India considers separate AI legislation as courts and regulators expand oversight

India is pursuing a new AI law to tighten tech governance. This will impact 2,117 global capability centers generating $98.4 billion in revenue.

Categorized in: AI News Government
Published on: Jul 10, 2026
India considers separate AI legislation as courts and regulators expand oversight

India's Union Minister for Electronics and Information Technology Ashwini Vaishnaw indicated on 11 June 2026 that the government may pursue an AI-specific law, a departure from its earlier stance that the existing IT Act was sufficient. The shift, combined with a raft of court rulings and sectoral regulatory actions, points to a rapidly tightening governance framework for artificial intelligence across the country.

Government reconsiders AI legislation

In an interview with the Press Trust of India, Vaishnaw said the country needs a fresh AI-specific law because "the world of AI is very different from the world when the (Information Technology) Act was enacted in 2000." This contradicts the government's previous position that it was not considering a separate AI law. It remains unclear whether the new rules will be part of the long-awaited IT Act revamp or introduced as standalone legislation.

A week later, on 18 June 2026, Prime Minister Narendra Modi reinforced India's global AI positioning at the VivaTech Summit in Paris. He repeated the M.A.N.A.V. framing - "for India, AI means all inclusive" - and stressed the importance of democratizing technology. For policy makers watching these signals, the twin messages suggest a government preparing to legislate while also projecting an open, inclusive AI posture internationally.

Courts enforce human-in-the-loop and privacy rights

The Supreme Court delivered a sharp warning on 2 July 2026 in Pooja Ramesh Singh v. Jammu and Kashmir Bank Ltd. The bench set aside orders from the National Company Law Tribunal and the National Company Law Appellate Tribunal after discovering they were based on AI-generated fake precedents attributed to the Supreme Court. The court directed the Bar Council of India to form a committee and prescribe disciplinary norms for advocates who file AI-generated fake citations.

That same day, the Madurai Bench of the Madras High Court directed Tamil Nadu Police to investigate the morphing and nonconsensual circulation of images of a Singapore-based Indian woman. The judgment placed such conduct squarely within the protection of bodily privacy and decisional dignity under Article 21 of the Constitution. A day earlier, the Delhi High Court ordered the removal of five specific deepfake posts targeting Rajya Sabha MP Raghav Chadha, acting on his plea against AI-generated morphed images.

Together, these rulings represent the clearest domestic enforcement yet of the human-in-the-loop principle - and they are being applied at the apex of the judicial system.

Regulators tighten oversight on model risk and dark patterns

The Reserve Bank of India (RBI) gave banks and other regulated entities until 30 June 2026 to submit board-approved gap assessments on frontier-AI cyber risks. Deputy Governor Swaminathan Janakiraman confirmed that advisories had been issued and that Mythos-class models were engaging the government at both the RBI and inter-regulatory forum levels. On 24 June 2026, the RBI released draft "Guidance on Regulatory Principles for Model Risk Management," extending the framework to third-party models and AI/machine learning systems used by commercial banks, small finance banks, payments banks, non-banking financial companies, asset reconstruction companies, and credit information companies.

The Insurance Regulatory and Development Authority of India (IRDAI) also moved on consumer protection. It added dark patterns to its agenda and commissioned a study by the Institute of Public Auditors of India to observe such practices over nine months. Chairman Ajay Seth called out insurers who force customers to hand over personal data before showing a quote. Meanwhile, the Central Consumer Protection Authority initiated enforcement action on 3 June 2026 against PhysicsWallah Limited and McAfee Software India Private Limited, imposing nominal fines for basket sneaking, confirm shaming, and forced action.

MeitY questions messaging apps on username feature

The Ministry of Electronics and Information Technology (MeitY) issued notices to Meta's WhatsApp, and shortly after to Telegram and Signal, over their optional usernames feature. The notice gave WhatsApp three days to explain why the feature - announced globally on 29 June 2026 - should not attract regulatory action under Section 79 of the IT Act and the 2021 Intermediary Rules. MeitY asked the company to hold the India rollout until the ministry concluded its consultation, citing concerns that cybercriminals would misuse the feature.

India's GCC ecosystem expands, fueling demand for governance skills

The Nasscom-Zinnov "GCC Value Orbit report" released on 3 July 2026 offers a snapshot of the scale. India now hosts 2,117 Global Capability Centres operating across 3,728 units and employing about 2.36 million professionals, with ecosystem revenues of USD 98.4 billion. Around 506 of the Forbes Global 2000 companies run operations from India, and nearly 64% of GCC site leaders hold dual mandates that include cybersecurity and AI governance as mission-critical responsibilities.

The demand for privacy, AI governance and cybersecurity skills will only intensify over the next 12 to 18 months, as the Digital Personal Data Protection Act takes full effect on 13 May 2027, the Data Protection Board begins functioning, and sectoral regulators sharpen their enforcement teeth.

Why this matters for government professionals

For officials drafting rules, enforcing compliance, or managing public-sector AI deployments, the past month has provided a clear signal: India's regulatory machinery is moving on multiple fronts simultaneously. The Supreme Court's insistence on human oversight in legal AI use, the RBI's model risk framework, and MeitY's scrutiny of platform features all point to a more assertive state. Government professionals who will be responsible for implementing these frameworks need to understand both the technology and the emerging legal obligations. The window to build that expertise is narrowing.


Get Daily AI News

Your membership also unlocks:

700+ AI Courses
700+ Certifications
Personalized AI Learning Plan
6500+ AI Tools (no Ads)
Daily AI News by job industry (no Ads)