India’s AI Governance Guidelines: A Blueprint for Responsible AI Development

The Indian Ministry of Electronics and Information Technology (MeitY) released a Report on AI Governance Guidelines Development on January 6, 2025. This Report comes amidst a growing global debate on AI's influence, particularly concerning intellectual property rights, misinformation, and ethical concerns. As India accelerates AI adoption, understanding these governance principles is crucial.

As part of the Scribere program offered by TechReg Bridge, Scriberes Diya Sinha and Samyukta Iyer under the guidance of Anupam Sanghi understand the need for AI regulations, the course charted for the Indian AI and data privacy experience and whether such a course is really the viable solution.

For a deeper dive into the Report, check out our blog article here.

Why AI Regulation Matters

AI is rapidly transforming industries like education, law, and social media, enhancing accessibility, efficiency, and content moderation. However, automation raises employment concerns, particularly for Gen Z professionals. We tackled this exact dilemma in detail our January issue of TB Quest. Misinformation is another pressing issue, with AI-generated fake news, deepfakes, and manipulated content spreading rapidly. AI-driven recommendation systems shape public perception, underscoring the need for responsible AI governance.

AI’s role in the Indian economy is also expanding, with industry giants like Sam Altman recognizing India as the second largest market for OpenAI. Central initiatives such as the IndiaAI Mission and PM-STIAC AI mission are attempting to ride the wave, aimed at democratizing computing, enhancing data quality, and promoting ethical AI adoption. However, concerns regarding data privacy, security, and workforce displacement must be addressed.

Key Legal Developments

Intellectual property and AI lawsuits are gaining traction. ANI has sued OpenAI for allegedly using its content without authorization for AI training, leading to copyright infringement claims. Similarly, Anil Kapoor and Arijit Singh successfully defended their personality rights, protecting them from unauthorized AI-generated impersonations.

Privacy and cybersecurity risks are also significant. AI introduces challenges such as deepfake fraud, adversarial attacks, and data misuse, which are not fully addressed under India’s IT Act and DPDP Act. Without robust governance, these risks will continue to escalate.

India's AI Governance Framework

The subcommittee behind the Report outlines six guiding principles for AI governance: Transparency & Accountability, Safety, Reliability & Robustness, Fairness & Non-Discrimination, Human-Centered Values, and Privacy & Security.

To operationalize AI governance, the Report recommends a techno-legal strategy, blending technology-driven compliance with legal enforcement. The Lifecycle Approach which ensures that regulations account for risks at every stage of the AI deployment cycle, and Ecosystem-Wide Regulation, ensure AI accountability across all stakeholders.

Challenges & Gaps

While India has taken important steps toward AI regulation, several gaps remain. Deepfake and AI-generated content are still not comprehensively addressed. The subcommittee recognized that while existing laws are fragmented and do not comprehensively tackle the unique challenges posed by AI-driven content manipulation. For a deeper understanding into the what, why, and how of deepfakes, you can check out our blog article here.

Cybersecurity threats from AI-driven attacks remain a concern. While the IT Act and the DPDP Act mandate responsible data handling and processing, they do not fully address AI-specific cybersecurity risks, such as adversarial AI attacks or unauthorized model access. Even the recently released DPDP Rules fail to address some key gaps with respect to automated profiling and re-identification of personal data powered by AI and ML.

Additionally, intellectual property issues create uncertainty over AI’s use of copyrighted material. Current copyright laws do not explicitly cover AI-generated works, making enforcement difficult for content creators and AI developers alike.

Finally, AI models trained on biased datasets can reinforce societal prejudices prejudices in crucial areas such as employment, lending, healthcare, and law enforcement. Although existing anti-discrimination laws provide broad protections, they do not explicitly outline responsibilities for AI developers in mitigating algorithmic bias.

Actionable Recommendations of the Subcommittee

To strengthen AI governance, the Report proposes several measures. Pursuing a 'whole-of-government' approach by establishing an AI Coordination Committee will unify AI governance efforts across ministries and regulatory bodies. A Technical Secretariat under MeitY will be tasked with mapping AI risks and establishing evaluation metrics. Additionally, an AI Incident Database will serve as a national harm-tracking system to monitor AI-related failures.

Encouraging voluntary industry commitments will also be key, as AI developers must take responsibility for self-regulation through transparency measures. Techno-legal solutions such as AI watermarking, privacy tools, and automated compliance systems will further enhance accountability. Finally, incorporating AI-specific provisions into the Digital India Act will establish clear legal guidelines on AI-driven content, cybersecurity, and bias mitigation.

Final Thoughts: A Strong Start but More is Needed

India’s AI Governance Guidelines Report mark a significant step forward, but critical gaps remain - particularly in data usage for AI training, IP protection, and self-regulatory measures. Moving forward, a coordinated, sector-specific regulatory framework will be crucial in shaping India’s AI governance landscape.