India lacks a dedicated AI statute and must confront algorithmic accountability urgently
Mudasir Khan
Artificial Intelligence is no longer confined to research laboratories. It now shapes governance — from financial algorithms and hiring tools to predictive policing and automated moderation systems.
Yet India lacks a dedicated AI statute. Governance remains dispersed across constitutional jurisprudence and statutory frameworks. By contrast, the European Union formally adopted the Artificial Intelligence Act on 21 May 2024 (published in the Official Journal in July 2024), introducing a comprehensive risk-based regulatory regime for AI systems.
Privacy In The Age Of Algorithms
The constitutional foundation of Indian data governance lies in Justice K.S. Puttaswamy (Retd.) v. Union of India (24 August 2017), where a nine-judge Bench of the Supreme Court unanimously recognised the right to privacy as intrinsic to Article 21.
The proportionality doctrine governing digital restrictions was reaffirmed in Anuradha Bhasin v. Union of India (10 January 2020), where the Court held that limitations on internet access must satisfy necessity and proportionality, principles equally applicable to AI-driven surveillance.
Statutorily, Parliament enacted the Digital Personal Data Protection Act on 11 August 2023. While it regulates data processing and consent, it does not comprehensively address automated decision-making harms.
In contrast, Article 22 of the General Data Protection Regulation (adopted 27 April 2016; effective 25 May 2018) expressly provides individuals the right not to be subjected solely to automated decision-making producing legal or significant effects.
The UK Court of Appeal in R (Bridges) v. Chief Constable of South Wales Police (11 August 2020) held that the deployment of live facial-recognition technology violated privacy protections due to insufficient safeguards.
Bias, Equality And Constitutional Morality
Indian equality jurisprudence provides fertile ground for reviewing algorithmic discrimination.
In E.P. Royappa v. State of Tamil Nadu (23 January 1974), the Supreme Court linked equality under Article 14 with non-arbitrariness.
This doctrine was expanded in Maneka Gandhi v. Union of India (25 January 1978), where the Court held that procedure under Article 21 must be just, fair and reasonable.
In the United States, State v. Loomis (13 July 2016) addressed the constitutionality of algorithmic risk-assessment tools in sentencing. While upheld, the Court warned about opacity and due-process concerns.
Similarly, the Hague District Court in the Netherlands struck down a welfare-fraud detection algorithm in NJCM c.s. v. The Netherlands (SyRI case) (5 February 2020), holding that the system violated the right to privacy under the European Convention on Human Rights due to disproportionate and opaque risk profiling.
Old Laws, New Technology
India continues to rely on the Information Technology Act (enacted 9 June 2000) for digital offences. The statute predates modern AI and contains no explicit framework for algorithmic accountability.
China adopted the Provisions on the Administration of Deep Synthesis of Internet Information Services on 25 November 2022 (effective 10 January 2023), mandating labelling and traceability of AI-generated content.
In the United States, President Biden issued the Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence on 30 October 2023, directing federal agencies to implement safety, security and accountability standards.
Proportionality As The Future Test
India’s balancing framework for rights and regulation is anchored in Modern Dental College v. State of Madhya Pradesh (2 May 2016), where the Supreme Court formally adopted the structured proportionality test.
As AI increasingly influences policing, welfare distribution, finance, healthcare and elections, this proportionality standard may become the constitutional lens through which automated governance is evaluated.
Intellectual Property And Machine Authorship
The UK’s Copyright, Designs and Patents Act (enacted 15 November 1988) provides limited recognition for computer-generated works by assigning authorship to the person making necessary arrangements.
By contrast, the United States Copyright Office (notably in 2022–2023 determinations concerning AI-generated works) has reaffirmed that copyright protection requires meaningful human authorship.
India has yet to confront this issue judicially, but legislative clarification appears inevitable.
Conclusion
From Puttaswamy (2017) to the EU AI Act (2024), global legal systems are gradually constructing constitutional guardrails for algorithmic governance.
India presently relies on: Privacy jurisprudence (2017 onward), Equality doctrine (1974–1978 expansion), Proportionality review (2016), The DPDP Act (2023), The IT Act (2000).
Whether this constitutional patchwork can withstand the accelerating power of machine intelligence remains uncertain.
But the timeline is clear: The algorithmic age has already begun. The law must now determine whether it will regulate proactively or react retrospectively.
The writer is a former advocate at the High Court of Jammu & Kashmir and Ladakh, presently a law officer
kh********@***oo.com