From the 2022 amendments to 2026 — consumer protection, DPDP Act, GST TCS, Section 194-O and FDI rules shaping every Indian e-commerce business today.
India's e-commerce regulatory regime has evolved steeply since 2022. By 2026, the layered framework spanning the Consumer Protection (E-Commerce) Rules, the new Digital Personal Data Protection Act, the GST e-commerce operator framework, FEMA, and FDI policy has reshaped how marketplaces and sellers operate. Here is a consolidated view of the key amendments and obligations every e-commerce business must comply with.
Consumer Protection (E-Commerce) Rules
- Mandatory display of country of origin, expiry date, and key product information.
- Clear grievance redressal officer details with prescribed turnaround times.
- Restrictions on flash sales by related-party sellers on marketplaces.
- Prohibition on misleading advertisements and dark-pattern interfaces.
- Specific obligations on inventory and marketplace models, with separate compliance for each.
Digital Personal Data Protection Act
The DPDP Act now governs how e-commerce platforms collect, process, and share personal data. Key obligations include:
- Clear, granular consent for processing personal data.
- Appointment of a Data Protection Officer where thresholds are met.
- Notice in simple language, with options for withdrawal of consent.
- Special protections for children and persons with disabilities.
- Breach notification to the Data Protection Board within prescribed timelines.
GST Framework for E-Commerce Operators
- Mandatory GST registration regardless of turnover threshold for ECOs facilitating supply.
- Tax Collection at Source (TCS) under Section 52 at the prescribed rate on net taxable supplies.
- Monthly GSTR-8 filing for ECOs reporting TCS.
- Specified services like restaurants and certain transport services taxed at the ECO level under Section 9(5).
- E-invoicing requirements at applicable turnover thresholds.
Income-Tax Obligations
- TDS under Section 194-O at the prescribed rate on gross sale of goods or services facilitated by the ECO.
- Equalisation levy on certain non-resident e-commerce operators, subject to current notifications.
- TDS under Section 194S on transfer of virtual digital assets where the ECO is involved.
- Mandatory reporting in Form 26Q and quarterly TDS returns.
FDI and FEMA Considerations
- Marketplace model permits 100 percent FDI under the automatic route, subject to conditions.
- Inventory-based e-commerce by entities with FDI is generally restricted.
- Strict prohibition on exclusive arrangements, deep discounting funded by the marketplace, and related-party sellers crossing prescribed limits.
- Annual reporting to the RBI on FDI receipts and Annual Performance Reports for downstream investments.
Practical Compliance Checklist
- Map every product and service to GST HSN/SAC and Section 9(5) coverage.
- Build a privacy policy and consent flow aligned to the DPDP Act.
- Set up TCS and TDS deduction modules with monthly reconciliation.
- Document marketplace versus inventory operating models clearly.
- Maintain grievance logs, escalation timelines, and product-information audit trails.
- Review FDI structure annually if foreign investors are on the cap table.
Conclusion
The 2022 e-commerce amendments were just the starting point of a far broader regulatory build-out across consumer protection, data protection, GST, income-tax, and FEMA. For any platform or seller operating in India in 2026, a unified compliance dashboard is no longer a nice-to-have — it is the only way to scale without regulatory surprises.
