Hello from India.

This time of year, most of us in India brace ourselves for the brutal summer months around the corner with the annual cricket Indian Premier League providing some respite. This year, however, the country's general elections are taking center stage. Spread over 82 days and seven phases, 969 million voters will go to the polls. At stake are 543 seats to the Lok Sabha (lower house of Parliament) across 28 states and 8 union territories. It is the world's largest elections with spending by political parties and candidates projected to cross USD14.4 billion.

What relevance does this have from a privacy perspective, you might ask?

For one, many key regulatory and legal decisions are expected to be on hold until the new government comes to power.

On the other hand, it is interesting to see how various aspects relating to privacy, artificial intelligence, Big Tech, and data will play out in the election context. Given how this election is set to be fought both in the physical and digital realm, these aspects are critical.

AI and the elections

Already, we are seeing the deployment of AI in a big way. From popular deceased politicians being "brought alive" on screen to targeted audio messages calling out individual voter names by political leaders, no stone is left unturned. This, in turn, has given rise to discussions around the ethics of using AI and whether this leads to misleading voters, and more.

Fake news making news

On 20 March, the Ministry of Electronics and Information Technology — under the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 — notified the establishment of a fact-checking unit under the Press Information Bureau of the Ministry of Information and Broadcasting. Under the rules, all social media intermediaries would be required to take down any content labeled as fake by the government.

The fact-checking unit was originally announced in early 2023, following which several entities including the Editors Guild of India, the Association of Indian Magazines and Kunal Kamra (a well-known political satirist) filed separate petitions with the Bombay High Court in opposition and asking for a stay order. The court heard all the petitions together and the request for the stay order was ultimately rejected 14 March. The MeitY notified the fact-checking unit within a few days of the judgment.

The petitioners immediately took the case to the Supreme Court, which implemented a stay on the fact-checking unit.

Privacy finds its way into political manifestos

Meanwhile, a clear indication of how privacy aspects are finding their way into mainstream thought is when a political party mentions in it their election manifesto. The DMK, a leading political party from the state of Tamil Nadu where it is the ruling party, specifically mentions in their manifesto that they would work to "include digital rights as fundamental human rights."

AI governance advancements

Meanwhile, in non-election specific news, the last few weeks saw some interesting ebb and flow around AI governance in India. On 1 March, the government first put out an advisory on AI models and their deployment.

Widely understood to be triggered by Google's AI chatbot Gemini's controversial response to a question about India's Prime Minister Narendra Modi, the advisory required untested and/or unreliable AI models to obtain explicit permission from the government before deployment. Further, AI models that generated deepfake content were required to be labeled, indicating that their output was unreliable with popup notifications to users.

As expected, there was considerable uproar from various stakeholders. Multiple concerns were voiced, the primary one stating the advisory went against interests of startups and small companies, given that government approvals would now be required for even beta testing models. Consequently, Minister of State for Electronics and Information Technology Rajeev Chandrasekhar clarified on social media that the advisory was aimed only at large platforms, though the document itself did not make any such distinction.

Subsequently, an updated advisory issued 15 March reversed the government's stance requiring explicit permission for deployment. However, several questions remain on other aspects of the advisory. Overall, one needs to wait and watch to see how this pans out.

In this same timeframe, on 7 March, the country launched its "IndiaAI Mission" to promote research and development of AI in India with a budgetary outlay of INR10.32 billion for five years. One of the intentions of this mission is to build a unified data platform and provide access to nonpersonal data sets for AI. These data sets are to be collected from various government ministries, departments and private organizations. There are concerns and questions already around these proposed data sets, including the interpretation of "non-personal data," whether data scraped from social media platforms be included — given that India's Digital Personal Data Protection Act excludes data that is publicly available — and so on.

All in all, the sizzle of the upcoming summer promises to come not just from the sun god.

I sure am looking forward to a respite from the heat as I look forward to attending and speaking at the IAPP Global Privacy Summit 2024 in Washington, D.C. in April.