Published on: 19th June, 2025 23:58 IST
By Dr. Anup K Tiwari
As digital transformation accelerates across sectors, legal frameworks around the world are evolving rapidly to ensure accountability, privacy, and inclusiveness. The May 2025 edition of Fountainhead Legal’s newsletter encapsulates a critical moment in this shift—when rights, regulations, and technology converge. India has taken significant strides in redefining access, privacy, and ethical digital governance, while global jurisdictions are intensifying scrutiny around data protection and AI deployment.
India: About to Lead the Inclusive Digital Era
One of the most path-breaking developments came from the Supreme Court of India, which recognized ‘Digital Access’ as a fundamental right under Article 21 of the Constitution. In Pragya Prasun v. Union of India, the Court held that inaccessibility in digital KYC systems amounted to exclusion and discrimination against persons with disabilities. The verdict mandates sweeping changes, including inclusive digital KYC norms, alternative verification methods like thumb impressions, periodic audits, and disability data tracking.
Following the verdict, SEBI issued a circular ensuring accessibility of digital KYC for persons with disabilities. SEBI’s FAQs clarify that adults with disabilities can independently open accounts, while provisions for minors are facilitated through guardianship certifications. It’s a landmark move toward inclusive finance, recognizing accessibility as a cornerstone of dignity and autonomy.
The RBI’s new Digital Lending Directions 2025 marked another transformative milestone. With stricter norms on data consent, server localization, and mandatory app registration, the regulations aim to eliminate predatory lending practices and ensure borrowers’ privacy. Apps must now avoid accessing personal data like contact lists or call logs, and maintain grievance redress mechanisms—a clear signal of the RBI’s focus on data integrity and ethical fintech conduct.
Simultaneously, India’s cyber defence landscape has been bolstered through a CERT-In advisory that outlines essential cybersecurity practices such as multi-factor authentication, offline data backups, and zero-trust architecture. The growing sophistication of cyber threats makes proactive cyber hygiene more critical than ever.
To address increasing cyber frauds, the Ministry of Home Affairs launched the ‘e-Zero FIR’ pilot in Delhi, allowing high-value cyber complaints (above INR 10 lakh) to be registered digitally and transferred seamlessly to relevant police jurisdictions. This integration with the BNSS framework is expected to streamline enforcement and quicken fund recovery.
In the realm of content regulation, the Maharashtra Police Cyber Cell flagged risks associated with AI-generated content imitating Studio Ghibli’s animation style. The advisory warns against potential copyright violations and ethical misuse of generative AI, urging creators to respect licensing norms.
Further clarifying digital conduct, the Allahabad High Court ruled that merely ‘liking’ an obscene post on social media does not amount to publishing or transmitting such content under Section 67 of the IT Act. This landmark decision balances freedom of expression with content regulation, setting boundaries on what constitutes transmission in the digital age.
Lastly, the RBI has announced a forthcoming framework for ethical AI deployment, focusing on transparency, fairness, and accountability. This aligns with the RBI’s ongoing FREE-AI initiative and the Digital Personal Data Protection (DPDP) Act, reflecting India’s ambition to harness AI responsibly.
Global Momentum
The global outlook echoes India’s seriousness in regulating digital landscapes. In the U.S., BayCare Health System agreed to an $800,000 settlement for HIPAA violations, while LexisNexis Risk Solutions reported a breach affecting over 360,000 individuals, spotlighting the risks of third-party integrations. Meanwhile, Coinbase is facing a class action lawsuit for allegedly violating Illinois’ Biometric Privacy Law by collecting users’ facial data without informed consent—underscoring the privacy vulnerabilities in fintech.
In Europe, the European Commission referred five member states to the Court of Justice for non-compliance with the Digital Services Act, highlighting the necessity of national enforcement structures to back EU-wide frameworks.
In the UK, the first fully AI-powered law firm, Garfield.Law, received regulatory approval, indicating cautious optimism towards integrating AI into professional legal services—provided robust safeguards are in place.
Canada’s judiciary set another precedent by holding that proof of harm is not required to award damages for privacy violations, affirming that breaches of privacy are inherently injurious. Meanwhile, in Kenya, the High Court ruled against WorldCoin for unlawfully collecting biometric data via iris scans without consent. The court ordered data deletion and a halt to operations, reinforcing that innovation cannot bypass human rights.
The developments in May 2025 signify a profound shift in how law interacts with technology. From fundamental rights to cybersecurity, and from financial inclusion to AI ethics, the law is adapting to the needs of a digital-first world. India stands at the forefront of this change, offering not just legal clarity but a vision of inclusive, responsible digital governance. At the same time, international cases serve as reminders that strong privacy enforcement, regulatory compliance, and ethical frameworks are non-negotiable pillars of the global digital order.
Fountainhead Legal’s work in tracking, interpreting, and navigating these changes reinforces the importance of agile legal advisory in today’s fast-evolving tech ecosystem.
Author: Dr. Anup K Tiwari is Delhi based Lawyer and Practicing in Supreme Court of India and High Courts