TechTicker Issue 46: An eye for AI in DIA

Recently, it was revealed that a few ByteDance employees tracked a cat’s TikTok account to find the IP address of its owner – who is a reporter for the Financial Times covering TikTok. The failed tracking efforts were meant to find a leak in the company. After all this, Buffy – the cat, named after the vampire slayer, will sadly no longer be making content.

Image credits: Tenor

Back home, the IT ministry is looking to re-evaluate the immunity given to online intermediaries like Instagram. It may also set up a new mechanism to look into online harms and ensure user trust and safety on platforms without the government’s intervention.

In this edition of the TechTicker, we discuss the second Digital India Act (DIA) consultation, conversations around AI regulation, financial sector regulators’ take on cybersecurity, e-pharmacies’ plea to the government, and the new era of PLI schemes!

Let’s dive in!

A sequel with a similar plot: Part 2 of the DIA consultation

We attended the second DIA consultation chaired by junior IT minister Mr. Rajeev Chandrasekhar. Similar to the March consultation, the government shared its intent to build a new framework to deal with intermediary liability (what’s the best way to hold platforms accountable?), emerging tech (read: we got to do something about AI), digital competition (whose pie is this issue anyway?), and cybersecurity, among other things. Instead of a separate regulator, the government is contemplating a body similar to the data protection board suggested under the latest version of the data bill. This body might look into online harms. Lastly, the DIA is likely to be released for consultation this June. Maybe.

No more harbouring, safe harbour? The minister indicated that the DIA would consider multiple factors to decide the right way to regulate intermediaries. This could include; risk to users; number of users; and kinds of services offered – is it a social media platform? can it also at times function as an ecommerce platform? what about passive intermediaries like the ones that provide cloud services?

While grappling with these questions, the government is reconsidering the need to continue providing safe harbour. Meanwhile, courts continue to interpret. Recently, the Delhi High Court held that search engines are responsible for expeditiously disabling access to illegal non-consensual intimate images disseminated online. If they don’t – they lose safe harbour.

An eye for AI: The minister suggested that there will be a chapter setting out guardrails for emerging tech like AI. And such regulation will be considered through the ‘prism of user-harm’. Separately, IT minister Mr. Ashwini Vaishnaw too, said that the government is considering a regulatory framework for AI – after denying having such plans in the Parliament. Also, the CERT-In released an elementary advisory to deal with cybersecurity risks with AI. In other news, as the current chair of the Global Partnership on AI or GPAI, the IT ministry organized a knowledge-sharing workshop with experts for its working group on data governance.

#IdeasWithIkigai  

We are excited to announce the launch of ‘Ideas with Ikigai’, a series of conversations with experts who will help us understand the nuts and bolts of emerging technologies. For our next episode, do send in questions that you’d like answered!  

In our recent conversation with Mr. Anshul Vikram Pandey (co-founder and CTO of Accern, an NYC-based NLP startup) – we discussed AI hallucinations, other limitations of AI, and then some. Previously, we spoke with Mr. Nikhil Rasiwasia (research scientist in the Generative AI team at Meta) on how generative AI works and where do we go from here.  

Back to AI updates

AI is Mr. International: In the US, lawmakers at the senate judiciary subcommittee on privacy and technology stressed the need to establish guardrails for AI before any harm is done. There weren’t any specific proposals, but they discussed creating new regulators, disclosures for AI, and licensing AI. OpenAI’s Sam Altman testified at the hearing and agreed that a new system to deal with AI was needed.  Meanwhile, efforts to regulate, nurture, and use AI are being made across the globe – with countries like Qatar and Pakistan joining the race. Read Sreenidhi and Pallavi’s piece on generative AI from a privacy lens.

Mini-splainers

1. Different regulators, similar norms: Over the past few months, financial sector regulators including the SEBI and RBI have released guidelines on issues like cybersecurity and auditing for entities they regulate (think stockbrokers and banks). Joining the party is the insurance regulator – IRDAI. The IRDAI guidelines specify cyber security and incident reporting obligations in line with the CERT-In guidelines from 2022. Notably, it also takes a risk-based approach and defines a ‘security/operational incident’ as an ‘adverse’ event such as denial of service. However, like the RBI and SEBI, IRDAI too retains broad powers to audit or physically inspect the premises of third-party service providers (such as cloud service providers) who may not necessarily be regulated by IRDAI.

2. The long-lost e-pharmacy rules: PharmEasy, has written to the health minister Mr. Mansukh Mandaviya – asking for the e-pharmacy rules to be notified soon. This comes after the Drug Controller General of India issued show cause notices to multiple platforms for selling drugs online – in contravention to the Drug and Cosmetic Act and Rules. The letter argues, since the Act and Rules are not applicable to e-pharmacies, the question of violation does not arise. Meanwhile, the Delhi High Court has given the government six weeks’ time to share the outcome of its consultations on the draft e-pharmacy rules from 2018.

3. The era of electronics: The Cabinet notified the ‘Production Linked Incentive Scheme – 2.0’ for IT hardware – for a tenure of 6 years. This PLI covers laptops, tablets, all-in-one PCs, among others. The budgetary outlay is about INR 17,000 crores. Additional optional incentives are also being introduced for locally produced components – which could amount to an additional 3%. Check our LinkedIn post for more details on the scheme.

4. Data sharing to fight crime: Reportedly, at a UN ad-hoc committee meeting – India has proposed that signatory countries must be allowed to mutually share information like phone number, email, traffic data, and other information necessary to aid cybercrime investigations. The proposal aims to develop a process for speedy exchange of data in addition to existing diplomatic channels like mutual legal assistance treaties or MLATs. This was proposed since channels like MLATs are time-consuming and inefficient in tackling the increasing number of cybercrimes.

For more on the topic please reach out to us at contact@ikigailaw.com

Challenge
the status quo

Bringing what's next...