How India’s Data Protection Framework Reshapes Consumer Choice In E-Commerce Markets

Vibhu Wahal, Reva University, School of Legal Studies

ABSTRACT

The contemporary e-commerce ecosystem is built on a simple trade: consumers receive hyper-personalized services in exchange for pervasive data collection. Emerging data protection regimes such as the DPDP Act, however, are designed on a contrary logic, i.e. to minimize data processing, constrain profiling, and reempower the individual through consent and purpose limitation. This paper argues that the interaction of these two logics produces a paradoxical outcome for consumer choice. Using India’s evolving data protection and consumer protection framework as the primary reference point, it examines how privacy-driven constraints on data flows reshape e-commerce

Business models, recommendation systems, and market structure. The analysis demonstrates that compliance costs and restrictions on data use tend to favour large incumbents with sophisticated compliance infrastructure, while smaller actors face higher relative burdens and diminished capacity to compete on personalisation. As a result, consumers may experience a formal increase in rights, but a material reduction in meaningful choice and innovation at the margins.