India’s recent achievements in space exploration have garnered significant global attention (e.g., Chandrayaan-3’s soft-landing on the lunar south pole; Aditya-L1’s solar study mission; and hitting key milestones in terms of achieving manned spaceflight capabilities as part of the Gaganyaan project). However, private sector participation in space activities continues to be hamstrung through a combination of: (i) financial constraints (e.g., a lack of access to capital, including continued challenges with respect to securing asset-based financing, such as on account of the mobility of such underlying assets); along with (ii) regulatory ambiguity (e.g., in terms of attributing and quantifying liability, including in respect of third-party liability insurance, as well as with regard to corresponding caps).
Nevertheless, several new initiatives in India hold promise, such as: (i) the Indian Space Policy, 2023; (ii) a stated commitment to increase the country’s global market share, including by moving away from a demand-based model to a supply-centric approach; (iii) the ongoing and time-bound processing of private sector applications (related to space activities) by the Indian National Space Promotion and Authorization Center (IN-SPACe) – a single-window nodal agency – including for the purpose of assisting erstwhile vendors and suppliers to move up the value chain; (iv) the aggregation of user requirements by NewSpace India Limited – a Central Government-owned enterprise – including for the purpose of utilizing new space assets optimally based on determinations of stakeholder accountability, as well as creating new ones based on demand confirmations; along with (v) the launch of the SpaceTech Innovation Network (SpIN) in order to foster entrepreneurial innovation – especially in respect of startups and SMEs.
This note outlines India’s efforts to enhance and improve upon space regulation – including through reforms and liberalization – while also highlighting obstacles in both policy and practice.
Month: October 2023
India’s Digital Public Infrastructure Could Have All the Answers to Questions Under the DPDP Act
Confusion abounds among key stakeholders of India Inc. with respect to consent management and allied concerns under India’s newly published Digital Persona Data Protection Act, 2023. This is especially true in the context of age verification requirements, along with the means of obtaining verifiable parental consent for children’s data. However, India’s digital public infrastructure could provide all the right answers – eventually. This note explores and examines how.
Modifications to Schemes of Arrangement
Once a scheme of arrangement has been approved by its shareholders or the relevant National Company Law Tribunal, what, if any, modifications are permissible to the scheme of arrangement without seeking fresh shareholder approval?
This note considers the legal framework for modifications to approved schemes of arrangement. It also examines the proposed merger of Zee Entertainment with Sony Pictures India where this question potentially arises for consideration.
Contractual Arrangements Under India’s New Data Protection Law: A Data Fiduciary’s Guide to the Data Processing Universe
In light of India’s new Digital Personal Data Protection Act, 2023 (the “DPDP Act”), organizations need to check whether and to what extent such new compliance regime applies to them and their operations. In this regard, they may need to improve their existing IT and cybersecurity systems. Relatedly, organizations should monitor entities in their supply chains with respect to data processing obligations. In particular, existing contractual arrangements may need to be reviewed, and future data processing agreements (“DPAs”) must be negotiated in light of the new law.
Unlike the GDPR which places certain direct regulatory obligations on data processors, the DPDP Act appears to attribute sole responsibility upon the main custodians of data even when the actual processing is undertaken by data processors pursuant to a contract or other arrangement. Therefore, organizations have to ensure that their own statutory obligations remain mirrored in their supply chain, as well as in delegated/outsourced data processing tasks.
Accordingly, this note discusses due diligence and risk assessment/mitigation strategies; key lessons from the GDPR; necessary clauses in a DPA; the possibility of transferring liability through, and the inclusion of appropriate indemnity provisions in, such DPAs; as well as ensuring confidentiality and security, along with business continuity and disaster recovery, in such contexts.