On the occasion of Data Privacy Day, the Advertising Standards Council of India (ASCI) Academy in collaboration with PSA Legal and Tsaaro Consulting has released a white paper titled ‘Navigating Cookies: Recalibrating your cookie strategy in light of the DPDPA’.
The same builds on ASCI’s ongoing efforts to address data privacy concerns and comes after the rollout of ASCI’s ‘Privacy and Progress: Pillars of Digital Bharat’ paper which was published in March 2023 and focused on preparing organizations for Digital Personal Data Protection Act (DPDPA) compliance.
Realising that cookies are an important feature of most internet interfaces and have the ability to create value for both advertisers and consumers, with advertisers using cookies to gather data on user behaviour, preferences, and browsing history to deliver targeted ads that drive higher engagement and better ROI and consumers using cookies to streamline browsing by personalizing content, remembering preferences, and simplifying website interactions, there has been a constant debate of the rightful usage of cookies.
This usage has further resulted in raising concerns about privacy, data security, and user autonomy when users remain unclear about how their data is collected, shared, or monetized.
Recognising the same and to help businesses navigate this cookie conundrum, the ASCI Academy for its new white paper launch analysed the cookie consent practices of the top 50 websites in India, accounting for 30 billion visits in December 2024 alone to come up with a suitable dipstick.
During the analysis, the ASCI Academy found out that only 6% of the websites are ready for specific consent as outlined by the DPDPA 2023, read with the draft DPDP rules published on January 3, 2025.
“While the DPDPA is likely to provide a runway for compliance, the results indicate a need for organizations to take up cookie consent best practices as a part of their compliance readiness efforts,” ASCI stated in its press note.
The newly launched whitepaper titled- ‘Navigating Cookies: Recalibrating your cookie strategy in light of the DPDPA’, as a result explores cases and examples in other jurisdictions and sheds light on how the issue of cookie consent has been addressed in different countries and provides actionable insights on crafting an effective cookie policy to help stakeholders navigate the complexities of consent, transparency, and user control in an increasingly privacy-conscious world.
Key Highlights of the White Paper include:
- Compliance Readiness Gaps in India: Tsarro Consulting conducted a dipstick analysis of India’s top websites, revealing that only 6% implement cookie consent banners, indicating a gap in terms of readiness.
- Granular Consent Mandates: The DPDPA requires explicit, informed, and revocable consent for cookie usage, calling for a rethinking of traditional consent models.
- Lessons from Global Standards: The paper draws insights from GDPR and other jurisdictions that bring out the need for transparency and user control.
- Industry Impact: The paper examines current practices and use cases in various industries like e-commerce, tech and software, social media platforms, marketing and advertising, and healthcare.
- Opportunities for Advertisers: By prioritizing user-centric practices, advertisers can turn compliance into a competitive advantage, building consumer trust in a privacy-conscious marketplace.
To read the entire white paper in detail, click here.
Commenting on the launch of the same, Manisha Kapoor, CEO and Secretary-General, ASCI, said, “On this Data Privacy Day, we are pleased to present this collaborative white paper with PSA Legal and Tsaaro Consulting. The paper aims to help advertisers understand and prepare for cookie consent practices that are both compliant with the new DPDPA as well as build consumer trust and transparency. The paper provides practical knowledge and insights to create effective cookie practices in a privacy-conscious world.”
To this, Dhruv Suri, Partner, PSA Legal, added, “With the final DPDPA Rules on the horizon, advertisers are at a crossroads where privacy, technology, and the law converge. Once the law is better understood, the technology, i.e., cookies, will no longer be mere marketing tools but will serve as a means to strengthen customer loyalty. Global precedents can serve as the perfect roadmap to tailor strategies and navigate cookie consent management in a country that is just beginning its data privacy journey.”
Furthermore, Akarsh Singh, CEO, Tsaaro Consulting, also stated, “Cookie consent is no longer a checkbox exercise; it’s a strategic element of modern advertising. The first step to creating a privacy-centric ecosystem that values the customer’s data rights when deploying cookies is to acknowledge that a gap exists between existing marketing tactics and the privacy laws and then to actively work towards bridging the gap between practicality and compliance.”
