India, Jan. 20 -- As India enters a new era of data protection with the Digital Personal Data Protection Act, 2023 (DPDPA), both businesses and users stand at a critical juncture.

The law requires a profound shift-not only in backend compliance but also in users' everyday experiences with websites and apps. Central to this evolution is the concept of consent: what it means, how it is collected, and how its misuse through "deceptive patterns" endangers both user rights and organisational trust.

The DPDPA establishes consent as one of the primary legal bases for processing personal data. For consent to be valid, it must satisfy five distinct requirements.

Users must also be able to withdraw consent as easily as they give it-a feature oft...