Indian tech worker focused on laptop displaying a complex diagram in a modern office.
India is at a critical juncture in defining the regulatory landscape for Artificial Intelligence (AI). With AI technology rapidly integrating into various sectors, from finance to healthcare and governance, the existing legal frameworks, primarily the Information Technology Act, 2000, are being questioned for their adequacy.
Union IT minister Ashwini Vaishnaw recently indicated that a new law might be necessary, acknowledging the significant evolution of AI since the IT Act’s inception. This has spurred a debate among founders, policy experts, and legal practitioners on the best approach for India. The consensus is leaning towards a risk-based strategy, emphasizing accountability, transparency, and liability, rather than replicating the comprehensive approach of the European Union’s AI Act.
Founders’ Perspective on AI Governance
From the perspective of Indian founders, the focus is less on regulating the underlying algorithms and more on establishing clear rights, responsibilities, and accountability mechanisms. Shayak Mazumder, cofounder and CEO of Adya.ai, suggests that any future AI law should prioritize the principle of access, ensuring citizens have a “right to AI.” He advocates for compliance requirements to be directly proportional to the real-world risks and impact of AI systems, with stricter regulations for high-risk applications.
Deepak Subramanian, founder of YourTribe, echoes this sentiment, stating that regulation should target the outcomes and impact of AI systems. He proposes that high-risk deployments should mandate disclosures, audit trails, and human oversight, while lower-risk tools would face less stringent obligations.
The Governance Challenge: Balancing Innovation and Risk
Many experts believe India should avoid a wholesale adoption of models like the EU’s AI Act. Instead, they propose building upon existing legal frameworks, such as the Digital Personal Data Protection (DPDP) Act and sector-specific regulations from bodies like the Reserve Bank of India (RBI) and the Securities and Exchange Board of India (SEBI).
Raj Shekhar, a consultant at the Centre for Law, Policy and Governance, NFPRC Foundation, argues that India should regulate the risks associated with AI rather than the technology itself. Mishi Choudhary, founder of SFLC.in, cautions against a sweeping EU-style framework, advocating for a narrow and targeted law focused on public-sector AI accountability, transparency for high-impact systems, safeguards for synthetic media in elections, and specific obligations for genuinely high-risk deployments. She also stresses the need for accompanying procurement reforms and an open AI policy.
The core of the debate revolves around three key areas for any future AI framework:
- Liability: Clear definition of accountability across model developers, deployers, and platforms when an AI system causes harm.
- Risk-Tiering: Differentiating regulatory scrutiny based on the potential impact of the AI application, from low-risk marketing tools to high-risk healthcare or lending systems.
- Transparency: Ensuring users are aware when AI is involved in decision-making processes that affect them and have recourse to challenge outcomes.
Navigating the Regulatory Tightrope
There is a significant concern that overly stringent regulations could stifle India’s burgeoning AI ecosystem, particularly its startups, which often lack the resources for extensive compliance. Experts suggest that compliance obligations should be scaled according to company size, revenue, and deployment scale, with provisions like regulatory sandboxes and safe harbors for smaller companies.
The challenge for Indian policymakers is to strike a balance: moving too slowly risks allowing harmful AI applications to proliferate unchecked, while moving too aggressively could hinder innovation and consolidate market power among larger firms. This balance will be crucial for India’s ambition to become an AI powerhouse.
About the Author
