Author : Sefali Budasagar from University Law College, Utkal University
ABSTRACT
The relationship between law and technology is changing fast in India. New technologies like Artificial Intelligence (AI), fintech and surveillance are evolving quickly but laws are not keeping up. This creates challenges for traditional legal doctrines. This article looks at seven areas : Artificial intelligence governance, data protection, digital intermediary liabilities, intellectual property issues, constitutional rights, fintech developments and new legal frontiers. It examines the Digital Personal Data Protection Act of 2023 and recent Supreme Court rulings to highlight gaps in our regulatory structure. This article argues that we need to move from legal measures to a flexible tech-neutral and human rights-centered co-regulatory system.
INTRODUCTION
The history of law is about responding to change. However, the Fourth Industrial Revolution poses a crisis for legal systems especially in developing digital landscapes like India. The digital age relies on code, global networks and autonomous machine-learning models. Today technological development is happening faster than laws can be enacted. This creates a growing mismatch referred to as the “pacing problem.”[1]
For India, which has a digitizing economy and a vast digital infrastructure this conflict is a big issue. Established doctrines on jurisdiction, physical ownership and personal liability struggle to apply in the context of decentralized networks and self-learning systems. The digital ecosystem impacts processes, international financial transactions and basic human rights.
This article examines the intersection of law and technology through seven themes. It looks into gaps in artificial intelligence and weaknesses in current data privacy frameworks. It also investigates shifting responsibilities of intermediaries and urgent challenges facing intellectual property laws.
INTELLIGENCE AND LAW : LIABILITY AND THE BLACK BOX
As artificial intelligence evolves it disrupts ideas of civil liability and criminal intent. In India liability is associated with actions, direct causation and foreseeability. In criminal jurisprudence, a conviction under the Bharatiya Nyaya Sanhita of 2023 requires the clear concurrence of actus reus ( guilty act) and mens rea ( guilty mind) [2].
Autonomous systems, such as trading bots and self-driving cars create a fundamental disruption to these principles by creating a “ liability vacuum.”[3]
The “box” nature of deep neural networks makes it difficult to identify legal causation. When an AI mistakenly interprets an image and suggests a deadly treatment it becomes hard to hold someone accountable. Legal scholars have discussed granting AI systems electronic personhood [4].
However in India this approach raises ethical and practical concerns.
DATA PROTECTION, PRIVACY, AND SURVEILLANCE
In today’s world data has become the main economic asset driving global trade. The economic model of the era is based on “ surveillance capitalism” where private tech companies gather behavioral data from users and profit from consumer predictions [5]. Under this regime, the traditional concept of data privacy as a mere “right to be alone” is thoroughly obsolete[6]. India’s primary legislative response for this pervasive commodification is the Digital Personal Data Protection Act of 2023 (DPDPA) [7]. Enacted after years of judicial deliberation which declared privacy as a fundamental right in K.S. Puttaswamy v. Union of India [8], the DPDPA establishes a statutory framework which governs the processing of digital personal data. This Act highlights key terms such as the “ Data Fiduciary” ( those who determine the purpose and means of data processing) and the “Data Principal” ( the individual whose data is collected), backed by penalties for data breaches.
However, the DPDPA suffers from structural limitations that determine its protective intent. The essential pillar of the Act is the process of “notice and consent” under Section 6. Consent fatigue is the phenomenon where users become overwhelmed by frequent and lengthy privacy policies, leading to a decline in their willingness to provide consent for data collection and processing. This overwhelming experience can result in hasty decisions, compromising personal privacy and trust in digital services [9].
PLATFORM GOVERNANCE AND DIGITAL INTERMEDIARIES
The democratization of the internet has been fueled by intermediaries. For a time the global legal agreement was to give these platforms immunity from liability for users illegal actions, a principle codified in India under Section 79 of the Information Technology Act of 2000 [10]. This safe harbor protection was carefully governed by the Supreme Court in Shreya Singhal v. Union of India, which held that intermediaries are only required to remove illegal content upon receiving “actual knowledge” via a court order or a government directive [11].
The Information Technology ( Intermediary Guidelines and Digital Media Ethics Code) Rules have systematically increased acceptance orders for “Significant Social Media Intermediaries” (SSMIs) [12]. These platforms must now use automated filtering tools and appoint grievance officers. Platform governance needs to shift from executive mandates to a system of audited, independent co-regulation.
INTELLECTUAL PROPERTY IN THE DIGITAL ECOSYSTEM
The digital landscape has created a challenge for intellectual property law particularly concerning copyright and patent rules. For centuries IP law has operated under the belief that only humans can be authors or inventors. The emergence of AI systems challenges this belief. The first major legal issue revolves around data use and fair use. Generative AI models need to be trained on amounts of data often using copyrighted works without permission. According to the Indian Copyright Act of 1957 there is no exemption, for text and data mining [13]. While tech developers frequently invoke Section 52(1)(a) to claim that algorithmic training constitutes a “fair dealing” for research or private study [14], this defense strains logic when applied to commercial AI models designed to directly compete with the very human creators whose works they ingested.
Section 2(d) of the Indian Copyright Act says an “author” is the person who makes a work exist [15]. When a person gives a text prompt to a computer program and it makes a complex artistic output it is unclear who the real author is. If the human input is minimal giving copyright to the user is much reward for a simple prompt. On the other hand not giving copyright at all would put a lot of valuable computer- generated work into the public domain. This would reduce incentives for innovation and also the rise of videos and computer voice copies shows the need for strong rules to protect peoples image and voice in Indian law. This gap leaves both ordinary people exposed to digital misuse. It highlights the need for legal updates.
TECHNOLOGY AND CONSTITUTIONAL LAW
The rapid growth of technology by the government has changed how it governs, creating risks to fundamental rights. In India, the growth of the government has led to automated welfare distribution, facial recognition surveillance and predictive policing.
These advances often clash with Part III of the Constitution of India Article 14 ( right to equality), Article 19 ( freedom of speech and expression) and Article 21 (right to life and personal liberty) [16]. The main constitutional issue is the use of computer algorithms and automated decision-making software by government authorities where computer algorithms are not always fair. They are trained on data that carries and often boosts existing human biases. When predictive policing models process analyze crime data collected by biased law enforcement systems they produce unfair predictions that target marginalized communities. This cycle turns inequality into automated results.
From a standpoint using secret computer software for administrative decisions breaks fairness and natural justice principles. Under Article 14 of the Indian Constitution government actions must avoid being unfair [17]. When an administrative body cuts off a persons welfare benefits based on a computer algorithms flag and the person cannot see how that algorithm works because of trade protection the action becomes unchallengeable. A citizen cannot effectively contest a decision if the source code, training data and variables are kept hidden. Also the growing use of facial recognition technology (FRT) in spaces in India creates constant surveillance without proper legal authority. Under the strict three-pronged proportionality test articulated in Puttaswamy – which requires a legitimate state aim, legislative, legality, and absolute proportionality– the mass, non-consensual tracking of citizens’ public movements is highly suspect [18]. According to the proportionality test the widespread tracking of citizens poses serious concerns. When government surveillance forces individuals to change their behavior due to fear of being misidentified it stifles free speech and assembly endangering democracy.
DIGITAL ECONOMY AND FINTECH REGULATION
The rapid growth of economy has changed traditional financial systems through FinTech. Innovations like the Unified Payments Interface (UPI) cryptocurrencies, peer-to-peer lending platforms and computer credit scoring have increased access in India. However, this shift has created risks to economic stability and consumer protection.
The Reserve Bank of India (RBI) faces a challenge: balancing financial stability, consumer protection and technological progress. This tension is evident in regulating lending apps. The rise of lending platforms has led to predatory practices, high interest rates, invasive data collection and aggressive recovery tactics. In response the RBI introduced Digital Lending Guidelines [19]. These rules state that lending and repayments must occur between bank accounts of borrowers and regulated entities. Beyond consumer lending cryptocurrencies pose a challenge to government monetary authority. The RBI has consistently warned that the unchecked growth of cryptocurrencies could harm its ability to manage the money supply, control inflation and stabilize the domestic currency[20].
Following the Supreme Court’s ruling in Internet and Mobile Association of India v. Reserve Bank of India – which struck down the RBI’s total banking ban on crypto businesses as disproportionate [21] – the state shifted to an aggressive taxation strategy and integrated crypto-assets under the Prevention of Money Laundering Act (PMLA) [22]. Simultaneously, the RBI launched the Central Bank Digital Currency ( CBDC), the digital Rupee (e Rupee)[23].
EMERGING TECHNOLOGIES AND LEGAL FUTURES
New technologies, including quantum computing, spatial computing and decentralized web structures are set to disrupt the landscape. Quantum computing uses principles to perform calculations at speeds. While quantum advances promise benefits they also pose a serious threat to modern cybersecurity. Most contemporary financial networks could break these encryption methods leaving global data vulnerable. This looming threat requires an update of national security laws and data protection standards.
CONCLUSION
The multiple crises of the age show that our historical method of reactive legislation is no longer effective. The Indian legal system must shift to a framework of agile co-regulation and techno-neutral legislative drafting. Techno-neutral legislation focuses on regulating outcomes and goals, than specific technical methods used. Relying on the state mandates or corporate self-regulation does not work for modern technology. The ideal way forward is an audited co-regulation model.
In this framework Parliament sets standards and independent regulatory bodies monitor corporate compliance. This approach connects expertise with democratic accountability ensuring technology advances human progress. The digital era has permanently dismantled the traditional boundaries of jurisprudence. The legal challenges analyzed in this article –ranging from privacy erosion and liability vacuums to algorithmic bias and financial instability –are not isolated technical bugs. Our global legal system faces deep cracks. If laws don’t evolve, they risk becoming outdated, leaving society exposed to unchecked corporate power and exercise state control through technology.
To fix this tension between law and technology, we need to rethink jurisprudence. Lawyers must gain strong technological understanding, since in today’s world, computer code often acts like law itself. By building flexible, international, and technology-neutral legal frameworks grounded in human rights, we can ensure technology serves humanity –always guided by justice fairness, and the rule of law.
FOOTNOTES
[1] Larry Downes, Laws of Disruption: Venture Capitalism, Silicon Valley, and the Remaking of the World 12-15 (2009)
[2] Bharatiya Nyaya Sanhita, 2023, §4, No.45 of 2023, Acts of Parliament, 2023 (India).
[3] David C. Vladeck, Machines without Principals: Liability Rules and Artificial Intelligence, 89 Wash. L. Rev. 117, 122‐26 (2014).
[4] European Parliament Resolution of 16 February 2017 with Recommendations to the Commission on Civil Law Rules on Robotics, 2015/2103 (INL), P8_TA (2017) 0051.
[5] Shoshana Zuboff, The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power 23-27 (2019).
[6] Samuel D. Warren &Louis D. Brandeis, The Right to Privacy, 4 Harv. L. Rev. 193, 195 (1890).
[7] The Digital Personal Data Protection Act, 2023, No.22 of 2023, Acts of Parliament, 2023 (India).
[8] K.S. Puttaswamy v. Union of India, (2017) 10 S.C.C. 1 ( India).
[9] Woodrow Hartzog, Privacy’s Blueprint: The Battle to Control the Design of New Technologies 89-94 (2018).
[10] The Information Technology Act, 2000, §79, No.21 of 2000, Acts of Parliament, 2000 (India).
[11] Shreya Singhal v. Union of India, ( 2015) 5 S.C.C. 1 ( India).
[12] The Information Technology ( Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, Gazette of India, pt.II sec. 3(i) ( Feb.25, 2021).
[13] The Copyright Act, 1957, No. 14 of 1957, Acts of Parliament, 1957 ( India).
[14] Id. §52 (1) (a).
[15] Id. §2 (d).
[16] India Constitution. Article 14, 19, 21 .
[17] E.P. Royappa v. State of Tamil Nadu, (1974) 4 S.C.C. 3 (India).
[18] Puttaswamy, (2017) 10 S.C.C. at 120- 24.
[19] Reserve Bank of India, Guidelines on Digital Lending, RBI/2022-23/111 ( Issued on September 2, 2022).
[20] Reserve Bank of India, Financial Stability Report, Issue No. 26 (December 2022).
[21] Internet and Mobile Association of India v. Reserve Bank of India, (2020) 10 S.C.C. 274 (India).
[22] Ministry of Finance, Notification on Prevention of Money-Laundering (Maintenance of Records) Rules, G.S.R. 163 (E) (March 7,2023).
[23] Reserve Bank of India, Concept Note on Central Bank Digital Currency, ( October 2022).