Artificial Intelligence and Data Privacy in India

Author: Tanishaa Kaur Bagga B.A. LL. B (Hons.) IILM School Of Law, Gurugram

Editor: – Kanisk Kumar Singh 

ABSTRACT

Now-a-days, Artificial Intelligence has become significantly common in our day-to-day life. AI can be seen in every aspect of our lives including everything from friendly chats on social media or mobilizing social movements. The modern debates arising related to the use of Artificial Intelligence mention the intensive amounts of data inputs that are required by to function; these often include preserving and analysing citizen’s personal data. The Indian legal framework recognizes citizens Right to Privacy mentioned under Article 21 of the Constitution and thus, introduced the Digital Personal Data Protection Act, 2023. This act aimed at protecting the citizens personal information from getting misused by such technologies. Artificial Intelligence has its advantages and disadvantages both. It mainly depends on the intentions of the one using it and thus, must be regulated. The use of technology cannot be justified if it means violation of fundamental rights; even if the technology is very efficient. This article focuses on examining rules and laws that are introduced to encounter such concerns.

KEYWORDS:

Artificial Intelligence

Right To Privacy

Article 21

Digital Personal Data Protection Act, 2023

Fundamental Rights

INTRODUCTION

We as citizens are becoming too dependent upon AI without even realizing it. The smart gadgets, social media platforms and other applications we use are all ways by which we have allowed AI to exist with us. This technology analyses our activity over the internet, it takes a note of our interests, liking, disliking etc. and then alters the algorithm to display our preferred content. Though AI has several benefits, in the end, unlike humans, it is just a technology which functions as it is commanded to and does not have moral, ethical values and logical reasoning. It cannot differentiate between malicious intents and good faiths. The lack of such qualities has led to the rise of concerns related to misuse of data inputs these technologies are fed for the purpose of efficient performance. The users do not read the policies before signing up and without consent give their personal information to sites; even to untrustworthy and unverified ones. Such information including biometrics, locations, bank account details etc, if given to scammers or hackers can cause identity theft, frauds, involuntary transactions etc.

To protect citizens from such exploitations, the law must keep evolving along with technology. The introduction of Digital Personal Data Protection Act, 2023 was one such measure against such crimes and misuses of AI. The Supreme Court held that Right of Privacy is a fundamental right of the citizens and must not be compromised until the law permits it. The scope of Article 21 was thus broadened and now this right was included under it as well.

ARTIFICIAL INTELLIGENCE AND DATA PRIVACY

Artificial Intelligence, as the name suggests, can be understood as the technology which reduces human involvement. It has the potential to provide solutions or results by analysing the data that it has been given. Even though this technology cannot be compared to a real human mind, it tries to imitate it by identifying and learning from patterns, forming predictions etc.

For example, apps like Netflix have introduced a feature of AI which analyses the past viewing history of the user, detects a pattern and the suggests other series/movies the user would most probably prefer to watch. Another example can be observed in the reels section of Instagram which analyses the reels that the user has previously liked and alters the feed according to the user’s interests.

Data privacy, the other important concept mentioned in this article, mainly discusses the rights of citizens granted under Article 21 that enables them to refuse the disclosure of their personal information. Right to Privacy of a person cannot be violated until and unless the law permits it. Since the nature of the technology of Artificial Intelligence enables it to function efficiently only when it is provided with vast amounts of data input, concerns regarding data privacy arise. Data privacy means that the citizens have the right to know what information is being stored and for what purposes.

Artificial Intelligence and data privacy are concepts that can co-exist with each other but not without regulation of specific and strict laws. To support the development of AI, more increased amount of information is to be provided which might lead to increase in the chances of invasion of privacy of consumers. With advancement of technology, it is a must to be considerate about the users since the Indian framework upholds the principle encouraging development but not at the expense of the citizen’s rights. Thus, AI and Data privacy share relation but their co-existence is possible with due diligence.

SAFEGUARDS FOR DATA PRIVACY

The rising concerns related to the misuse of Artificial Intelligence led to introduction of significant changes in the existing legal framework along with introduction of new laws and acts. These laws aimed at addressing such issues and safeguarding the citizen’s rights and interests. Earlier, the scope of Article 21 of the Constitution was only limited to safeguarding citizen’s right to life and personal liberty; now it also recognizes privacy as a right. This significant change can be understood better with reference to the legal maxim, Ubi Jus Ibi Remedium. Legal recognition of Right to Privacy under the Fundamental Rights has enabled citizens to seek remedies against such violations.

The Information Technology Act, 2000 controlled and addressed challenges involving digital data and laid the basic framework for the introduction of similar data protection laws. The safeguards under this act protected personal data and provided remedies if such violations occurred. However, since its enactment was before the advancement of Artificial Intelligence, the regulations could not properly address the modern concerns.

To eliminate such limitations, Digital Personal Data Protection Act, 2023 was established. This act aimed at holding the violators accountable for their misconduct, regulating data handling procedures and making sure the new laws are competent enough to address such issues and provide remedies to the aggrieved parties. According to this act, the users need to give their permission before the personal data is collected and must be made aware of the purpose of such collection. These safeguards ensure that both Data Privacy and Artificial Technologies co-exist along with eliminating the chances of exploitation of user’s data.

CASE LAWS

The relation between data privacy and Artificial Intelligence and the issues that arose due to their conflict can be understood better by referring to landmark judgements like,

Justice K.S. Puttaswamy (Retd.) v. Union of India

This case established a landmark judgment where the Supreme Court broadened the interpretation of Article 21 and recognized right to privacy. The basic issue of the case was a question of whether privacy can form a part of fundamental rights under the Constitution. The Supreme Court held that privacy is closely associated with dignity and it should be the personal choice of a citizen to disclose their personal information. This case is important because the privacy safeguards govern AI technologies and prevent citizens’ right to privacy from being exploited. By studying this judgement, it is seen that technological advancement cannot justify exploitation of citizens’ rights.

People’s Union for Civil Liberties (PUCL) v. Union of India

The main issue in landmark judgement was whether tapping of personal conversations can be categorized as a violation of Right to Privacy under Article 21. Issues relating to surveillance of conversations, phone tapping etc. without the awareness of the citizens were dealt with in this case. The supreme court held that citizens cannot be excessively monitored until the law allows it and proper procedure is followed since it violates Article 21. Even though this case established safeguards for cases before the advancement of AI, they can still be applied for modern issues. These include AI and digital monitoring systems, facial recognition etc.

Through the analysis of this case, concerns of the older times like telephone tapping in 1990s can be connected to digital surveillance in modern age.

Both the Puttaswamy and PUCL cases are important in terms of Data Privacy even though the main issues and judgements differ. Puttaswamy case focuses on recognition of privacy as a fundamental right whereas PUCL case focuses on surveillance. These cases have created space for AI advancement along with protection of citizens’ rights.

MAJOR ISSUES

Large amounts of data are needed for AI to function properly which is gathered from users without their permission or knowledge. This leads to violation of right to privacy. Data may also include monitoring of private conversations and privacy invasion. Most algorithms are biased leading to unfair outcomes by displaying altered feeds, ads etc. Data breach is another issue which involves identity theft, fraud, impersonation and misconduct through unauthorised access.

RECOMMENDATIONS

Suggestions for the betterment of data privacy and AI technology include a system where the users are well informed and give their information with consent. Policies must be easy for them to understand and transparency must be maintained. Along with this, gathered data must be protected from leaks and unauthorized access. Regular checks must be done of AI systems to prevent data breach.

Citizens must be taught to use AI technologies carefully and must be informed about their right to privacy. They must be informed about online frauds and themselves be vigilant about protecting their information. To conclude the suggestions, laws must evolve at the same pace as the technology to be competent enough to address the cases. There is a strict need for continuous reforms.

CONCLUSION

To conclude this research paper, it is gathered that AI has both advantages and disadvantages. It is now used in almost every aspect of our life, but it depends on data collection, so it is risky. In terms of legal aspects, Article 21, IT Act 2000, DPDP Act 2023 and important case laws were studied to gain better legal aspects.

With reference to such aspects, it was observed that AI must not be misused and must be regulated by laws. Rights of citizens must not be compromised for technological advancement. The usefulness and effectiveness of AI can only be determined by its ability to coexist with humans without causing violations.

REFERENCES

Statutes

  1. Constitution of India.
  2. Digital Personal Data Protection Act, 2023.
  3. Information Technology Act, 2000.

Case Laws

  1. Justice K.S. Puttaswamy (Retd.) v. Union of India, (2017) 10 SCC 1.
  2. People’s Union for Civil Liberties (PUCL) v. Union of India, (1997) 1 SCC 301.

Government Reports and Publications

  1. NITI Aayog, National Strategy for Artificial Intelligence (2018).
  2. NITI Aayog, Responsible AI for All: Approach Document for India (2021).
  3. Ministry of Electronics and Information Technology, Government of India, Guidelines on Data Protection and Cyber Security.

Online Sources

  1. India Code, https://www.indiacode.nic.in
  2. Ministry of Electronics and Information Technology, https://www.meity.gov.in
  3. NITI Aayog, https://www.niti.gov.in
  4. OECD AI Policy Observatory, https://oecd.ai
Share this article.

Leave a Reply

Your email address will not be published. Required fields are marked *