Cookies & Site Data

We use only essential storage to remember your disclaimer acknowledgment and cookie choice. We do not load third-party analytics or advertising trackers today. You can review the details in our Cookie Policy.

About DRMLAW LLP

The Convergence of
Law & Code.

For decades, the legal courtroom and the enterprise server room operated as two entirely different worlds. Lawyers spoke the language of statutes, precedents and liability. Engineers spoke the language of source code, cloud architecture and data pipelines.

DRMLAW
The Founding Story

From two different worlds
to one discipline.

Then came the Digital Personal Data Protection Act (DPDPA) 2023, fundamentally shifting India's regulatory landscape. Under this new regime, compliance could no longer be achieved with mere legal paperwork, nor could it be solved solely by an IT security patch. It required an entirely new discipline:

True Techno-Legal Engineering.

It was at this historic intersection that brothers Dipak Ranjan Mukherjee and Rupak Ranjan Mukherjee saw a critical, high-risk gap in the market.

30+ yrs
The Courtroom Lens

Dipak Ranjan Mukherjee

An elite Advocate with over 30 years of High Court litigation mastery — he knows exactly how judges interpret liability, how regulatory authorities adjudicate breaches and how electronic records rise or fall under the strict standards of the Bharatiya Sakshya Adhiniyam (BSA).

25+ yrs
The Engineering Lens

Rupak Ranjan Mukherjee

A veteran technology leader with 25 years of experience architecting enterprise cloud infrastructure and operational resilience at global giants like Oracle and TCS — he understands exactly how data flows, where it rests and how it is secured at the infrastructure layer.

Businesses navigating the DPDPA were getting fragmented advice — law firms lacked technical execution, and IT firms lacked regulatory defensibility. To bridge this gap, the brothers united courtroom gravity with enterprise engineering to found DRMLAW LLP.

How We Help Our Customers

An impenetrable shield — a unified dual-lens.

For corporations, MSMEs and Significant Data Fiduciaries, our work runs on two simultaneous frequencies — proactive engineering and reactive defence.

01 — PROACTIVE

DPDPA Compliance, engineered.

We don't just hand you a privacy policy template. We audit your legacy databases, map your data lifecycles, and build verifiable consent management architectures. We translate statutory mandates into concrete technical protocols — engineering compliance directly into your existing business systems to ensure you are fully audit-ready.

02 — REACTIVE

Digital forensics & litigation readiness.

When a data incident or regulatory dispute strikes, our specialised forensics practice takes over. We step into the chaos to systematically preserve, isolate and analyse digital footprints. Because we understand both the technical metadata and the law of evidence, we transform volatile system logs into ironclad, legally admissible forensic evidence that stands up under intense judicial scrutiny.

At DRMLAW LLP, we engineer trust, defend data, and make your business litigation-ready from day one.
Vision

To be the definitive vanguard of India's techno-legal landscape — where data privacy is seamlessly engineered into corporate architecture, and digital truth is indisputably proven in the court of law.

Mission

To safeguard enterprise trust and regulatory integrity by bridging the gap between law and technology. We empower organisations to navigate the complexities of DPDPA compliance through robust techno-legal engineering, and defend them against digital vulnerabilities using trial-tested forensics and legally admissible evidentiary frameworks.

Meet the Founding Partners

Two disciplines. One firm.

Dipak Ranjan Mukherjee headshot
Founder Partner

Dipak Ranjan Mukherjee

Advocate · Calcutta High Court · C.DPO.DA · AI Governance · CyberLaw (CCLP)
View on LinkedIn

Dipak Ranjan Mukherjee is the Founder Partner of D.R. Mukherjee & Co. Advocates and co-founder of DRMLAW LLP. He has practised as an Advocate at the Hon'ble High Court at Calcutta for over 30 years, appearing before the Supreme Court of India, the NCLT, and arbitral tribunals in matters spanning constitutional law, corporate disputes, white-collar defence, and technology regulation.

He holds the Certified Data Protection Officer & Data Auditor (C.DPO.DA) credential from the Foundation of Data Protection Professionals in India (FDPPI) — qualifying him to serve as a statutory Data Protection Officer under Section 10 of the DPDPA, 2023, and as an independent Data Auditor under Section 20 obligations. He is additionally AI Governance Aware and CyberLaw Certified (CCLP), one of a small number of Indian advocates who hold concurrent DPO, Data Auditor, AI Governance and CyberLaw credentials.

His institutional advisory practice has spanned regulated financial institutions, public bodies and listed corporates. He advises boards and senior management on DPDPA governance, AI and algorithmic accountability, and regulatory risk before the Data Protection Board of India. His litigation background means DRMLAW is positioned to defend clients before the DPB and in appellate proceedings — not only to build compliance programmes, but to contest enforcement actions.

Rupak Ranjan Mukherjee headshot
Founder Partner

Rupak Ranjan Mukherjee

Privacy Engineering · GDPR (UK, 2018) · C.DPO.DA · CyberLaw (CCLP) · Ex-Oracle, TCS
View on LinkedIn

Rupak Ranjan Mukherjee is the Founder Partner of DRMLAW LLP and the firm's chief technical authority on DPDPA compliance engineering. He brings 25+ years of enterprise technology leadership, including senior roles within the Oracle Cloud Infrastructure (OCI) ecosystem — managing large-scale, multi-geography platform deployments handling millions of users across North America, Europe, and Asia.

At Oracle and TCS, he led engineering programmes of institutional scale: cloud identity and data architecture, operational resilience design, and large-scale platform delivery across regulated sectors. In 2018, he led Privacy Engineering for an internal Oracle division in Europe through live GDPR implementation in the United Kingdom — a full engineering programme covering consent re-architecture, data mapping across 40+ vendor systems, breach response integration, and board-level reporting; not a compliance review, but a functioning privacy operating model built at scale.

He holds the Certified Data Protection Officer & Data Auditor (C.DPO.DA) credential (FDPPI) along with CyberLaw Certified (CCLP). His practice now translates the DPDPA's statutory mandates into concrete, auditable technical controls: OCI and hyperscaler data estate mapping, AI and ML pipeline governance, algorithmic transparency audits, privacy-by-design gates in the SDLC, and security guardrail architecture aligned with NIST AI RMF and ISO 42001.

Practice discipline · Privacy by Design (PbD)

How we work, not just what we do.

DRMLAW LLP operates as an enterprise Privacy-by-Design (PbD) practitioner — embedding data protection into system architecture, business operations and product development from the ground up. This proactive posture helps Indian organisations comply with statutory regimes — the DPDPA, 2023 and the GDPR for cross-border processing — while building the digital trust their next decade of revenue will depend on.

Proactive risk management

Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) run early in the Software Development Life Cycle — before architecture decisions become expensive to reverse.

Architecture implementation

Privacy-Enhancing Technologies (PETs) applied as first-class controls — data minimisation, anonymisation, pseudonymisation, and policy-based access control wired into identity and data planes.

Global frameworks

Enterprise infrastructure aligned with the NIST Privacy Framework and ISO/IEC 31700 — so the same controls satisfy Indian regulators, EU clients and global audit teams.

Essential PbD principles we apply
Privacy as the default

Systems must protect user data automatically. Baseline protections are never opt-in; they are the floor on which everything else stands.

End-to-end security

Personal data is secured across its entire lifecycle — from the moment of collection through processing, transfer and storage, to secure deletion or disposal.

Full functionality

A positive-sum outcome — business utility and technical capability optimised without sacrificing privacy. Privacy and product velocity are not a trade-off when designed in early.

Engage the practice

Start with a scoping call.

Tell us about your data estate, your regulator exposure or the matter on your desk. We will revert with a focused proposal.

DRMLAW
DRMLAW
Techno-Legal

DRMLAW is a techno-legal practice combining traditional advocacy with data protection counsel and digital forensics, in compliance with the Bar Council of India's rules on advertisement.

Offices
Kolkata — Office I
7A, K.S. Roy Road
2nd Floor, Suite #10/10
Kolkata 700001
Fax +91 33 22310767
Kolkata — Office II
BJ 19, Sector II, Salt Lake
Kolkata 700091
Bengaluru
153/A, 18th Main, 24th Cross
Sector 3, HSR Layout
Bengaluru 560102, India
© 2026 DRMLAW • drmlaw.in/technolegal
DRMLAW LLPIN: ACZ-5267
Cookie Policy
Bar Council of India Rules disclaimer: The information on this website is provided for general informational purposes only. Nothing herein constitutes solicitation, advertisement or legal advice. Communication does not establish an attorney-client relationship.

Made with Emergent