The accelerated adaptation of AI in the industry raises a natural question about what happens when DPDPA is implemented in India.
The concern of an organization is whether DPDPA implementation is synchronized with the new risks that may arise due to the use of AI in the processing of “DPDPA Protected Data”. (DPD).
At present DGPSI (Digital Governance and Protection Standard of India) which is used by FDPPI as a standard for implementing DPDPA Compliance and for Certification of the Digital Governance and Protection Management System (DGPMS) by a third party auditor.
After the DGPSI Full version with 50 model implementation specification was released to assist the Indian Data Fiduciaries, which was developed for compliance of DPDPA along with ITA 2000 and BIS draft standard for Data Governance a simpler version namely the DGPSI-Lite was released for compliance of DPDPA2023 exclusively.
Now with the growing impact of the use of AI, it is considered essential to introduce a specific guideline related to handling of “DPD Processing with the use of AI”.
DGPSI-AI therefore is being conceived as the additional guideline that is consistent with DGPSI and enables DPDPA compliance when the Data Fiduciary uses AI algorithms for the processing of DPD.
Though the current DGPSI-Full version is already capable of covering the AI impact Risk, an explanatory sub-guideline applicable to AI processing of DPD is considered beneficial.
Watch out for the detailed document to be released shortly. This new guideline or a set of Model Implementation Specifications applicable for AI processing of DPD will incorporate the global expectations expressed through ISO 42001, 42005 as well as the emerging legal expectations in USA and Australia.
Naavi
