Content Public

  • info@contentpublic.com
logo
News & Updates

Google India Showcases Privacy Tech, New Scam Defences as DPDP Rules Take Effect

adminNovember 21, 2025
Google India Showcases Privacy Tech, New Scam Defences as DPDP Rules Take Effect

In a timely alignment with India’s newly operational Digital Personal Data Protection (DPDP) Rules, 2025, Google India has unveiled a suite of privacy-enhancing technologies (PETs) and AI-powered scam detection tools. These initiatives come at a pivotal moment — as the rules officially take effect — underscoring the company’s intent to lead both on innovation and user trust.

The New Privacy Landscape: DPDP Rules Take Effect

On 14 November 2025, the Indian government officially notified the DPDP Rules, 2025, bringing significant provisions of the DPDP Act, 2023 into force. ETGovernment.com+2The New Indian Express+2 These rules lay out clear obligations for entities handling personal data (termed data fiduciaries) and grant stronger rights to individuals (or data principals) — including the right to access, correct, erase, or object to data processing. The Times of India+2The Times of India+2

Importantly, Google and other organizations have been given a 12–18 month phased rollout to comply with several of the more complex provisions. ETGovernment.com+2mint+2 Meanwhile, certain rules, such as breach notification and the establishment of a Data Protection Board, are already in force. The Indian Express+1

Google’s Technical Response: Privacy + Protection

At an AI pre-summit event in New Delhi, Google highlighted how its technical roadmap aligns with the spirit and letter of the new DPDP Rules. The Indian Express Here are the key pillars of their response:

1. Privacy-Enhancing Technologies (PETs)

Google emphasized its investment in PETs like federated learning, homomorphic encryption, and differential privacy. The Indian Express These technologies are central to balancing data utility with individual privacy — critical under the DPDP regime.

  • Federated Learning: Allows machine learning on-device, so personal data does not need to be sent to central servers.

  • Homomorphic Encryption: Lets computations happen on encrypted data, making it possible to use data without decrypting it.

  • Differential Privacy: Adds controlled ‘noise’ to data so individual-level information cannot be easily re-identified.

A senior scientist from India’s IT Ministry noted that these PETs could be “core agents” in implementing the DPDP Act effectively. The Indian Express

2. AI-Powered On-Device Scam Detection

One of the headline announcements: on-device AI scam detection on Pixel phones. Rather than sending voice data to the cloud, Google now uses Gemini Nano (its lightweight AI model) to analyze calls in real time and warn users of potential scams — without recording audio or transcripts. The Indian Express

The system is privacy-conscious:

  • Works only for unknown numbers (i.e., not your saved contacts).

  • Plays a beep to alert the user.

  • Can be turned off whenever the user desires.

This means Google can help protect users from fraud, while respecting their privacy — a design that aligns well with the new DPDP mandates.

3. Safeguards Against Digital Arrest Scams

Google is also piloting a feature targeted at rising “digital arrest scams” — a worrying trend where scammers coerce users by pretending to be law enforcement. The Indian Express

Under this pilot:

  • Android users (on Android 11 and above) trying to share their screen with an unknown contact will see a prominent alert.

  • There’s a one-tap option to end the call and stop screen sharing, helping users exit risky interactions instantly.

  • Collaboration for this feature includes fintech players like Navi, Paytm, and the Google Play team.

4. Enhanced Phone Number Verification (ePNV)

Google announced a new protocol called Enhanced Phone Number Verification (ePNV). The Indian Express Instead of relying on traditional SMS-based OTPs, ePNV uses a secure, consent-driven SIM-based check — making authentication more seamless, and potentially safer.

5. Strengthening Financial Scam Warnings

Google Pay is also stepping up its anti-fraud efforts: the company says it now shows over one million warnings every week for potentially fraudulent transactions. The Indian Express This volume reflects both the scale of fraud risk in India’s payments ecosystem and Google’s commitment to real-time, proactive user protection.

Partnerships & Ecosystem Building

Google isn’t going it alone. At the event, it announced deeper collaboration with Indian institutions:

  • IIT Madras’ Centre for Responsible AI (CeRAI): Google and the institute will conduct training for developers, fostering privacy-first product design. The Indian Express

  • CyberPeace Foundation: Strengthening civil society partnerships to raise awareness of digital harm and build safer online culture.

These collaborations reflect Google’s understanding that technical fixes alone are not enough — policy, education, and community engagement are equally vital.

Why It Matters: Implications for India

  1. Building Trust through Engineering
    By leveraging on-device AI and PETs, Google is signalling that privacy is not just a legal checkbox but an engineering principle. This is exactly what DPDP envisions: data protection rooted in design.

  2. Scam Protection Aligned with Privacy
    Digital fraud is rampant in India. Google’s approach of detecting scams without sending voice or call data to the cloud respects user privacy while enhancing security — a tough balance that many tech companies struggle with.

  3. Regulatory-Technical Convergence
    The timing is strategic. As DPDP Rules start applying, Google’s privacy-first toolkit helps it stay ahead of both regulatory requirements and user expectations.

  4. Empowering Users + Developers
    With partnerships to train developers, Google is contributing to a broader ecosystem shift: apps and services built in India may start embedding privacy from the ground up.

Challenges & Questions Ahead

While Google’s announcements are promising, implementing at scale won’t be trivial:

  • Adoption of Scam Alerts: Will users trust and keep the on-device scam detection enabled? Alert fatigue might be a real issue.

  • Consent & Usability: DPDP mandates may require very clear consent notices. Integrating these while keeping user experience smooth is non-trivial.

  • Smaller Players: Can smaller Indian apps or startups match Google’s technical privacy investments? Compliance burden may be disproportionate.

  • Enforcement & Compliance: Even with Google’s readiness, regulatory enforcement (via the Data Protection Board) will be critical for other players.

Conclusion

Google India’s proactive launch of privacy-enhancing technologies and scam defenses marks a strong signal at a pivotal regulatory moment. As India’s DPDP Rules begin their phased rollout, Google is laying down a blueprint of how tech giants can align innovation with individual privacy and security.

admin

Content Writer and Specialist.