Writing on privacy, data protection, and information security
Sushil has written about privacy and information security in India since 2015. That work shapes how the DPDP practice runs today: hands-on, technical, and focused on how data actually moves.
Longstanding privacy concern
Public writing on privacy and data protection predates DPDP by years.
Security-by-design orientation
Articles on HTTPS, startup security, and basic information security emphasize operational controls.
Data minimization instinct
The recurring theme is to collect less data, protect it better, and explain its use clearly.
Selected publications
The articles below are grouped by theme, but listed as a single public record for convenience.
Going Through US Border Security With Nothing to Hide
Aadhaar: the Indian biometric ID system has potential but presents many concerns
Time for Data Collectors to Say “No, Thanks!”
What India’s Data Protection Committee Can Learn from US, EU and China
Right to privacy: what US, EU, China can teach India about data protection
My words of advice for startups: build in data security and privacy from the start
India’s Website Operators Cannot Delay Further, Turn on HTTPS Already
India Inc Needs To Fix Its Numerous and Basic Information Security Flaws Quickly
Security and Privacy Issues With The Government’s Portal For Missing Children
ICICI Bank’s Twitter Service is a privacy nightmare
ICICI Twitter banking puts all customers at risk
Why this matters for DPDP readiness
DPDP is a legal framework, but readiness depends on operational choices: what data you collect, whether you need it, how you secure it, how you explain it, how you respond to people, and how your vendors handle it. That has been the through-line of this writing for nearly a decade.