outset, the Ministry’s attempt to regulate the dark patterns should be appreciated, however, the introduction of these guidelines can impact various stakeholders as well as businesses operating in the global setup. The Dark Patterns can have an impact on the e-commerce industry as well as the fintech industry. The E-Commerce industry is constantly evolving and the introduction of these guidelines on dark patterns can pose a challenge. One of the significant impacts for such industries will be to amend their user interfaces and make them more consumer-friendly so that the menace of dark patterns can be controlled and regulated. However, the whole process can be costly as well as time-consuming which can discourage the budding e-commerce businesses as well as the existing businesses. It is significant to mention herein that Asia Internet Coalition (“AIC”) which represents tech giants such as Google, Apple, Amazon, and Twitter has categorically suggested that the introduction of such guidelines can deteriorate the growth of the country's digital economy and urged the Government of India to contemplate the existing self-regulatory framework as the primary measure to restrict the use of dark patterns. The industry group also said online platforms are already regulated under the various existing laws. The group stated that while online platforms in India qualify as online intermediaries and are regulated under the Information Technology Act 2000, e-commerce platforms are administered under the Consumer Protection Act 2019 rules. However, clause 6 of the Draft Guidelines specifically provides that the provisions contained in these guidelines shall be in addition to and not in derogation of the existing laws and regulations, hence the worries of AIC can be squarely covered. Nonetheless, the e-commerce or fintech industries can take the following steps to improve their practice and to be in line with the newly introduced guidelines on dark patterns: The businesses can create communication and systems that will respect the autonomy of the users and improve transparency which will enable the consumers to make well-informed choices; With the introduction of the guidelines, the Businesses can teach their Customers how to spot dark patterns. Industry standards for dark pattern-free user interfaces should be developed; To maintain compliance, businesses have to incorporate consent documentation or pop-up notifications on digital platforms; Businesses should provide thorough and personalized user experiences on digital platforms; Implementing encryption, multi-factor authentication, and regular security precautions which can also go a long way in improving the user interfaces; Businesses should also communicate their data privacy practices and attain explicit consent for the collection of the data; REDRESSAL MECHANISM FOR AFFECTED CONSUMERS The newly introduced guidelines do not provide any provisions for filing complaints against the dark patterns. However, the existing regulation such as the Consumer Protection Act 2019 and the DPDP Act 2023 provides the provision for regulating unfair trade practices by any organizations who are dealing in both online and offline interface. (i) Complaint under the Consumer Protection Act, 2019- Under Section 9(v) of the Consumer Protection Act, 2019, the consumer has the right to seek redressal against Unfair Trade Practices or restrictive trade practices. Consumers can file a complaint against unfair trade practices or misleading information and advertisements before the Consumer Commission as prescribed under the Consumer Protection Act, 2019. The provisions of the 2019 Act provide for the establishment of Consumer Commissions at various levels which enables the individual complainant or a group of complainants to approach these commissions and register their complaint against such unfair practices and misleading advertisements. As stated above, these Commissions can impose punishments for false or misleading advertisements within the scope of section 89 of the Consumer Protection Act, 2019. (ii) Complaint to Central Consumer Protection Authority- In case, a large set of consumers are being affected through practices such as violation of consumer rights such as unfair trade practices, or false and misleading advertisements, then such a complaint can be forwarded to the District Collector or the Commissioner of regional officer or the Central Authority. Moreover, under Section 21 of the Consumer Protection Act 2019, the Central Authority also has the power to issue penalties against false and misleading advertisements. (iii) Complaint under DPDP Act 2023- The DPDP Act 2023 provides that the consent given by the Data Principal shall be free, specific informed, unconditional, and with a clear affirmative action. The Data Fiduciary under the newly formed act should ensure that the data of the consumers is not breached and misused. The Data Principal under Section 27 of the Act has the right to approach the Data Protection Board and file a complaint in case the Data Principal feels that its data has been misused and breached by the Data Fiduciary. However, it is significant to mention that the Act has not come into effect yet. CONCLUSION Dark patterns are a form of misleading design that can harm consumers. Attentiveness of the different types of dark patterns and taking steps to protect the business and consumers can aid in reducing the risk by focusing on offering consumers the information and experience needed to make fully informed decisions. India has already geared in implementing the laws and procedures that can guide customers and people around the nation to not fall into the trap of dark patterns as well as a way to protect their data. Since the area is comparatively new, more jurisprudence will be required to ascertain whether the implementation of such guidelines is actually affecting the ease of doing business in India. Up until now, only the fields of marketing and advertising have been able to control the psychological and behavioral inclinations of their customers through online manipulation. The draft guidelines now aim to broaden the regulatory scope to address more consumer concerns. However, it remains to be seen how the draft guidelines will supplement the current situation without causing regulatory overlap and arbitrage, given that the DPDP Act and the forthcoming Digital India Act have the potential to protect users from dark patterns. Footnotes [1] https://www.mondaq.com/india/dodd-frank-consumer-protection-act/1379670/understanding-dark-patterns-guidelines-for-consumer-protection#:~:text=The%20term%20'Dark%20Patterns'%20has,by%20subverting%20or%20impairing%20the [2] https://www.indiacode.nic.in/bitstream/123456789/15256/1/a2019-35.pdf [3] https://consumeraffairs.nic.in/sites/default/files/file-uploads/latestnews/The%20Guidelines%20for%20Prevention%20and%20Regulation%20of%20Dark%20Patterns%2C%202023.pdf [4] https://www.ascionline.in/wp-content/uploads/2023/05/Guidelines-for-Online-Deceptive-Design-Patterns-in-Advertising.pdf

DARK PATTERNS India has one of the world's largest internet bases which makes it a crucial market for global online platforms.With the increasing online population, there is also an increase in online fraud and deceit against various customers in the form of dark patterns. Keeping the origin of Dark Patterns in mind, the Ministry of Consumer Affairs, Food and Public Distribution, Government of India have recently established a 17-member task force that could delve into and develop guidelines for consumer protection to address the issue of Dark Patterns. The Ministry had also taken inputs from the Advertising Standards Council of India (ASCI) and consulted with various stakeholders like E-Commerce companies on the issuance of the guidelines that could curb the increasing menace of the dark patterns in India. Accordingly, in the exercise of powers conferred under section 18 of the Consumer Protection Act, 2019, the Central Consumer Protection Authority (Ministry of Consumer Affairs) issued the “Guidelines for Prevention and Regulation of Dark Patterns, 2023”. According to these guidelines, "Dark Patterns" shall mean any practices or deceptive design patterns using UI/UX (user interface/user experience) interactions on any platform; designed to mislead or trick users into doing something they originally did not intend or want to do; by subverting or impairing the consumer autonomy, decision making or choice; amounting to misleading advertisement or unfair trade practice or violation of consumer rights.[1] The guidelines list the following dark patterns: False urgency: Falsely stating or implying the sense of urgency or scarcity to mislead a user/consumer into making an immediate purchase or taking immediate action. This leads to a purchase made by manipulating user decisions by showing false popularity of a product or more limited quantities of a product than they actually are. Basket sneaking: Additional items such as payments to charity, products, or services are added at the time of checkout without the consent of the user. For example, the automatic addition of travel insurance while purchasing flight or train tickets. Confirm shaming: Using a phrase, video, audio, or any such means that creates a sense of fear, shame, or guilt in the mind of the user to manipulate them into continuing a particular service or buying a product. For example, organizations such as Ketto or adding a charity in the users' cart with the phrase “Charity is for the rich, I don’t care”. Forced action: Forcing a user to take an action that would require them to buy an additional good or service to buy the product or service originally intended by the user. Subscription trap: This kind of dark pattern includes making the cancellation of a subscription a very lengthy and complex procedure, hiding the cancellation option for a subscription, forcing a user to provide payment details to enable auto-debit for subscriptions, and making the instructions for cancellation confusing and ambiguous. Interface interference: Manipulates the user into making a decision favorable for the platform by obscuring the relevant, important information and highlighting only specific instructions. Bait and switch: Advertises a particular outcome based on users' actions but deceptively serves an alternative outcome. Drip pricing: Elements of prices are not revealed upfront or are revealed post confirmation of the purchase and a higher amount is charged than what was disclosed at the time of the checkout, advertising a product or service as free and not disclosing the other requirements or conditions attached to it or preventing a person from using a service already paid by him unless an additional purchase is made. Disguised advertisement: Masking advertisements or showing false advertisements. Nagging: An overload of requests, options, and interruptions are posed to the user. Trick Question: Deliberate use of confusing or vague language like confusing wording, double negatives, or other similar tricks, in order to misguide or misdirect a user from taking desired action or leading consumer to take a specific response or action. SaaS Billing : The process of generating and collecting payments from consumers on a recurring basis in a software as a service (SaaS) business model by exploiting positive acquisition loops in recurring subscriptions to get money from users as surreptitiously as possible. Rogue Malwares: Using a ransomware or scareware to mislead or trick user into believing there is a virus on their computer and aims to convince them to pay for a fake malware removal tool that actually installs malware on their computer. IMPLICATIONS OF THE EXISTING LAWS ON DATA PATTERNS The introduction of the draft guideline is a significant action for the protection of the interests of internet users however there has been an existing framework for prohibiting the dark patterns in the form of various legislation like the Consumer Protection Act 2019, Guidelines for Prevention of Misleading Advertisements 2022, the Digital Personal Data Protection Act 2023 (“DPDP”), etc. Although the DPDP Act, 2023 has been notified in the official Gazette of India on 11.08.2023, the date on which this Act will come into effect has yet to be notified. The existing legislation although does not specifically mention dark patterns, however, it offers protection against unfair trade practices and misleading advertisements by using similar tactics, particularly in the realm of Data Protection as well as Consumer rights. Some of the existing legislation are as follows- Digital Personal Data Protection Act, 2023 The Digital Personal Data Protection Act, of 2023, unequivocally decrees that individuals provide their free and clear consent before their data is processed unless it is being used for one of the designated "legitimate uses." A notice outlining the purpose of processing the requested data and outlining the rights of the individual—among which is the ability to withdraw consent at any time—must be included with the request for consent. In addition, this Act stipulates that obtaining consent from a data fiduciary should not be more difficult than withdrawing consent. As a result, a Data Fiduciary may only use personal information for the purposes for which it was collected and cannot "hold hostage" an individual's consent or data. Within the provisions of the newly introduced guidelines, the businesses will have to audit their user interfaces, eliminate any dark patterns they may be employing, safeguard personal information, utilize it only for "legitimate purposes," and obtain users' agreement in clear language through explicit affirmative action. Keeping a balance between user privacy and data access for personalization may prove to be the most difficult task. Additionally, businesses will need to spend more money to make sure that their individualized marketing complies with the strict data protection guidelines set forth by the Act. The Consumer Protection Act, 2019 According to the Consumer Protection Act, 2019 the ‘consumer rights’[2] include- the right to be protected against the marketing of goods, products, or services which are hazardous to life and property; the right to be informed about the quality, quantity, potency, purity, standard, and price of goods, products, or services, as the case may be, to protect the consumer against unfair trade practices; the right to be assured, wherever possible, access to a variety of goods, products, or services at competitive prices; the right to be heard and to be assured that consumer's interests will receive due consideration at appropriate fora; the right to seek redressal against unfair trade practices restrictive trade practices or unscrupulous exploitation of consumers; and (vi) the right to consumer awareness; Forcing or manipulating a consumer into making choices that are against their interest amounts to unfair trade practices as defined under section 47 of the Consumer Protection Act, 2019 For the purpose of regulating the cases concerning unfair trade practices, violation of the rights of the consumers and misleading advertisements, the Central Government formed the Central Consumer Protection Authority (“CCPA”). CCPA has been established as a regulatory body within the provisions of the Consumer Protection Act, 2019. This regulatory body protects the rights of the consumers and takes necessary steps to ensure enforcement and protection of consumer rights such as: Conducting inquiries and investigations into violations of consumer rights and unfair trade practices on receiving a Complaint or Suo moto. Upon investigation, if the CCPA is satisfied that the rights of the consumers have been infringed or amount to unfair trade practices, the authority can directly to pass an order for the removal of such product or discontinuation of the service. Granting compensation or reimbursement to the consumer for the price paid for the product or service. Section 88 of the Consumer Protection Act, 2019 imposes a penalty for non-compliance with the direction of the Central Authority with an imprisonment for a term which may extend up to 6 months or a fine extending up to 20 lakh rupees, or both. Section 89 of the Consumer Protection Act, 2019 punishes for false or misleading advertisement which is prejudicial to the interest of the consumers with imprisonment for terms up to 2 years and a fine extending up to ten lakh rupees and for every subsequent offense, imprisonment up to 5 years and a fine of up to fifty lakh rupees. GUIDELINES FOR PREVENTION OF MISLEADING ADVERTISEMENTS AND ENDORSEMENTS FOR MISLEADING ADVERTISEMENTS, 2022[3] Section 21 of the Consumer Protection Act, 2019 sets forth requirements for "non-misleading and valid advertisements" and "bait advertisements," which draw customers by lowering the cost of a good or service. The Central Consumer Protection Agency released Guidelines for Prevention of Misleading Advertisements and Endorsements for Misleading Advertisements, 2022. According to the Guidelines, advertisements cannot be referred to as "free" if the customer must pay for the packing or delivery, purchase another item at a higher cost to take advantage of the offer, or purchase a lesser quality or quantity in order to take advantage of the offer. THE ADVERTISING STANDARDS COUNCIL OF INDIA (“ASCI”) GUIDELINES FOR ONLINE DECEPTIVE DESIGN PATTERNS IN ADVERTISING[4] Online Deceptive Design Patterns can also be described as 'dark patterns'. As stated hereinabove, these patterns refers to a wide range of practices in online user interfaces that manipulate customers into making choices that are not in their best interest. Chapter 1 of the ASCI code mandates ads to be honest and not abuse the trust and lack of expertise of the consumers. It should not be misleading in any way and there should be no ambiguity in the language of the advertisements. The ACSI guidelines are to be applied to all digital advertising platforms. It recognizes the 4 key dark patterns such as (i) Drip pricing, (ii) Bait and Switch, (iii) False urgency and (iv) Disguised Ads. IMPACT OF THESE GUIDELINES Who will be impacted? Sellers, advertisers, and all platforms that "systematically" offer goods and services in India will be subject to the Draft Guidelines. Interestingly, the Draft Guidelines apply not only to companies established in India but also to companies established abroad that sell goods or services to Indian nationals. What will be the impact? At the outset, the Ministry’s attempt to regulate the dark patterns should be appreciated, however, the introduction of these guidelines can impact various stakeholders as well as businesses operating in the global setup. The Dark Patterns can have an impact on the e-commerce industry as well as the fintech industry. The E-Commerce industry is constantly evolving and the introduction of these guidelines on dark patterns can pose a challenge. One of the significant impacts for such industries will be to amend their user interfaces and make them more consumer-friendly so that the menace of dark patterns can be controlled and regulated. However, the whole process can be costly as well as time-consuming which can discourage the budding e-commerce businesses as well as the existing businesses. It is significant to mention herein that Asia Internet Coalition (“AIC”) which represents tech giants such as Google, Apple, Amazon, and Twitter has categorically suggested that the introduction of such guidelines can deteriorate the growth of the country's digital economy and urged the Government of India to contemplate the existing self-regulatory framework as the primary measure to restrict the use of dark patterns. The industry group also said online platforms are already regulated under the various existing laws. The group stated that while online platforms in India qualify as online intermediaries and are regulated under the Information Technology Act 2000, e-commerce platforms are administered under the Consumer Protection Act 2019 rules. However, clause 6 of the Draft Guidelines specifically provides that the provisions contained in these guidelines shall be in addition to and not in derogation of the existing laws and regulations, hence the worries of AIC can be squarely covered. Nonetheless, the e-commerce or fintech industries can take the following steps to improve their practice and to be in line with the newly introduced guidelines on dark patterns: The businesses can create communication and systems that will respect the autonomy of the users and improve transparency which will enable the consumers to make well-informed choices; With the introduction of the guidelines, the Businesses can teach their Customers how to spot dark patterns. Industry standards for dark pattern-free user interfaces should be developed; To maintain compliance, businesses have to incorporate consent documentation or pop-up notifications on digital platforms; Businesses should provide thorough and personalized user experiences on digital platforms; Implementing encryption, multi-factor authentication, and regular security precautions which can also go a long way in improving the user interfaces; Businesses should also communicate their data privacy practices and attain explicit consent for the collection of the data; REDRESSAL MECHANISM FOR AFFECTED CONSUMERS The newly introduced guidelines do not provide any provisions for filing complaints against the dark patterns. However, the existing regulation such as the Consumer Protection Act 2019 and the DPDP Act 2023 provides the provision for regulating unfair trade practices by any organizations who are dealing in both online and offline interface. Complaint under the Consumer Protection Act, 2019- Under Section 9(v) of the Consumer Protection Act, 2019, the consumer has the right to seek redressal against Unfair Trade Practices or restrictive trade practices. Consumers can file a complaint against unfair trade practices or misleading information and advertisements before the Consumer Commission as prescribed under the Consumer Protection Act, 2019. The provisions of the 2019 Act provide for the establishment of Consumer Commissions at various levels which enables the individual complainant or a group of complainants to approach these commissions and register their complaint against such unfair practices and misleading advertisements. As stated above, these Commissions can impose punishments for false or misleading advertisements within the scope of section 89 of the Consumer Protection Act, 2019. Complaint to Central Consumer Protection Authority- In case, a large set of consumers are being affected through practices such as violation of consumer rights such as unfair trade practices, or false and misleading advertisements, then such a complaint can be forwarded to the District Collector or the Commissioner of regional officer or the Central Authority. Moreover, under Section 21 of the Consumer Protection Act 2019, the Central Authority also has the power to issue penalties against false and misleading advertisements. Complaint under DPDP Act 2023- The DPDP Act 2023 provides that the consent given by the Data Principal shall be free, specific informed, unconditional, and with a clear affirmative action. The Data Fiduciary under the newly formed act should ensure that the data of the consumers is not breached and misused. The Data Principal under Section 27 of the Act has the right to approach the Data Protection Board and file a complaint in case the Data Principal feels that its data has been misused and breached by the Data Fiduciary. However, it is significant to mention that the Act has not come into effect yet. CONCLUSION Dark patterns are a form of misleading design that can harm consumers. Attentiveness of the different types of dark patterns and taking steps to protect the business and consumers can aid in reducing the risk by focusing on offering consumers the information and experience needed to make fully informed decisions. India has already geared in implementing the laws and procedures that can guide customers and people around the nation to not fall into the trap of dark patterns as well as a way to protect their data. Since the area is comparatively new, more jurisprudence will be required to ascertain whether the implementation of such guidelines is actually affecting the ease of doing business in India. Up until now, only the fields of marketing and advertising have been able to control the psychological and behavioral inclinations of their customers through online manipulation. The draft guidelines now aim to broaden the regulatory scope to address more consumer concerns. However, it remains to be seen how the draft guidelines will supplement the current situation without causing regulatory overlap and arbitrage, given that the DPDP Act and the forthcoming Digital India Act have the potential to protect users from dark patterns. Footnotes [1] https://www.mondaq.com/india/dodd-frank-consumer-protection-act/1379670/understanding-dark-patterns-guidelines-for-consumer-protection#:~:text=The%20term%20'Dark%20Patterns'%20has,by%20subverting%20or%20impairing%20the [2] https://www.indiacode.nic.in/bitstream/123456789/15256/1/a2019-35.pdf [3] https://consumeraffairs.nic.in/sites/default/files/file-uploads/latestnews/The%20Guidelines%20for%20Prevention%20and%20Regulation%20of%20Dark%20Patterns%2C%202023.pdf [4] https://www.ascionline.in/wp-content/uploads/2023/05/Guidelines-for-Online-Deceptive-Design-Patterns-in-Advertising.pdf