AI and Indian Law: Navigating the Regulatory Grey Areas

Artificial Intelligence and Legal Reform in India

Artificial Intelligence (AI) is playing an increasingly influential role in shaping India’s legal and economic systems. From law enforcement’s use of facial recognition to automated decision-making tools and AI-powered chatbots, these technologies have become deeply integrated into India’s digital infrastructure.

Despite this rapid adoption, the country’s legal framework remains in a state of flux, struggling to evolve alongside technological advancements. The lack of a comprehensive and dedicated AI regulatory regime presents significant legal and ethical challenges—spanning concerns such as data protection, algorithmic fairness, responsibility for outcomes, and moral accountability.

This article examines the uncertain legal terrain surrounding AI under existing Indian laws, evaluates relevant judicial precedents, and underscores the need for robust legislative reform. It advocates for a regulatory system that balances innovation with fundamental rights and societal protection.

Introduction: Navigating AI and Legal Reform in India

Artificial Intelligence has moved far beyond its early use in research labs and tech enterprises. In India, AI now underpins critical systems—from government surveillance mechanisms and medical diagnostic tools to recruitment algorithms and digital solutions in the judiciary. Despite this widespread adoption, the legal and policy responses remain scattered and outdated.

India’s current strategy for AI regulation is primarily fragmented and sector-specific. Rather than crafting a unified AI law, the country continues to apply older or general-purpose laws—such as the Information Technology Act, 2000, and the Personal Data Protection Act, 2023—to address AI-related concerns.

While this approach offers a degree of flexibility, it also gives rise to numerous uncertainties, particularly in areas involving responsibility, transparency, due process, and potential algorithmic bias.

Regulatory Gaps: India’s Lack of AI-Specific Legislation

Unlike jurisdictions such as the European Union—with its recently enacted AI Act—or China’s framework emphasizing AI ethics, India has not yet introduced a comprehensive legal structure dedicated to AI governance.

At present, the regulation of AI is indirectly managed through a mix of existing laws and industry-specific norms, including:

• The Information Technology Act, 2000
• The Personal Data Protection Act, 2023
• The Consumer Protection (E-Commerce) Rules, 2020
• Sectoral guidelines issued by bodies such as the Reserve Bank of India (RBI) for financial technologies or the Medical Council of India for AI in healthcare

However, none of these laws explicitly define or regulate artificial intelligence.

This legal silence has led to grey areas in several critical aspects:

• Lack of clarity on the transparency and logic behind algorithmic decisions
• Uncertainty about how data is processed and used in machine learning models
• Challenges in identifying responsible parties when AI causes harm
• Risks of biased or discriminatory outcomes resulting from automated systems

Key Legal Issues and Grey Areas in AI Regulation

1. Liability and Accountability

   The question of responsibility arises when an AI system inflicts harm on developers, users, or the machine itself. Traditional tort and criminal law frameworks are predicated on human agency. However, AI systems can operate autonomously, often without direct human intervention. For instance, if an AI-driven diagnostic tool misdiagnoses a patient due to a flaw in its training data, can the developer be held liable for medical negligence? A significant challenge is that Indian laws do not currently assign liability to non-human decision-makers.

2. Bias and Discrimination

   AI algorithms trained on biased datasets can perpetuate systemic discrimination, particularly in areas such as credit scoring, hiring, or law enforcement. A pertinent issue is the absence of legal mandates in India for ensuring algorithmic fairness or conducting anti-discrimination audits. While Article 14 of the Indian Constitution, which guarantees the Right to Equality, could potentially be invoked, its application to private algorithmic decisions is complicated by a lack of transparency.

3. Data Privacy and Consent

   The majority of AI systems necessitate extensive personal data for training and refinement. The Digital Personal Data Protection Act, 2023, addresses issues of consent and data minimization. However, the Act does not explicitly address concerns such as AI model training on anonymized or synthetic data, re-identification risks, or AI-generated profiling and surveillance.

4. Autonomous Systems and Criminal Law

   The question of whether an autonomous AI system can commit a crime is complex. Although AI lacks mens rea, its deployment by humans can lead to criminal activities such as fraud, stalking, or defamation. For example, the use of deepfake technology to create pornographic videos could invoke Sections 509 or 292 of the Indian Penal Code. However, establishing intent or malice becomes challenging when the content is generated by AI.

5. Intellectual Property and AI-Created Works

   There is ambiguity regarding whether AI-generated works, such as art, music, or code, qualify for copyright protection. The Indian Copyright Act, 1957, assigns authorship to a natural person and does not recognize AI as an author.

Latest Case Laws and Legal Developments

Although India has not yet witnessed a landmark ruling specifically addressing artificial intelligence (AI), several judicial and regulatory developments merit attention:

1. Internet Freedom Foundation v. Union of India (2021) – Delhi High Court: This case challenged the Delhi Police’s use of facial recognition technology (FRT) during protests. The court raised concerns regarding the accuracy of FRT and the absence of a regulatory framework, highlighting the lack of legal safeguards surrounding surveillance AI in India.
2. Anivar Aravind v. Union of India (2020) – Kerala High Court: This case contested the deployment of facial recognition in public spaces without obtaining consent. The court emphasized the need for algorithmic accountability and privacy protections in the use of AI tools.
3. Reserve Bank of India’s (RBI) Regulatory Sandbox Framework (2019–2024): AI-based fintech companies are being evaluated under the RBI’s sandbox; however, there remains limited legal clarity concerning algorithmic lending or credit-scoring bias.
4. Delhi High Court on Deepfakes (2023) – Suo motu Public Interest Litigation: A deepfake video targeting actress Rashmika Mandanna went viral, prompting the court to call for urgent regulation and to hold platforms accountable for delayed action.

The Role of Judiciary and Ethics in Shaping AI Regulation

While the Indian Parliament has yet to enact specific legislation to regulate Artificial Intelligence (AI), the judiciary has assumed a crucial role in addressing the ethical and legal challenges posed by emerging AI technologies. This judicial involvement is particularly evident in the constitutional interpretation of fundamental rights, notably the right to privacy and dignity.

The landmark judgment in Justice K.S. Puttaswamy v. Union of India (2017) recognized privacy as a fundamental right under Article 21 of the Constitution, thereby establishing a constitutional foundation upon which AI-related issues—such as data protection, biometric surveillance, and algorithmic decision-making—can be assessed.

In the absence of direct statutory governance, Indian courts have also drawn upon environmental jurisprudence, particularly the precautionary principle, as an interpretive tool to evaluate the deployment of AI technologies.

This principle underscores the necessity for anticipatory regulation and judicial restraint in the face of scientific uncertainty, especially when there is potential for irreversible harm to civil liberties. As AI systems become increasingly integrated into state functions—such as predictive policing, facial recognition, and citizen profiling—courts have recognized the importance of applying such ethical principles to prevent arbitrary and disproportionate state action.

Concurrently, the judiciary itself has begun incorporating AI-based tools to enhance institutional efficiency. The integration of AI in court processes—ranging from automated transcription and translation services to intelligent case flow management systems—indicates an administrative shift towards digitization and technological modernization.

While these developments hold the promise of alleviating the judiciary’s longstanding pendency issues, they are occurring without a formal ethical or legislative framework governing the use of such technologies.

This ad hoc adoption of AI raises significant concerns regarding procedural fairness, algorithmic transparency, and the potential erosion of natural justice. The opaque nature of AI algorithms, often referred to as the “black box” problem, can obscure the rationale behind decisions and impede litigants’ ability to challenge or seek redress.

Furthermore, the absence of oversight mechanisms to audit or validate the fairness and accuracy of such systems exacerbates the risk of bias and systemic discrimination. In this context, the judiciary’s dual role—as both a regulator of AI and a consumer of its applications—necessitates the urgent development of a coherent regulatory and ethical framework.

Such a framework must be grounded in constitutional principles, prioritize human-centric design, and incorporate mechanisms for transparency, accountability, and periodic review.

The Way Forward: Legal and Policy Recommendations

1. Enact a Comprehensive AI Legislation
   • Define “Artificial Intelligence” within the legal framework
   • Establish a risk-based categorization system, akin to the European Union’s model
   • Incorporate liability provisions for damages caused by AI systems
2. Establish a National AI Regulatory Authority
   • Form an independent, interdisciplinary body to monitor, audit, and certify AI systems
   • Supervise the deployment of AI technologies in both governmental and private sectors
3. Ensure Algorithmic Transparency and Conduct Audits
   • Mandate the explainability of decision-making systems
   • Introduce a “Right to Explanation” for automated decision-making processes
4. Strengthen Data Protection Legislation
   • Broaden the scope to regulate AI profiling and mitigate re-identification risks
   • Require explicit consent for the use of personal data in AI training
5. Promote Ethical AI Utilization
   • Develop an “AI Ethics Code” for government procurement and deployment
   • Align with international frameworks, such as UNESCO’s AI Ethics Guidelines

Conclusion

As India becomes an AI powerhouse, it must not lag in creating a legal and ethical framework to govern its use. The current patchwork of laws and judicial interventions is insufficient to tackle the multifaceted challenges posed by autonomous, data-hungry, and potentially biased systems.

The legal grey areas surrounding AI in India can no longer be ignored. Whether it’s the use of facial recognition by police, AI-generated content causing reputational harm, or discriminatory algorithms in banking—each instance underscores the urgent need for targeted legislation and institutional safeguards.

A forward-looking AI law that balances innovation with accountability, and technological advancement with human rights, is the need of the hour. India has the legal expertise and democratic institutions to lead this transformation—it only needs the political will to act.

FAQs

1. What is the main concern of the article regarding AI and Indian law?
2. Does India have any law specifically governing AI?
3. Which are the key legal grey areas in AI regulation in India?
4. How does Indian law address AI-related bias and discrimination?
5. Is there any legal guidance on AI’s use of personal data in India?
6. Can AI be held liable for crimes or harm in India?