How does the DPDPA affect audience targeting in India CTV advertising?

The Digital Personal Data Protection Act (DPDPA), passed in 2023 and being operationalised via rules in 2025–2026, requires that personal data — including device identifiers used for advertising — is processed only with explicit, informed user consent. For India CTV advertising, the practical implications: (1) CTV device IDs (GAID, TIFA, AFAI) are personal data under DPDPA if they can be linked to an individual or household. Publishers must obtain consent before sharing these IDs with SSPs and DSPs. (2) Audience segments built from user behaviour (viewing history, app usage) require consent at collection. (3) First-party data onboarding — matching advertiser CRM data against publisher audiences — must comply with consent requirements at both the advertiser and publisher side.

As of 2026, India CTV publishers are in varying stages of DPDPA compliance. Large platforms (JioHotstar, Sony LIV, Zee5) are implementing consent management platforms (CMPs) that surface consent notices to users at app launch or account creation. Users who decline consent are served contextual ads without device ID sharing. Smaller and regional CTV apps have less mature consent infrastructure. The practical effect for buyers: expect a growing proportion of India CTV bid requests with null or zeroed-out device IFAs as consent opt-outs accumulate over time. This reinforces the need for contextual targeting capabilities alongside audience targeting — campaigns that can only run against ID-bearing inventory will see fill rate erosion as consent frameworks tighten.

DPDPA-safe targeting approaches for India CTV: (1) Contextual targeting — targets content category, app, and genre without processing personal data. No consent required. (2) Consented first-party data — using data where the user has explicitly consented to both collection and advertising use. Publishers with strong login bases (JioHotstar with Jio/Disney+ accounts) can offer consented audience segments. (3) Aggregated cohort targeting — targeting groups of devices based on shared content consumption patterns, without individual-level profiling. (4) Semantic targeting — targeting based on content topic rather than viewer profile. For campaigns requiring individual retargeting or cross-device frequency capping using device IDs, work with publishers to confirm their consent collection and data sharing framework is DPDPA-compliant before activation.