Swiping right on grievance redressal.
22 September 2025
Much has been written about the recently-released Swiped. Some critics liked the movie (due in no small part to Lily James’ performance), which is inspired by Whitney Wolfe Herd’s journey from co-founding Tinder through to reshaping online dating with Bumble. Others have suggested that the film can be one-note at the expense of fleshing out the complex issues at its heart and the underlying tech journey. (To be fair, asking a two-hour film to be everything to everyone is unrealistic.)
As a technology lawyer, watching an app or feature being built, shaped, or deployed in real life is always exciting (and watching it on screen comes close). More so for me, personally, when it’s a woman-led tech venture or story.
But this isn’t a post about women in tech (or tech law), or the cinematic ups and downs of the biopic itself (I’ll save that for another time). It’s about how an app built grievance redressal into its business model and product design, and why there's an important lesson in there for everyone.
————————
In 2014, Bumble subverted certain traditional dating norms and “gave women the first move”.
Wolfe Herd’s letter as a founder, included in Bumble's IPO filings, noted: “I set out to build what I wished had existed: a way for women to make the first move without judgment or fear, and a technology platform that would encourage good behaviour…”
By flipping certain traditional dating norms at that time, Bumble also did something else. It created, by design, the first hurdle to a commonly-experienced grievance: unsolicited contact and subsequent harassment. Of course, this doesn’t mean that this grievance couldn’t (or can’t) arise at a later stage of any online user interaction, or that it’s the only kind of grievance that may exist. But that’s where supplementary community safety and grievance redressal tools – identification, reporting, and policy enforcement – come in. In Wolfe Herd’s case, these efforts extended to lobbying for stronger state laws to combat digital harassment on a broader, legislative scale.
Strong grievance redressal mechanisms aren’t the norm; they’re the exception. Here’s why this should change.
Most entities often view implementing a grievance redressal mechanism as a significant and optional cost. This is myopic in more ways than one.
Enabling legal compliance. Various Indian laws require the implementation of grievance redressal mechanisms. They also define response timelines and prescribe consequences for failing to meet these requirements. For example:
a. Intermediary regulation. Intermediaries are exempted from liability for third-party content or information coursing through their platforms or being generated or disseminated through them if they observe certain due diligence requirements. Implementing a grievance redressal mechanism to receive complaints about such information/content or the service itself is one such requirement. The IT Rules, 2021 specify timelines for acknowledgment and resolution of complaints, with more stringent requirements (e.g., appointing a resident grievance redressal officer) applying to social media platforms meeting a certain user threshold. The rules also provide for an external appellate mechanism to address unresolved grievances.
b. E-commerce rules. E-commerce entities are similarly tasked with establishing an appropriate grievance redressal mechanism, appointing a grievance officer and publishing their details on their platforms. They’re bound to respond to complaints within a timeline, and must undertake additional measures, like assigning a ticket and tracking system for each complaint.
c. Data protection laws. The new (and yet-to-be-enforced) data protection law codifies the right to grievance redressal as one of the rights of a data principal. The timeline for addressing such grievances will likely come through delegated legislation (expected within the week, i.e., by 28 September). Grievances that aren’t appropriately addressed can be escalated to the new data protection authority, the Data Protection Board. Escalated complaints, if deemed significant contraventions of the law, can trigger sizeable monetary penalties, depending on the type of contravention.
These laws indicate the possible basis of these grievances. For example, the IT Rules, 2021 indicate that complaints may relate to certain categories of unlawful content. The DPDPA does something similar by enabling complaints for failure to adhere to its requirements. The majority of these laws do not, however, itemise every possible complaint that may be received, or comment on how each should be resolved.
Optimising user data. Understanding which laws require you to do what and how is, therefore, a gateway. Building effective grievance redressal requires businesses to take this further: to shape compliant external (user-facing) and internal processes by harnessing product design, engineering effort, business objectives, and user/customer feedback. (To make this an easier read, the rest of this post uses ‘user’ to refer to both.) Statutorily mandated requirements (e.g., appointing a grievance officer; designating a grievance reporting channel; resolving a complaint within a designated time) aside, building smart grievance redressal comes down to how well you know your user.
Grievance redressal can be baked into the product design: such as, a distinctive product to plug a market gap (like Bumble did), or an in-app reporting flow to streamline feedback. It can also take the shape of developing plug-and-play solutions for most user grievances, based on existing feedback, and a business’ knowledge of what usually goes wrong and how best to fix it. Some Q-commerce platforms do this well. They’ve identified a list of common complaints, and automated responses and solutions, as far as possible, including implementing quick refunds.
Building resilient brands. Stronger grievance redressal isn’t just a question of achieving compliance with the letter and spirit of the law: it’s about building a resilient brand. In the q-commerce example above, the approach reduces the duration for which the grievance remains in the user’s mind, and creates an overall positive experience. This path to resolution also enables resilience. In the same example, for instance, there’s room to optimise feedback and complaints at the back end, too. The business can identify the gap (e.g., is it an ops problem?); keep a look out for potential bad actors (e.g., does the same user raise identical complaints on every occasion?); and close the loop (e.g., resolve the ops issue, or seek additional information when resolving complaints from this user). It frees up the time and resources earlier deployed in endlessly debating the veracity of every user complaint, and enables efficient grievance redressal. This doesn’t mean that there won’t be unforeseeable problems or more complex grievances based on the platform or the specific online interaction at issue. Such instances, typically, require subjective inquiry and even legal intervention. Following the overarching road map, however, reserves such inquiry and intervention primarily for escalations alone.
Closing thoughts: build holistically sustainable brands
Building a sustainable brand is, of course, about more than efficient grievance redressal and implementing a reliable legal escalation matrix.
Amongst other things, it's about implementing appropriate user-facing terms and policies in alignment with the law. This includes understanding how entities use user data (first-party data and third-party signals) and ensuring that these individuals understand and agree to this, too. On the whole, it’s a mesh of law, business, and the external terms and internal protocols that shape the underlying relationships.
Implementing a smart, efficient grievance redressal system may be one step on this ladder, but it is an important one. So, make the first move, and swipe right on grievance redressal.
