January-February 2025 INDIA EDITION Privacy Paradigm India’s new data rules challenge business compliance landscape Lessons from launching a new firm A chat with the fast-rising Lucio Cracking down on greenwashing
2 Asian Legal Business | January-February 2025 From the editor Vision: 2025 As we kick off 2025, this issue of ALB India delves into transformative regulatory changes reshaping the business landscape. Our cover story examines India’s ambitious new data protection framework, which presents both opportunities and challenges for organizations operating in the world’s most populous digital market. While aiming to protect privacy rights, these rules grant unprecedented governmental discretion and impose stringent compliance requirements, creating a complex balancing act for businesses. We also explore India’s groundbreaking greenwashing guidelines, which set new standards for environmental marketing claims. With substantial penalties and mandatory third-party certifications, these regulations reflect growing environmental consciousness among Indian consumers and regulators alike. Our Forum section offers valuable insights from law firm founders on the challenges of establishing and growing legal practices in today’s evolving market. Their experiences highlight how technology, specialization, and cultural foundations prove crucial for sustainable growth. Additionally, our Q&A with Vasu Aggarwal of Lucio provides a fascinating glimpse into how AI is being adapted for India’s unique legal landscape, addressing concerns about accuracy, privacy, and scalability. As India’s legal and regulatory framework continues to mature, we remain committed to bringing you detailed analysis and expert perspectives on developments that matter most to your practice. Here’s to a year of innovation, adaptation, and growth in India’s legal sector. Ranajit Dam Managing Editor, Asian Legal Business, Thomson Reuters Senior Director, Legal Media Group Amantha Chia amantha.chia@thomsonreuters.com Managing Editor Ranajit Dam ranajit.dam@thomsonreuters.com Asia Writer Nimitt Dixit nimitt.dixit@thomsonreuters.com Rankings & Special Projects Editor Wang Bingqing bingqing.wang@thomsonreuters.com Copy & Web Editor Rowena Muniz rowena.muniz@thomsonreuters.com Senior Designer John Agra john.agra@thomsonreuters.com Traffic/Circulation Manager Rozidah Jambari rozidah.jambari@thomsonreuters.com Sales Manager Jonathan Yap India, Indonesia, Singapore (65) 6973 8914 jonathan.yap@thomsonreuters.com Asian Legal Business is available by subscription. Please visit www.legalbusinessonline.com for details. Asian Legal Business has an audited average circulation of 11,402 as of 30 September 2016.Copyright is reserved throughout. No part of this publication can be reproduced in whole or part without the express permission of the editor. Contributions are invited, but copies of work should be kept, as Asian Legal Business can accept no responsibility for loss. MDDI (P) 016/02/2025 ISSN 0219 – 6875 KDN PPS 1867/10/2015(025605) Thomson Reuters Alice @ Mediapolis, 29 Media Circle, #09-05, Singapore 138565 / T (65) 6775 5088 10/F, Cityplaza 3, Taikoo Shing, Hong Kong / T (852) 3762 3269 www.thomsonreuters.com
3 Asian Legal Business | January-February 2025 Cover Story thresholds, this all-encompassing approach to breach notification could overwhelm both businesses and users. “This will prove onerous for both businesses and data principals who must give consent for each action,” Christopher adds. Another contentious aspect is the approach to data breach notifications. Unlike global frameworks such as GDPR, which apply materiality thresholds, India’s draft rules mandate reporting all breaches to affected individuals and the Data Protection Board, regardless of severity. This could lead to what some lawyers term ‘notification fatigue.’ The absence of a harm-assessment threshold for data breaches could ultimately prove detrimental to business operations and counterproductive in the longer run, experts say. “Such frequent reporting could make it difficult for data principals to distinguish between minor incidents and significant threats, thereby reducing the effectiveness of the breach notification mechanism,” explains Jitendra Soni, a partner at Argus Partners. “Moreover, the lack of prioritisation could place an undue burden on organisations, diverting resources away from managing more critical breaches,” Soni adds. For children’s data protection, practical implementation questions remain unresolved. “It is still unclear how a data fiduciary should identify a minor at the outset,” Christopher As India advances to implementing its first comprehensive data protection framework, the recently released Draft Digital Personal Data Protection Rules, 2025 have sparked intense discussion about their practical implications. These rules represent a significant shift in how companies must handle personal data, granting unprecedented discretionary powers to the government while imposing stringent compliance requirements on businesses. At the heart of these new regulations lie serious concerns about the extensive government discretion embedded within the framework, which creates an uncertain environment for businesses. The rules, while attempting to establish India’s first comprehensive data protection regime, grant sweeping powers to the government across multiple critical areas, from cross-border data transfers to compliance requirements. The framework marks a departure from current practices by introducing data fiduciaries - entities that determine the purpose and means of processing personal data. These organisations face a complex balancing act between government oversight and operational feasibility, particularly in India’s diverse digital landscape, where high mobile penetration coexists with varying levels of digital literacy. Further complicating matters, the rules establish a consentbased regime that exceeds the stringency of global standards such as the General Data Protection Regulation (GDPR), while simultaneously giving the government extensive authority to demand information from data fiduciaries. This dual challenge creates a complex compliance environment for businesses operating in India. Consent and breach notifications “The most significant challenge in compliance would be adhering to the primarily consent-based regime and the requirement to ask for specific consent for each kind of processing,” explains Deepa Christopher, partner at Talwar Thakore & Associates. This marks a dramatic shift from current practices, where companies typically provide broad notices covering multiple data uses. The rules also mandate notices in 22 languages and require reporting of all data breaches, regardless of severity, creating substantial operational challenges. Unlike GDPR’s materiality India’s privacy puzzle India’s draft data protection rules aim to safeguard privacy rights, but also grant extensive governmental discretion and impose stringent compliance requirements, creating uncertainty for businesses across consent management, breach reporting, and cross-border data transfers. Experts highlight the need for clearer implementation guidelines. By Nimitt Dixit
4 Asian Legal Business | January-February 2025 Cover Story “Based on current guidance, the assumption is that only very large organisations who process significant volume or very sensitive categories of data will qualify as significant data fiduciaries. If this assumption is proven wrong, and a larger number of organisations have to comply with the more stringent requirements, it will be quite challenging.” — Deepa Christopher, Talwar Thakore & Associates points out. “The rules only suggest two instances – where a child self-identifies or is identified by their parent, both of which will not be viable if services are used anonymously or are on shared devices.” Cross-border data transfer Cross-border data transfers emerge as a major concern, particularly for international businesses. The rules grant the government broad powers to restrict data transfers to any country or foreign entity, potentially creating uncertainty for companies operating globally. This could significantly impact sectors reliant on cloud infrastructure and international data flows. “For businesses reliant on global cloud infrastructure, these restrictions may lead to higher costs, fragmented data architectures, and cybersecurity challenges,” Soni explains. The government’s ability to impose restrictions with limited notice creates additional operational uncertainty, especially for sectors heavily reliant on real-time international data flows, such as financial services, healthcare, and e-commerce platforms. For multinational corporations, these restrictions could necessitate a complete overhaul of existing data-sharing practices between Indian operations and global offices. The rules’ reach extends to data processed outside India if it relates to goods and services provided within India, effectively creating extraterritorial obligations. “This lack of clarity will prove especially harmful for importers, exporters and multinational companies,” Christopher notes. Impact on different businesses The framework introduces the concept of “significant data fiduciaries” (SDFs), imposing additional obligations on organisations processing substantial volumes of data. While this tiered approach aims to balance regulation with business needs, the criteria for SDF classification remain unclear, creating anxiety among mid-sized companies about their potential obligations. Christopher notes that these requirements could prove especially burdensome if the SDF classification extends beyond initially anticipated scope: “Based on current guidance, the assumption is that only very large organisations who process significant volume or very sensitive categories of data will qualify as significant data fiduciaries. If this assumption is proven wrong, and a larger number of organisations have to comply with the more stringent requirements, it will be quite challenging.” SDFs face stringent requirements, including annual data audits, impact assessments, and potential data localisation mandates. They must also ensure their algorithmic software doesn’t harm data principal rights – a vague obligation that technology companies may find particularly challenging to implement. For India’s burgeoning startup ecosystem, these requirements could pose significant challenges. While the rules attempt to differentiate obligations based on business scale, the baseline compliance requirements remain substantial. Smaller companies may struggle with the technical and financial resources needed to implement comprehensive consent management systems, multiple language support, and breach notification mechanisms. Way forward As organisations prepare to navigate this new regulatory landscape, several critical priorities demand immediate attention. They need to audit their current data processing activities, implement more granular consent mechanisms, and prepare for potential data localisation requirements. International companies must reassess their data transfer mechanisms and potentially restructure their data architectures to accommodate future restrictions. The consent manager framework, while innovative, remains untested. These entities are meant to serve as intermediaries, helping individuals manage their privacy preferences across services. However, the practical implementation of this system, including technical standards and interoperability requirements, needs further clarity. The government’s extensive powers to call for information from data fiduciaries under the DPDP Act and draft rules may also need to be reviewed. “It is likely that data fiduciaries will find this challenging to adhere to, especially in the context of the Schrems-II judgement. The surveillance powers of the government will also impact any end-to-end encryption undertaken by social media companies, such as Meta,” Christopher notes. “Data fiduciaries will now have to be careful of their data sharing practices and will need to undertake an exercise to continuously map where their data is transferred and who is given access to it,” she adds. The rules are currently open for public feedback until Feb. 18, 2025, offering a crucial window for industry input. Many hope this consultation process will lead to clarifications on key aspects, particularly around breach notification thresholds, SDF criteria, and cross-border transfer restrictions. “While companies should begin to comply with this new regime, it is likely that such compliance will be an ongoing process as further clarity is given through developing market practice and government notifications,” Christopher concludes.
TOPIC DATE FORMAT SPEAKER ALB MASTERCLASS SERIES 2025 International Contract Drafting, Negotiating, and Enforcement Masterclass 3 & 4 March Virtual Arun Singh India’s Digital Personal Data Protection Draft Rules 2025 Masterclass: Navigating a New Age of Data Privacy 25 & 26 March Virtual Nishith Desai Associates Mergers & Acquisitions: Cross-Border Transactions Masterclass 3 & 4 April Virtual Arun Singh Structuring Private Equity Deals Masterclass 8 & 9 May Virtual Arun Singh Mastering Loan Agreements Masterclass 4 & 5 June Virtual Arun Singh Digital Technology & the Law Masterclass 17 & 18 June Virtual Steven Gallagher Joint Ventures and Strategic Business Alliances Masterclass 24 & 25 July Virtual Arun Singh Disputes in Digital Assets Masterclass 29 & 30 July Virtual Steven Gallagher Influence, Impact, and Personal Effectiveness Masterclass 28 & 29 August Virtual Arun Singh KEN ADAMS FACE TO FACE WORKSHOP SERIES Ken Adams Drafting Clearer Contracts Workshop (Hong Kong) 12 September Face to Face Ken Adams Ken Adams Drafting Clearer Contracts Workshop (Singapore) 16 September Face to Face Ken Adams Ken Adams Drafting Clearer Contracts Workshop (Indonesia) 17 September Face to Face Ken Adams Ken Adams Drafting Clearer Contracts Workshop (Bangkok) 19 September Face to Face Ken Adams Ken Adams Drafting Clearer Contracts Workshop (Manila) 23 September Face to Face Ken Adams Ken Adams Drafting Clearer Contracts Workshop (Mumbai) 25 September Face to Face Ken Adams ALB WORKSHOPS 2025
6 Asian Legal Business | January-February 2025 India’s legal landscape has bloomed with specialised firms this past decade, driven by global deals and complex regulations. While heritage firms lean on established networks and tested systems, newcomers navigate tougher waters, as clients heavily weigh reputation. A firm’s early handling of talent, operations, and market presence often shapes its future survival. Two fundamental assumptions I had to challenge after two decades at a top-tier firm were around fixed costs and talent scaling. Rather than following the traditional playbook of investing in premium office space and rapidly building large teams, we took a different approach. First, I recognised that high fixed costs in real estate and infrastructure wouldn’t add proportionate value to client experience. Choosing serviced suites and cloud-based encrypted systems not only reduced our administrative burden but freed up significant time and capital to focus on investing in knowledge management and technology thereby delivering premium, hands-on service, thereby enhancing client experience. Second, the conventional wisdom of building large teams needed rethinking in the AI era. While talent is relatively affordable initially in India, team costs compound significantly over time as associates grow and salaries increase. Instead, we maintain a leaner, more focused team where associates get intensive mentoring and faster growth by focusing on high-value work, while AI handles routine tasks, so we are essentially getting the bench strength without fixed costs. We started ThinkLaw right in the middle of the COVID-19 pandemic. I believe adversity creates opportunity, and COVID-19 created the perfect platform for high-performing professionals. Clients quickly realised that it was the individual, rather than the firm, who was advising/representing them that mattered, as virtual meeting platforms were great equalisers. It was important to demonstrate to clients that we were here to stay, particularly during the uncertain COVID-19 environment. One expects client acquisition to be the toughest challenge for recently established law firms, but surprisingly, we found clients to be very supportive in this journey, with most of them choosing to continue their relationships with us. What was more challenging was establishing a clearly defined culture from day one, along with the things we wouldn’t compromise on. Mutual respect, cohesiveness, and a collaborative but merit-driven approach were some of the cornerstones we chose to define us. It was also pleasantly surprising that clients weren’t really interested in getting discounts as long as we provided high-quality and strategy-driven legal advice. When I started The Valid Points, my prior experiences taught me that financial success in a law firm was primarily driven by maximising billable hours; and the best way to grow the firm was by trying to serve as many different types of clients as possible. However, I learned the hard way that the long-term success of the firm has more to do with fostering a positive and sustainable culture that emphasised work-life balance, professional development, and long-term career growth. Being a completely virtual firm, we could introduce flexible hours, create greater opportunities for CLEs or skill building, and create a more supportive environment for personal wellness. Investment in culture paid off through loyalty and higher-quality client service. Being a generalist firm made it difficult to build a strong reputation or attract high-quality clients who valued deep knowledge in a specific area; and therefore, I made the decision to focus on key specific area of law (e.g., data protection) and position the firm as a leader in that niche. This involved refining our marketing strategy, developing specialised content, and building relationships within that sector. Teething lessons FORUM Shameek Chaudhuri founder, Avyakta Law Tushar Ajinkya founder, ThinkLaw Neeraj Dubey founder, The Valid Points Law Offices Reflecting on your firm’s early days, what were the most surprising lessons you learned about managing a law firm that fundamentally challenged your initial assumptions?
7 Asian Legal Business | January-February 2025 Megha Agarwal Leaving: Economic Laws Practice Going to: Khaitan & Co Practice: Hospitality Location: Mumbai Position: Partner Megha Arora Leaving: JSA Advocates & Solicitors Going to: IndusLaw Practice: Projects, Energy Location: Bengaluru Position: Partner Pritha Chatterjee Leaving: IndusLaw Going to: JSA Advocates & Solicitors Practice: Banking and Finance Location: Mumbai Position: Partner Srikant CV Leaving: Khaitan & Co Going to: Shardul Amarchand Mangaldas & Co Practice: Corporate Location: NCR Position: Partner Timothy Franklyn Leaving: Tatva Legal Going to: Fox & Mandal Practice: Capital Markets Location: Bengaluru Position: Practice Head Rahul Jain Leaving: Quess Corp Going to: Hammurabi & Solomon Partners Practice: Corporate Location: Bengaluru Position: Partner Tarunya Jain Leaving: Boxwalla India Going to: Tatva Legal, Hyderabad Practice: Corporate Location: Hyderabad Position: Partner Ankur Loona Leaving: Alliance Law Going to: Dentons Link Legal Practice: Capital Markets Location: Mumbai Position: Partner Atul N Menon Leaving: AZB & Partners Going to: Saga Legal Practice: Dispute Resolution Location: Bengaluru Position: Practice Head Samarjit Gajendra Pattnaik Leaving: Karanjawala & Company Going to: Luthra and Luthra Law Offices Practice: White-collar Crime Location: Delhi Position: Partner Pooja Sable Leaving: Cyril Amarchand Mangaldas Going to: Desai & Diwanji Practice: Corporate Location: Pune Position: Partner Navin Syiem Leaving: Luthra and Luthra Law Offices Going to: Antares Legal Practice: M&A, PE Location: Delhi Position: Partner Vaibhav Suri Leaving: Luthra and Luthra Law Offices Going to: Cyril Amarchand Mangaldas Practice: Real Estate Location: Delhi Position: Partner In the latest in a series of group moves in India, Cyril Amarchand Mangaldas has added a seven-member real estate transaction team from Luthra and Luthra Law Offices, led by partner Vaibhav Suri. This is the second large group hire in 2025, following Dentons Link Legal bringing on a 10-member capital markets team from Alliance Law. Suri, who has over 17 years of experience, advises onshore and offshore real estate developers, investors and high net worth individuals on real estate deals and related regulatory concerns. He is experienced in deals involving acquisition, development, investment structuring, sale, leasing, collaboration and construction contracts on a pan India basis. His clients include companies such as Godrej Properties Limited, Mahindra Lifespace Developers Limited, ATS Infrastructures Limited, Anant Raj Industries Limited, Soma New Towns Private Limited, HDFC Bank Limited, CapitaLand Limited, and Blackstone Real Estate Partners. Suri joined Luthra in 2007 and became partner in 2016. APPOINTMENTS
8 Asian Legal Business | January-February 2025 PE/VC Business implications For businesses, these changes necessitate a fundamental shift in how they communicate environmental initiatives. The guidelines require verifiable evidence for all environmental claims, moving beyond mere marketing assertions. Rajat Jariwal, a partner at Trilegal, explains that “generic terms such as clean, green, eco-friendly can no longer be used without adequate and accessible qualifiers and substantiation.” The penalties are substantial. Firsttime violations can attract fines of up to 1 million rupees ($11,000) and potential imprisonment for two years. Repeat offenses face graver consequences, with fines of up to 5 million rupees and imprisonment terms extending to five years. This marks a departure from previous regulatory approaches, introducing criminal liability for environmental misrepresentation. Beyond financial penalties, regulatory authorities can order immediate cessation of deceptive advertisements and mandate corrective notices. The Supreme Court has demonstrated its commitment to consumer protection, recently ordering a prominent Ayurvedic brand to cease misleading advertisements and remove suspended products. Notably, liability extends to celebrity endorsers and influencers, who must exercise due diligence in verifying environmental claims before promotion, Chatterjee explains. Further, under India’s Consumer Protection Act, consumers who have been misled by environmental claims can join together to file class action complaints with consumer courts for contravention of the guidelines. A company’s “Key Managerial Personnel,” which includes its board members and C-suite executives, “may be held personally accountable if personal involvement in the making of a misleading environmental claim is shown,” Jariwal adds. Industry impacts vary significantly. Manufacturing companies wrestle with documenting entire production processes, from raw material sourcing to energy consumption and waste management. Textile manufacturers, for instance, must verify organic cotton claims throughout their supply chain, while automotive companies need documentation for recycled material usage and emissions reduction claims. Retailers face complex challenges in verifying supplier claims while maintaining their own environmental assertions. E-commerce platforms must particularly adapt their systems to display and verify environmental claims for thousands of products. The hospitality sector grapples with substantiating energy efficiency claims and sustainable practices, while technology companies must verify green data centre operations and sustainable hardware claims. India’s recent guidelines on greenwashing, issued in October 2024, represent the most comprehensive regulatory framework yet for environmental marketing claims in the country. The guidelines arrive amid a crisis of consumer trust - only 29 percent of Indian consumers believe companies’ green assertions, while 71 percent report direct experiences with greenwashing. According to Advertising Standards Council of India (ASCI) data, nearly four out of five green claims in the Indian market were found to be either exaggerated or misleading, highlighting the urgent need for regulatory intervention. The guidelines introduce several groundbreaking requirements. First, they mandate comprehensive documentation for any environmental claim, covering everything from manufacturing processes to end-product attributes. Second, these claims must include digital verification through QR codes or URLs, making evidence instantly accessible to consumers. Third, strict standards are established for comparative environmental claims between products. Additionally, commonly used terms like “ecofriendly,” “sustainable,” or “natural” now require specific third-party certification. The scope of the guidelines extends across all advertising mediums and formats but is restricted to specific product claims rather than general corporate sustainability mission statements. “This nuance acknowledges the difference between broad corporate values and measurable product-specific claims, focusing regulatory efforts on the latter to prevent misleading advertisements,” explains Pooja Chatterjee, a partner at King Stubb & Kasiva. Green claims, real stakes India’s new greenwashing guidelines, introduced in October 2024, mandate verifiable documentation and third-party certification for environmental marketing claims. Violations of these guidelines carry substantial penalties including fines up to 5 million rupees and potential imprisonment. By Nimitt Dixit
9 Asian Legal Business | January-February 2025 PE/VC Building compliance These requirements mean business operations face substantial adjustment requirements. Marketing teams will now need to collaborate closely with legal departments, supply chain managers, and sustainability experts. This necessitates the establishment of new verification processes, updating documentation systems, and retraining staff across departments. “Corporations should undertake a comprehensive review of their existing policy frameworks and make necessary amendments or adopt new policies to incorporate the safeguards outlined in the guidelines,” advises Niti Paul, a partner at Luthra and Luthra Law Offices. This includes maintaining centralised documentation repositories, implementing rigorous review processes for all claims before publication, and establishing supply chain verification mechanisms. The law recognises good faith efforts, Jariwal at Trilegal points out. “However, this protection requires demonstrable evidence of systematic verification processes, from data credibility checks to comprehensive staff training programs. Companies should particularly focus on documenting their verification processes and maintaining real-time tracking of environmental metrics,” he advises. Paul emphasises the importance of organisational alignment in preventing greenwashing violations, particularly by fostering synergy between legal and marketing teams. “As part of an internal approval process, advertisements should undergo thorough review and clearance from relevant teams, including the legal department, to ensure compliance with regulatory standards,” Paul adds. To safeguard against misleading claims, Chatterjee notes that companies should establish a centralised and systematic review process for all advertisements featuring environmental claims. “For high-stakes environmental claims, companies must consider engaging external consultants or thirdparty validators to further substantiate the claims made,” Chatterjee says. A fundamental aspect of ensuring the authenticity of environmental claims lies in establishing rigorous due diligence procedures for verifying the sustainability credentials of suppliers and third-party partners. “Supplier contracts should include clauses requiring verifiable data for any environmental claims associated with their goods or services,” Chatterjee advises. Companies must establish robust crisis management protocols to address potential greenwashing allegations. “A transparent communication strategy must be prepared to address consumer and regulator concerns promptly. Furthermore, proactively monitoring digital platforms and media is essential to detect any potential challenges or violations related to environmental claims at an early stage,” Chatterjee adds. The digital compliance landscape demands development of sophisticated infrastructure development. Companies must create accessible databases linking environmental claims to supporting documentation. This includes establishing verification portals, implementing QR code systems, and maintaining realtime updates of environmental certifications. Given the dynamic regulatory landscape, Paul recommends establishing dedicated oversight mechanisms: “Corporations should consider forming an ESG Committee responsible for conducting periodic reviews of policies and internal approval processes, ensuring that any updates or amendments to the regulatory framework are promptly adopted and implemented.” The guidelines also reflect growing global pressure for environmental accountability. International companies operating in India must now align their global sustainability claims with local verification requirements, potentially influencing their worldwide practices. This alignment with international standards helps Indian companies competing in global markets while protecting local consumers. “To drive meaningful sustainability efforts, companies must commit to longterm goals with clear, actionable plans and timelines, ensuring that progress is measurable and aligned with industry standards,” says Chatterjee. “Transparency can be further enhanced by leveraging blockchain technology or digital platforms, which enable the traceability of environmental claims across the supply chain.” More on the way The regulatory landscape continues to evolve, with new requirements emerging regularly. Companies implementing early adaptations will be better positioned as environmental consciousness grows among Indian consumers. Industry experts anticipate more specific guidelines across several crucial areas. “It is likely that sector-specific greenwashing guidelines will emerge for industries with significant environmental footprints, such as energy, fashion, or manufacturing. Tailored compliance strategies for each sector may become necessary,” predicts Jariwal. Due diligence requirements are expected to become increasingly stringent, particularly regarding documentation and verification processes. The legal framework’s recognition of protection for businesses and endorsers who demonstrate proper due diligence is likely to evolve into more specific requirements, says Paul. While India’s guidelines generally align with international regulations, there are notable gaps in specific areas, such as carbon offsetting claims. “The rising concern over ‘phantom credits’ in the carbon market has sparked debate about whether India should follow the EU’s approach and implement a complete prohibition on such claims,” Paul observes. The EU’s greenwashing directive has taken a definitive stance by prohibiting environmental claims based on carbon offsetting entirely. “India’s guidelines currently address this only indirectly, representing a critical area for potential regulatory development,” Paul adds.
10 Asian Legal Business | January-February 2025 Vasu Aggarwal, Lucio ALB: The Indian legal system has unique characteristics like multilingual requirements, nondigitisation of court and other records, and heavy reliance on unwritten procedural rules and oral communication. How do you adapt AI solutions to address the specific needs of Indian lawyers, and what are the major challenges to overcome? Vasu Aggarwal: With the depth of these problems, India’s legal system is definitely one of a kind, and AI solutions need to be designed with that in mind. Dealing with multiple languages isn’t just about translation—it’s about making sure the legal meaning of terms stays true to context. Similarly, non-digitised records like handwritten or poorly scanned documents need strong systems to recognise the text underneath and to make them usable. It’s also true that AI also needs to handle unwritten rules and local practices. It’s not just a problem for artificial intelligence but also for human intelligence; therefore, it becomes hard to address this problem. Similar to how lawyers adapt to these unwritten rules and local practices, artificial intelligence must also be built from that perspective. ALB: Indian lawyers often express concerns about AI hallucinations and accuracy, particularly given the high stakes of legal work. What approaches can one take to build trust and demonstrate the reliability of AI solutions in the Indian context? Aggarwal: It becomes important to build systems that hallucinate the least, if at all. And AI makers need to understand the reality of it, instead of brushing it off. That’s partly why we think lawyers making AI for lawyers is immensely valuable. But it is also a two-way street, where lawyers need to understand that they are in the driver’s seat. They must verify the work done by an AI, as they do for their juniors. As I ask this question often to naysayers – if they can confidently say that 100 percent of the work done by them or their juniors is accurate? I bet no lawyer is willing to promise 100 percent accuracy in their engagement letters today. It’s therefore, incumbent on AI makers to give lawyers full control over the process and output. AI makers must build trust with lawyers by making systems transparent. AI tools should clearly show how they arrive at their conclusions, with citations for everything, so lawyers can double-check the results. Finally, involving lawyers in improving the tool is key. If they can flag mistakes and see those issues get fixed, it builds confidence over time. ALB: Data privacy and client confidentiality are critical in legal practice, and Indian firms (and their clients) are particularly cautious about cloud solutions. How can legaltech providers effectively address these concerns while delivering cloud-based AI solutions? Aggarwal: It is again incumbent on legal tech providers to prioritise security and transparency to address these concerns. Certifications like SOC 2 and ISO 27001 show that the platform is serious about keeping data safe. Regular thirdparty audits help reinforce the same. Offering options like dedicated cloud infrastructure can also help, especially for firms that are hesitant about cloud solutions. Finally, compliance with applicable laws like the Digital Personal Data Protection Act is essential. ALB: What are the key growth opportunities and challenges for legaltech companies in India going into 2025, particularly in terms of product innovation and market penetration? How can they effectively scale while addressing the unique needs of the Indian legal market? Aggarwal: As more firms look for ways to save time and handle bigger workloads, there’s a real opportunity to innovate. Scaling in India, however, comes with its own challenges. Many lawyers are used to traditional ways of working, so getting them to adopt new tools requires patience and education. Cost is another factor—solutions need to be affordable. I also see a big shift in vision for lawyers – at least at larger law firms, they are starting to look at these solutions as investments, not just costs. “It becomes important to build systems that hallucinate the least, if at all. And AI makers need to understand the reality of it, instead of brushing it off. That’s partly why we think lawyers making AI for lawyers is immensely valuable.” THE Q&A Lucio is an AI-powered legaltech company that recently signed contracts with in-house teams and top firms including Cyril Amarchand Mangaldas and Trilegal. In this interview, cofounder Vasu Aggarwal delves into the unique challenges of adapting AI for Indian lawyers, addressing concerns about accuracy and data privacy, as well as growth opportunities for companies like his in India.
11 Asian Legal Business | January-February 2025 DEALS $1.2 bln Hexaware Technologies’ IPO Deal Type: IPO Firm: Latham & Watkins; Shardul Amarchand Mangaldas & Co Jurisdiction: India $945 mln Vishal Mega Mart’s IPO Deal Type: IPO Firms: Cyril Amarchand Mangaldas; Shardul Amarchand Mangaldas & Co; Sidley Austin; Trilegal Jurisdiction: India $482 mln Jsquare Electrical Steel’s acquisition of ThyssenKrupp Electrical Steel India Deal Type: M&A Firms: AZB & Partners; Cyril Amarchand Mangaldas; Luthra and Luthra Law Offices Jurisdictions: India, Germany, Japan $400 mln Bain Capital’s investment in Dhoot Transmission Group Deal Type: M&A Firms: AZB & Partners; Kirkland & Ellis; Trilegal Jurisdictions: India, U.S. $350 mln Kedaara Capital’s investment in Impetus Technologies Deal Type: M&A Firms: Akin Gump Strauss Hauer & Feld; DLA Piper; Kelley Drye & Warren; Kirkland & Ellis; Linklaters; Quillon Partners Jurisdictions: India, U.S. $350 mln Hindustan Unilever’s acquisition of Minimalist Deal Type: M&A Firms: Cyril Amarchand Mangaldas; IndusLaw; Khaitan & Co, Trilegal Jurisdictions: India Hindustan Unilever’s majority acquisition of bootstrapped premium skincare brand Minimalist, the first large M&A Deal Type in India this year, could trigger a race for consolidation in the skincare space as competitors Mamaearth and Plum turn to inorganic growth to keep their share in the market. This Deal Type highlights a convergence of macro-economic trends: Rising disposable incomes, digital-first shopping habits, and an obsession with ingredient-conscious products. For the broader M&A landscape, it telegraphs that traditional companies are willing to pay premium valuations for brands that have cracked the youth code. The Deal Type also sets a significantly high precedent for exits for founders and bootstrapped companies in this space. $2.3 bln ONGC NTPC Green’s acquisition of Ayana Renewable Power Deal Type: M&A Firms: Cyril Amarchand Mangaldas; JSA; Khaitan & Co Jurisdictions: India, UK $2 bln Adani Enterprises and Adani Commodities’ exit from Adani Wilmar Deal Type: M&A Firms: Cyril Amarchand Mangaldas; Khaitan & Co Jurisdiction: India $1.5 bln JSW Energy’s acquisition of O2 Power from Temasek and EQT Infrastructure Deal Type: M&A Firms: A&O Shearman; Herbert Smith Freehills; Khaitan & Co; Trilegal Jurisdictions: India, Singapore
12 Asian Legal Business | January-February 2025 India’s aviation sector underwent legal overhaul amid Go First crisis Last year saw India’s aviation sector move through significant legal shifts and regulatory changes, as airlines navigated court battles, restructuring efforts, and new compliance frameworks. From the Go First liquidation and its trouble with lessors, to SpiceJet’s financial restructuring and the implementation of new regulatory frameworks, the year witnessed several pivotal moments that will influence the sector’s trajectory in 2025. At the heart of these developments was the Go First liquidation, which exposed critical gaps in the country’s aviation regulations while simultaneously creating new precedents. The case concluded in January 2025 with the National Company Law Tribunal ordering liquidation, which involved debts of approximately 110 billion Indian rupees ($1.27 billion) spread across banks, lessors, and other creditors. The case’s ripple effects led to substantial regulatory reforms, especially regarding lessor rights. An October 2024 notification exempted aircraft from the moratorium period under the Insolvency and Bankruptcy Code, a direct response to criticism from global aviation stakeholders. However, this came too late to prevent India’s downgrade in its Cape Town Convention compliance rating by the Aviation Working Group. This has had real consequences for Indian carriers. “The downgrade impacts the cost of aircraft leasing,” says Vihang Virkar, lead partner of DMD Advocates’ Mumbai office, who has been advising Go First on legal and contractual matters since 2005. “Banks and credit rating agencies attribute higher risk to the region based on its relatively lower Cape Town Convention compliance ratings, resulting in increased lease rates for Indian airlines compared to operators in jurisdictions with higher ratings.” The Go Air case proved particularly significant in opening new avenues in litigation funding, Virkar points out. “The Go Air liquidation is likely to be a notable instance of litigation funding in India. This development is likely to be gamechanging, with several litigation funders expected to show increased interest in Indian aviation and other sectors over the next few years,” he explains. Another regulatory outcome, prompted in part by the lessons learned from the Go First case, has been the government’s move to finally incorporate the Cape Town Convention into Indian law in early 2025. The Union Cabinet’s approval of the Protection and Enforcement of Interests in Aircraft Objects Bill in January marks a significant shift in India’s approach to lessor rights. This legislation, aimed at adopting the convention’s protocols, addresses a long-standing demand from the global aviation financing community, and will allow aircraft leasing companies to reclaim their assets from defaulting airlines more efficiently. The year 2024 also witnessed significant consolidation in the sector, with the completion of Air India and Vistara’s merger creating a formidable full-service carrier. Simultaneously, Air India Express and AIX Connect merged to form a substantial low-cost entity. These strategic moves, alongside major aircraft orders from both Air India and IndiGo, reshaped the competitive landscape and generated substantial legal work in aircraft financing and leasing arrangements. SpiceJet’s story emerged as another major thread throughout 2024, as the airline worked through legal challenges and financial restructuring. Through settlements and financial innovation, including a successful QIP, the airline has shown resilience. “SpiceJet appears to have managed to clear up a fair bit of their past financial worries. They have also managed to convert some of the outstanding debt to lessors into equity,” Virkar observes. However, market watchers remain split on its prospects for the year ahead. The GIFT City initiative gained some traction last year, with around 30 aircraft lessors registered and more than 120 aviation assets, including aircraft, helicopters and engines leased from GIFT City. But the expected movement of aircraft financiers to GIFT City is yet to pan out, notes Virkar. Industry experts point to India’s unpredictable tax jurisdiction, strong competition from established hubs like Dublin, and ongoing debates about lease classification in the tax system as key challenges. Looking ahead, the sector is poised for increased leasing and financing activity, driven by major carriers’ expansion plans. The consolidation created by Air India and Vistara’s merger is expected to bring fresh legal questions around competition and route rights. Meanwhile, the MRO (maintenance, repair and overhaul) sector shows promise following new tax structures, though more regulatory fine-tuning may be needed. “We anticipate substantial growth in aviation financing and leasing activities, driven by fleet expansion by major carriers,” says Virkar. “With more foreign airlines looking at Indian destinations, we expect increased activity around code-share arrangements and allocation of international route rights. The GIFT City initiative’s success will depend on addressing key concerns around tax predictability and lessor protection.”
13 Asian Legal Business | January-February 2025 AI is now a daily reality in legal departments, affecting everything from basic operations to major decisions. General counsel must now balance technological advancement with human values and ethical principles, particularly as AI tools become more sophisticated and widespread across organisations. AI’s impact on legal operations GCs traditionally managed legal compliance and risk. Now, they must also understand algorithms, data ethics, and emerging challenges like AI-generated misinformation and privacy concerns. This expanded role requires new technical knowledge alongside traditional legal expertise. AI has transformed contract management. Modern tools can draft, review, and negotiate agreements faster than ever, allowing legal teams to focus on strategy. These same tools help fight cyber threats by detecting unusual patterns and responding to attacks quickly. However, criminals also use AI for sophisticated phishing and security breaches, requiring constant vigilance from legal teams. The cybersecurity landscape grows more complex daily. As AI systems become more powerful, both defenders and attackers gain new capabilities. Legal teams must stay current with these developments to protect their organisations effectively. Regular security audits and updated response protocols are essential. Data privacy remains crucial as AI systems process vast amounts of personal information. The Digital Personal Data Protection Act requires strict data protection measures, and GCs must ensure that their AI systems comply fully. This includes regular privacy assessments, data handling protocols, and user consent mechanisms. Protecting innovation AI helps legal teams spot counterfeit goods and protect trademarks online. The technology can scan millions of listings and identify potential violations quickly. But new generative AI tools create fresh challenges, potentially infringing on existing IP rights. GCs must balance innovation with proper IP protection. Most companies still struggle to implement AI effectively. While isolated uses like contract review show promise, real benefits come from comprehensive integration across organisations. Success requires careful planning, staff training, and regular evaluation of AI systems’ effectiveness. Technology adoption varies significantly across legal departments. Some embrace AI fully, while others remain cautious. Both approaches have merit, but GCs must consider their organisation’s specific needs and capabilities when developing AI strategies. Responsibility and ethics Key questions remain about AI accountability: How can we protect privacy while encouraging innovation? What prevents bias in AI decisions? Who’s responsible when AI makes mistakes? These questions require careful consideration and clear policies. Media and entertainment face particular challenges with AI. Generative AI can create convincing fakes, from deepfake videos to artificial voices. Content regulation through methods like shadow banning raises questions about fairness and transparency. Legal teams must develop new strategies to address these emerging threats. AI reliability poses ongoing concerns. When AI produces false but believable information – also known as “hallucinations” – it creates serious risks. GCs need clear frameworks to manage these limitations and protect their organisations from potential liability. The rise of AI-powered legal tools also raises questions about the future of legal practice. While AI can handle routine tasks efficiently, human judgment remains essential for complex legal decisions. GCs must determine how to combine AI capabilities with human expertise best. The legal profession is changing rapidly with AI. General counsel must guide this transformation, ensuring technology serves justice and fairness. Their role is to harness AI’s benefits while protecting fundamental legal and ethical principles. Success requires balancing innovation with responsibility and maintaining high standards while embracing new capabilities. Looking ahead, AI will continue to reshape legal practice. GCs who understand both the potential and limitations of AI technology will be best positioned to lead their organisations through this transformation. The goal remains consistent: Using technology to enhance, not replace, human legal judgment. The general counsel in the age of AI By Rajiv Malik IN-HOUSE INSIGHTS About the author Rajiv Malik is the legal head of LG Electronics’ production subsidiary in Noida. He has over 20 years of experience, specialising in litigation, contract management, data privacy, antitrust issues, compliance, AI and technology.
www.legalbusinessonline.comRkJQdWJsaXNoZXIy MjA0NzE4Mw==