The social, economic, and political Indian context has experienced a digital transformation, where a complex and hybridised version of data exploitation has been created that this paper refers to as Surveillance Capitalism 2.0 a system where state surveillance desires and corporate data mining systems become not opposing forces, but enhancing each other through artificial intelligence and social media infrastructure. Surveillance Capitalism 2.0 in India, in contrast to its first-generation predecessor, a market-driven phenomenon of behavioural data commodification by technology corporations, is defined by the coming together of governmental power and platform capitalism, which generates an architecture of social control, which is both commercially profitable and politically consequential.

In the current paper, the dual overreach is critically viewed in the light of the Indian constitutional law and the recently established Digital Personal Data Protection Act, 2023 ('DPDP Act'). Starting with the constitutional underpinnings of the informational privacy as a fundamental right in the Supreme Court of India decision in Justice K.S. Puttaswamy (Retd.) v Union of India (2017) that identified informational privacy as an essential right under Article 21, the paper asks the question of whether the DPDP Act fulfills the constitutional promise of informational self-determination or whether it institutionalizes then. Specific emphasis is placed on Section 17 of the DPDP Act, which authorizes the Central Government to waive the compliance of state instrumentalities with the data protection requirements by simple executive notification without the need to deliberate in parliaments or be subject to judicial review, which makes the statute structurally susceptible to the same constitutional challenges that struck down Section 66A of the Information Technology Act, 2000 in Shre.

The paper also examines how surveillance as a chilling effect on freedoms as guaranteed by Articles 19(1)(a) and 19(1)(g), the discriminatory aspect of AI-based algorithmic systems of governance towards the guarantee of equality (Article 14) and the constitutional inadequacy of the current framework of interception as stipulated in the Indian Telegraph Act, 1885 and by. Although the Bharatiya Nyaya Sanhita, 2023 ^[14], with its reform of substantive criminal law, is depicted to be conspicuously silent on the digital surveillance infrastructure, in which its broadly-worded provisions against dissent and public order offences are operationalised.

Basing its argument on comparative analysis of the General Data Protection Regulation of the European Union, the Brazilian Lei Geral de Proteção de Dados, and the Investigatory Powers Act, 2016, the United Kingdom, and international human rights law, such as Article 17 of the International Covenant of Civil and Political Rights and the United Nations General Assembly Resolution 68/167, the paper elaborates. It suggests five structural reforms on this basis: legislative instead of executive authorisation of state data exemptions; a standalone Surveillance Authorisation and Oversight Act requiring judicial warrants to interception; structural reform of the Data Protection Board of India to make it genuinely independent; mandatory algorithmic impact assessment of AI systems making consequential decisions; and repeal of the traceability requirement of the IT Rules, 2021 as disproportion.