This webinar will discuss India’s recent onerous cybersecurity directions that have major implications for foreign companies doing business in India. These new directions include a 6 hour data breach notification time limit. The directions notably have an extraterritorial application, impacting businesses that do not have a physical presence in India. The webinar explores the threats, spearheaded by large business stakeholders, of possible constitutional challenges to extraterritoriality together with structuring options to mitigate risks. Cloud service providers, VPN providers, and companies in the crypto space have been further impacted: a growing consensus among these industries aims to further challenge some of the more onerous record maintenance and KYC checks expected of such organizations.  
Other key aspects that this webinar will explore: 

• Advice on determining how the directions apply to your business, especially if there is no physical presence in India,
• Ensuring compliance with detailed cybersecurity and record maintenance requirements,
• Localization concerns – especially on logs and financial data – and the way this ties in with the Indian government’s recent policy trends across different industries, 
• Practical advice for legal practitioners on developing compliance processes,  
• On-the-ground market trends on formats of reports and the regulator’s approach, and
• Case studies and the way forward. 

Speakers: Mathew Chacko and Aadya Misra
Moderator: Kieran De Terra

Mathew Chacko
Mathew is a founding partner at Spice Route Legal and is widely recognized as one of India’s leading TMT lawyers. He is a trusted advisor to many of the biggest names in the business and has advised on some of the most complicated contentious and non-contentious matters to haunt the technology, media & telecommunications industries in India. He advises on all aspects of data protection and cybersecurity including compliance strategy, control frameworks, impact assessments, incident response, monetization, and criminal enforcement. A graduate of the University of Oxford, Mathew teaches a course on Technology, Media, and Telecommunications at one of India’s leading law schools and serves on the editorial board of a journal that focuses on cybersecurity. He is recognized by Legal 500, Chambers & Partners, AsiaLaw, and the India Business Law Journal as one of India’s leading lawyers.

Aadya Misra
Aadya is a Senior Associate with the Technology, Media, and Telecommunications team at Spice Route Legal and has been, within a short period of time, regarded as a rising star by the privacy bar in India. In addition to having worked almost exclusively on privacy and cybersecurity matters over the last 6 years, Aadya is also an IAPP certified privacy manager. Aadya has a particular focus on ad-tech, HR-tech, and gaming. She is the youngest lawyer on Legal500’s data protection honor roll.