Authored By: Muskan Raghav
Sunderdeep College of Law
Introduction
The rapid integration of Artificial Intelligence (AI) into everyday governance, commerce, and decision-making has transformed the legal landscape in India. From algorithmic credit scoring to predictive policing and generative AI tools, technology is increasingly influencing rights, liabilities, and institutional processes. However, this technological acceleration has outpaced the development of a comprehensive legal framework governing AI.
India, while positioning itself as a global digital economy, currently lacks a dedicated statute regulating AI systems. Existing laws such as the Information Technology Act, 2000, and the Digital Personal Data Protection Act, 2023 provide partial coverage but fail to address the unique challenges posed by AI, including opacity, bias, and accountability gaps.
This article argues that India’s current legal framework is insufficient to regulate AI effectively, and a principles-based yet enforceable regulatory model is necessary to balance innovation with accountability. It examines the existing legal position, highlights regulatory gaps, and proposes a structured approach for AI governance in India.
Existing Legal Framework and Its Limitations
India does not yet have a standalone law governing AI. Instead, regulation is fragmented across multiple legal instruments.
The Information Technology Act, 2000 primarily addresses cybercrime and intermediary liability but does not contemplate autonomous decision-making systems. Similarly, the Digital Personal Data Protection Act, 2023 focuses on data privacy and consent but does not adequately address algorithmic decision-making or automated profiling.
Further, policy initiatives such as the NITI Aayog’s National Strategy for Artificial Intelligence (2018) and subsequent discussion papers emphasize ethical AI development but lack binding legal force. These frameworks promote principles like transparency, fairness, and accountability, yet remain aspirational rather than enforceable.
A key limitation of the current framework lies in its reactive nature. Laws are applied retrospectively to disputes arising from AI use rather than proactively regulating its deployment. For instance, liability in cases involving AI-driven harm—such as autonomous vehicles or algorithmic errors—remains unclear due to the absence of specific provisions defining responsibility.
Moreover, Indian law traditionally operates on the assumption of human agency, which becomes problematic when decisions are made autonomously by AI systems. This creates ambiguity in assigning liability between developers, deployers, and users.
III. Key Challenges in AI Regulation
Algorithmic Bias and Discrimination
AI systems often rely on historical data, which may reflect existing social biases. This can result in discriminatory outcomes in areas such as hiring, lending, and law enforcement. Indian constitutional principles, particularly Articles 14 and 21, guarantee equality and fairness, yet there is no clear mechanism to challenge algorithmic discrimination.
Unlike traditional discrimination, AI bias is often opaque and difficult to detect, making legal redress complex. Courts currently lack technical frameworks to assess such claims effectively.
Lack of Transparency and Explainability
Many AI systems function as “black boxes,” where even developers cannot fully explain how decisions are made. This lack of explainability undermines procedural fairness, especially in administrative and judicial contexts.
For instance, if an AI system is used in government welfare allocation, affected individuals must have the right to understand and challenge decisions. The absence of a legal requirement for explainability weakens accountability mechanisms.
Data Privacy and Surveillance Concerns
AI systems are heavily dependent on large datasets, often involving personal and sensitive information. While the Digital Personal Data Protection Act addresses consent and data processing, it does not fully regulate automated decision-making or profiling.
Mass surveillance technologies, including facial recognition systems, raise significant concerns regarding the right to privacy, as recognized in Justice K.S. Puttaswamy v. Union of India. However, there is no comprehensive framework governing the use of such technologies by state authorities.
Liability and Accountability Gaps
One of the most pressing issues is determining liability when AI systems cause harm. Traditional tort and criminal law frameworks are ill-equipped to address scenarios involving autonomous decision-making.
For example, in the case of an AI-driven medical misdiagnosis, it is unclear whether liability rests with the developer, the healthcare provider, or the institution deploying the system. This ambiguity discourages both innovation and accountability.
The Need for a Structured AI Regulatory Framework
To address these challenges, India must adopt a comprehensive and forward-looking regulatory approach. Such a framework should incorporate the following elements:
Risk-Based Regulation
A tiered regulatory model, similar to the European Union’s proposed AI Act, can classify AI systems based on risk levels—low, medium, and high risk. High-risk applications, such as those used in healthcare, law enforcement, and finance, should be subject to stricter compliance requirements.
Mandatory Transparency and Explainability
Legal provisions should require AI systems to provide meaningful explanations for their decisions, particularly where fundamental rights are affected. This would align with principles of natural justice and procedural fairness.
Accountability Mechanisms
Clear guidelines must be established to allocate liability among stakeholders, including developers, deployers, and users. A shared liability model may be appropriate, depending on the degree of control and foreseeability of harm.
Independent Regulatory Authority
India should consider establishing an independent AI regulatory authority to oversee compliance, conduct audits, and address grievances. This body can also issue guidelines and adapt regulatory standards in response to technological advancements.
Ethical and Constitutional Alignment
AI regulation must be grounded in constitutional values, including equality, privacy, and dignity. Ethical principles should not remain merely advisory but should be incorporated into enforceable legal standards.
Conclusion
Artificial Intelligence presents both unprecedented opportunities and significant legal challenges. While India has made progress through policy initiatives and data protection legislation, the absence of a dedicated AI regulatory framework creates uncertainty and risks undermining fundamental rights.
This article has argued that the current legal framework is fragmented and inadequate to address the complexities of AI. Issues such as algorithmic bias, lack of transparency, and liability gaps require targeted legal intervention.
India must move towards a comprehensive, risk-based, and enforceable AI regulatory framework that balances innovation with accountability. Such a framework should ensure transparency, protect individual rights, and provide clarity on liability.
Ultimately, the goal of AI regulation should not be to stifle innovation but to create a trustworthy ecosystem where technological advancement aligns with legal and ethical principles. By proactively addressing these challenges, India can position itself as a global leader in responsible AI governance.
Reference(S):
Cases
Justice K.S. Puttaswamy (Retd.) v Union of India (2017) 10 SCC 1
Legislation
Information Technology Act 2000 (India)
Digital Personal Data Protection Act 2023 (India)
Government & Policy Documents
NITI Aayog, National Strategy for Artificial Intelligence (2018)
NITI Aayog, Responsible AI for All: Approach Document (2021)
Ministry of Electronics and Information Technology, Report of Committee of Experts on Non-Personal Data Governance Framework (2020)
International Materials
European Commission, Proposal for a Regulation Laying Down Harmonised Rules on Artificial Intelligence (Artificial Intelligence Act) COM/2021/206 final
OECD, Recommendation of the Council on Artificial Intelligence (2019)
Books & Articles
Stuart Russell and Peter Norvig, Artificial Intelligence: A Modern Approach (4th edn, Pearson 2020)
Lilian Edwards, ‘Regulating AI in Europe: Four Problems and Four Solutions’ (2018) 10 European Journal of Risk Regulation 1
Sandra Wachter, Brent Mittelstadt and Luciano Floridi, ‘Why a Right to Explanation of Automated Decision-Making Does Not Exist in the GDPR’ (2017) 7 International Data Privacy Law 76
Reports & Online Sources
World Economic Forum, Global AI Governance Framework (2023)
UNESCO, Recommendation on the Ethics of Artificial Intelligence (2021)





