New AI law may focus on graded, risk-based rules
A proposed new law on artificial intelligence (AI) may focus on classifying modern AI systems and frame graded risk-based regulation, an official told ET. This may result in minimal regulation for low-risk AI such as chatbots, productivity tools, recommendation systems, while ensuring stricter obligations for high-risk AI used critical sectors such as banking, finance, health and critical infrastructure.
“A new law may allow the government to mandatorily order and set the parameters for safety testing of AI models and systems, as well as issue sector-specific rules over time,” the official said. It will also provide an overarching framework under which sectoral regulations from bodies such as Reserve Bank of India, Securities and Exchange Board of India, and Insurance Regulatory and Development Authority of India can be prescribed, he added.
The new law may also build on many of the recommendations set out in the national AI governance guidelines brought out by the Centre last November. Key among them was a recommendation to potentially amend the Information Technology (IT) Act to classify AI intelligence systems, create an India-specific risk assessment framework for AI, and a national database for AI related security incidents. “These issues can properly find expression through a new law,” the official said.
Arguing that the IT Act’s current definition of ‘intermediary’—which includes telecom service providers, search engines and even cyber cafes—is broad, the guidelines had called for clarity on how to classify modern AI systems that can even generate data autonomously, and clear obligations and liability for AI developers and deployers.
Last week, electronics and information technology secretary S Krishnan said the government is looking at a separate legislation for AI to counter evolving threats. While existing rules have been adequate in addressing initial concerns on deepfakes and online harms, evolving challenges to cybersecurity require a separate law, he said.
Over the past one year, the government has also considered whether entities should be directed to disable dangerous AI systems or disclose technical information in case of emergencies under a potential new law, an official said on Monday.
However, the government is unlikely to require pre-approval for most AI models, sources who have participated in AI governance stakeholder consultations said. “The focus has been on maintaining light touch regulation all along, with a clear view on safety and transparency. Some sections of the government feel there should be monetary fines for deliberate deployment of unsafe AI by developers,” a person in the know said.
