The legal gaps in India’s unregulated AI surveillance
(Source – The Hindu, International Edition – Page No. – 8)
Topic – GS3 – Science and Technology
Context
- AI Surveillance Growth: India is expanding its use of AI surveillance technologies like facial recognition and AI satellites.
- Privacy Issues: This raises important privacy and constitutional concerns.
- DPDPA 2023:Addresses some concerns but provides the government with broad exemptions, creating regulatory imbalance.
- EU Comparison: India lacks robust civil liberty protections compared to the European Union.
- Urgent Need: Stronger safeguards are essential to protect privacy and individual freedoms.
India’s Growing AI-Powered Surveillance
- Ambitious Plans: In 2019, India set out to develop the world’s largest facial recognition system for policing. Over the past five years, AI surveillance has been implemented in railway stations, and the Delhi Police are using AI for crime prevention. Plans are underway to launch 50 AI-powered satellites to further enhance surveillance.
Legal and Constitutional Concerns
- Rights at Risk: AI surveillance raises serious concerns about overreach and the infringement of citizens’ rights. Global examples, like the U.S. FISA, show the dangers of indiscriminate data collection.
Privacy Issues and Data Breaches
- Data Misuse: A recent data breach involving the Telangana Police misused social welfare databases, highlighting a lack of transparency and safeguards in data practices.
Lack of Proportional Safeguards
- Fundamental Rights Undermined: Privacy, recognized as a fundamental right in India, is threatened by current surveillance practices, which lack necessary safeguards. The Digital Personal Data Protection Act (DPDPA) 2023 attempts to address privacy concerns but has significant flaws.
Flaws in the DPDPA 2023
- Broad Exemptions:
- The act allows the government to process data without consent in various situations (e.g., medical emergencies, employment).
- Citizens face penalties for minor inaccuracies in data accuracy, placing undue burdens on individuals.
- State vs. Individual Rights: The framework favors state surveillance over protecting individual rights.
Contrasting Approaches in the West
- EU Model: The EU’s Artificial Intelligence Act categorizes AI risks and bans high-risk practices like real-time biometric identification. In contrast, India deploys AI surveillance without adequate legislative oversight or risk assessments.
Constitutional Questions
- Need for Robust Laws: India’s surveillance practices challenge the right to privacy and require laws that ensure legitimacy and proportionality.
Recommendations for a Balanced Approach
- Regulatory Framework:
- Implement transparent data collection with clear purposes.
- Narrow exemptions with independent oversight.
- Adopt a risk-based approach similar to the EU for classifying AI activities.
- Ensure privacy protections are embedded in policy decisions from the start.
Need for Proactive Regulation
- Incomplete DPDPA: While the DPDPA addresses some issues, it needs accompanying rules for effective implementation. Regulating high-risk AI activities with strict oversight is crucial to protect civil liberties and ensure AI serves the public interest.