The fast development of the Internet of Things (IoT) has transformed the current digital ecosystems because this phenomenon allows connecting devices, sensors, and embedded systems in a seamless way. Nevertheless, such an unprecedented growth has brought forth serious legal, ethical and regulatory issues. The study looks at the legal constraints of IoT, comparatively in both India and the United States, and some of the aspects addressed in the context of data protection, privacy, cybersecurity, profiling, surveillance, and cross-border data governance.

The legislature in India is based on the Information Technology Act, 2000, and the Digital Personal Data Protection Act, 2023, yet both frameworks do not provide any obligations to the IoT sector, interoperability standards, or sector-wide protection against automated decision-making and profiling. The sectoral regulations, e.g., the M2M guide lines of TRAI, Smart Cities Mission strategies, and regulations of health-tech, are disjointed and ineffective.

The US, conversely, does not enforce a federal statute on data privacy, and instead falls upon a network of sectoral laws, including the FTC Act, the HIPAA, the COPPA, the GLBA, and state legislation like the California Consumer Privacy Act (CCPA) and the California IoT Security Law. This creates a problem of unequal protection of regulations within industries and jurisdictions even though some states have more robust security requirements and protection on privacy.

The comparative analysis shows that India enjoys the advantages of a single national privacy law, but its enforcement measures and recommendations regarding the IoT are not yet well-developed. In the meantime, the U.S. is more mature in the device-level standard of security but does not have consistent national regulations on the data practice, profiling, and cross-device surveillance. The paper concludes by stating that regulatory gaps in both countries are huge and there should be unified IoT governance systems, obligated security measures, and enhanced tools of accountability to mitigate the new threats in a more globalized world.