India, Nov. 17 -- With the Digital Personal Data Protection (DPDP) Act set to take effect in 18 months, the long shadow of uncertainty on a data privacy regime has lifted. At the same time, a very real countdown has begun. For businesses, especially those which already comply with global standards like the European Union's General Data Protection Regulation (GDPR), it will be tempting to assume that compliance will be straightforward and there is a long runway to get there. This will not be the case. While the DPDP Act draws inspiration from global models, it has its own approach to core privacy concepts in ways that create new obligations and, in some cases, higher expectations. This means even mature privacy programmes will need to be r...