The need of the hour is to develop a regulatory framework to comprehensively address the numerous legal issues pertaining to the artificial industry in the country.
Aayush Misra and Shivam Arora
The legal issues surrounding the use of artificial intelligence (AI) and the regulatory lacunae have for long been at the backburner of discussions on AI. A significant contributor to this situation is the lack of understanding of AI technology and its wide-reaching implications. To many, AI is still perceived as the technology of the not-so-near future. However, it is hard to miss that AI is an integral component of recent technological innovations. For instance, AI is now deployed in autonomous vehicles, tools for speech and facial recognition, detection of online payment fraud, and, in some cases, even in the detection of cancer.
Earlier this year, NITI Aayog, the policy think-tank of the Government of India, released a discussion paper on ‘National Strategy for Artificial Intelligence’. This represents a significant first step towards the regulation of AI in India. However, as is often the case with fast-paced innovation, the regulatory system is seldom able to keep pace with the developments. Thus, the need of the hour is to develop a regulatory framework to comprehensively address the numerous legal issues pertaining to AI. In this article, we attempt to highlight a few of such legal issues plaguing the AI industry and identify the key
considerations for industry participants.
The enactment of the European Union (EU) General Data Protection Regulation (GDPR) raised some concerns for organizations collecting Big Data, a term that has come to be synonymous with large data sets that fuel machine learning. Just like the GDPR in the EU, the recent Personal Data Protection Bill 2018 (Data Privacy Bill) in India, intends to make organizations accountable for the personal data processed and stored by them. For instance, the Data Privacy Bill has expanded the applicability of processing-related requirements by importing a wider definition to ‘personal data’. Moreover, the Data Privacy Bill gives the data principal (i.e. the person whose data is collected) the right, inter alia, to have
his information erased. Such requirements are bound to pose challenges for Big Data.
Apportionment of Liability
A major legal quandary that arises upon implementation of AI is the question of apportionment of liability. Legal scholars, public policy organizations, and regulators around the world have attempted to provide definitive answers to this question, which till date remains at the heart of all discussions surrounding AI. We attempt to list down some of these fundamental questions below.
– Who should be held liable?
In the event of loss or damage, who would be held liable – would it be the technology developer, the retailer, or the end-consumer? Further, would the parties be liable on a joint and several basis or otherwise? For instance, in the context of a mishap concerning autonomous vehicles, would the liability rest on the AI developer, the car manufacturer, or the driver?
-What principle should be applied to determine and accord liability?
Assuming that the responsible party has been identified, would such party be subject to the ‘principle of strict liability’ (i.e. the party is held liable for the loss or damage, unless an exception such as an Act of God or Act of a Third Party applies), or the ‘principle of absolute liability’ (i.e. the party is held liable so long as there is loss or damage, without the availability of
an exception). Moreover, what would be the nature of this liability – civil or criminal or both?
Risk mitigation for industry participants
Although AI technology is still in its nascent stages in India, there are plenty of opportunities for private industries to participate and profit from its development. However, considering the regulatory vacuum, contracts between the AI user and the AI developer are vital in determining the liability of parties. In the absence of any legislation, it is imperative that participants outline their respective roles, responsibilities and obligations in the contract. While negotiating a contract, the parties should clearly identify the scope of services being offered, the warranties relating to the AI technology, scope of liability (including limitations and exclusions) at the very least.
Since 2017, more than 15 countries (including, India) have released discussion papers on AI. However, till date, no country has enacted a specific legislation to comprehensively regulate the use of AI. It is hard to escape the reality that AI is here to stay. Therefore, to be at forefront of this revolution, the Indian legislature should take pro-active steps to fill the regulatory lacunae and provide surety in this field.
In the meanwhile, in the absence of a regulatory framework, stakeholders should strive towards implementing measures that would protect them from unforeseen consequences and liabilities that may arise in the course of use and implementation of AI technology. A mere oversight at the contracting stage could lead to significant losses! The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
Authors: Aayush Misra (Principal Associate) and Shivam Arora (Associate) are lawyers with the Corporate practice at Khaitan & Co
NOTE: The views of the author(s) in this article are personal and do not constitute legal/professional advice of Khaitan & Co