Recommendations of the Indian AI guidelines to the industry vs practical guidelines under DGPSI-AI

Posted on November 8, 2025 by Vijayashankar Na

For the attention of the Indian AI Guidelines Committee headed  by Dr Balaraman, Professor, IIT Madras.

The Indian AI Guidelines had set out the above recommendations for the industry. The DGPSI AI which is a framework exclusively for the compliance of DPDPA (with ITA 2000 et al.) is not just a recommendation but an implementable framework for DPDPA Compliance by a Data Fiduciary in an  AI environment.

The first three recommendations above directly relate to the  use of DGPSI AI. The framework is meant for compliance of DPDPA and can be used to demonstrate compliance.

The fourth recommendation on Grievance redressal is part of DGPSI framework and DPDPA compliance.

The fifth recommendation is for industry groups and not for individual Data Fiduciaries  FDPPI is actually discharging this function and recently exposed the “Deep Seek” AI’s plans to bypass DPDPA Permissions, silence the whistle blower, bribe authorities etc.

The sixth recommendation is also already under implementation by FDPPI which is setting up a SIG specifically to mentor Privacy Enhancement Tools.

We can therefore proudly say that DGPSI-AI is already implementing all the recommendations that are incorporated in the India AI Guidelines though the committee members had no courtesy to acknowledge or are betraying their complete ignorance of the market happenings.

It appears that the report must have been prepared by some industry consultant and endorsed by the committee rather than a well deliberated development over the last two years of the existence of the committee.

I remember that when I had enquired about a famous committee report of RBI where a leading legal expert was a member and there was a chapter on  Cyber Laws, he had confirmed that no meetings were attended by him regarding Cyber Law related recommendations and he was totally unaware of how it found a place in the report. Subsequently based on the objections raised by Naavi.org, RBI completely left out the recommendations in its notification.

Even in this committee if some body gets a RTI report on how many meetings happened, who all attended, and whether there were minutes of the  meeting etc., we will perhaps realize that many of the committee members were not even aware of some of the recommendations contained in this report.

I would love to get the feedback from the members of the Committee. Why the existence of DGPSI-AI was not mentioned in the  report is today a mystery and  will be revealed in due course..

Your comments are welcome..as we dive  further into the  report in subsequent articles.

Naavi

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Privacy. Bookmark the permalink.