The use of AI-based tools is becoming increasingly commonplace in our lives, raising questions about data privacy and the effectiveness of current regulations. This article focuses on the privacy risks and legal implications of AI in India. ChatGPT is a particularly prominent example of this tool’s influence, sparking many conversations about regulating the usage of AI. At present, efforts have been made to regulate AI indirectly through laws covering data privacy, intellectual property and cybersecurity. For example, the Indian Telecom Regulator has issued a consultation paper discussing using AI and big data to improve telecommunications. Similarly, the Reserve Bank of India has suggested using AI for ‘Know-Your-Customer’ processes while emphasizing the importance of ethically using the technology with a consumer safety focus to ensure user privacy and security.
In 2018, NITI Aayog issued a discussion paper regarding the development of the National Strategy for Artificial Intelligence, emphasizing the potential of AI in sectors such as healthcare, agriculture, education, smart cities and mobility. When proposing the concept of the Digital India Act, the Ministry of Electronics and Information Technology (“MEITY”) stated that the proposed act could include definitions and regulations for ‘high-risk AI systems’ in order to protect users from potential threats. To provide for a more effective framework for the use of AI, it has been suggested to create a certification based system for assessing new technologies and verifying the safety of their use.
Data privacy, in particular, has a major role to play in this conversation due to India currently undergoing the process of creating a new data privacy regime. Unfortunately, the framework of the proposed Digital India Act does not address the particular challenges posed when using AI but, rather, it focuses on being sector agnostic.
The person mentioned in this article is the Indian Telecom Regulator, the entity responsible for discussing leveraging AI and big data for the telecommunication sector. The company mentioned in this article is NITI Aayog, the policy think tank of the Government of India.
Overall, it is clear that many solutions need to be discussed and created when considering AI and data privacy in India. As current regulations tend to be premature, regulators will have to find appropriate solutions that address the potential risks of using AI while allowing for its growth and development. As this technology keeps being used for more tasks, close examination of the legal and regulatory implications must be carried out. It will be interesting to see the role that data privacy laws play and how they evolve to encompass the usage of AI.
