TCS to Join Race for India’s New Data Privacy Permits

Tata Consultancy Services (TCS) is preparing to apply for a ‘consent manager’ permit under India’s Digital Personal Data Protection (DPDP) rules, aiming to tap into a compliance-as-a-service market projected at ₹10,000 crore over the next three years, with consent management alone worth about ₹1,000 crore. This positions TCS alongside Reliance Jio, which is already in the race.

A “consent manager” permit under India’s Digital Personal Data Protection Act (DPDP) is an official registration granted by the Data Protection Board of India to entities that act as neutral intermediaries, helping individuals give, review, and withdraw consent for the use of their personal data. In simple terms, it’s a license that allows a company to legally operate as a trusted platform for managing user permissions around data sharing.  

What This Means for TCS

• Strategic Move: Entering one of India’s largest emerging data-governance opportunities.
• Revenue Potential: Consent management is expected to be a ₹1,000 crore market.
• Competition: Reliance Jio Platforms has already applied, making this a competitive space.

DPDP Act & Consent Managers

• DPDP Act, 2023: India’s first dedicated digital privacy law, operationalized through DPDP Rules, 2025.
• Consent Managers: Registered entities that facilitate user consent for data fiduciaries.
• Must meet net worth and incorporation requirements to qualify.
• Serve as intermediaries ensuring individuals can grant, review, and withdraw consent easily.

Market Opportunity Breakdown

Segment	Estimated Value (3 yrs)	Key Drivers
Compliance-as-a-Service	₹10,000 crore	Privacy automation, regulatory compliance
Consent Management	₹1,000 crore	User-centric data governance, legal mandates
Other DPDP Services	₹9,000 crore	Breach management, compliance audits, automation

Implications for Businesses

• Legal Compliance: Companies must align with DPDP rules, making consent managers
• Operational Efficiency: Outsourcing reduces compliance burden.
• Trust & Transparency: Enhances consumer confidence in data handling.

Risks & Challenges

• Regulatory Scrutiny: Consent managers will be closely monitored by India’s Data Protection Board.
• Implementation Costs: High upfront investment in infrastructure and compliance systems.
• Competition: Market share will depend on speed, scalability, and trust.

Key Takeaway

TCS’s move to apply for a consent manager permit under DPDP rules is a strategic bet on India’s growing digital privacy ecosystem, potentially unlocking a scalable revenue stream while strengthening its role in governance and compliance services.