oppn parties Artificial Intelligence Does Not Automatically Need Another Law

News Snippets

  • Former Punjab Police DSP Jaspal Singh, facing life imprisonment for the abduction and murder of activist Jaswant Singh Kalra (on whose life the banned movie Sutluj is made), has gone absconding after he was released on bail in May 2023
  • The Supreme Court has ruled that failure to report child abuse is punishable under sections 19 and 21 (read conjointly). It sais a headmistress who failed to report a rape complaint to the police will face prosecution
  • Novo Nordisk has introduced Awiqli, the weekly insulin for Type 1 and Type 2 diabetes patients dependant on daily shots
  • India and Australia boost defence ties and agree to fast-track talks on economic cooperation as PM Modi visits the country to hold bilateral talks with his counterpart Anthony Albanese
  • With monsoon changing gears, the entire country gets coverage and deficit was reduced to just 14%
  • Police searched the homes of the accused in the Ayodhya temple theft case and seized cash and valuables from the homes of three accused
  • Calcutta HC allows Mamata faction of TMC to use party bank accounts, says freeze order 'hurried'
  • 3 former TMC MPs - Sushmita Dev, Sukhendu Sekhar Ray and Prakash Chik Barik join BJP, get the party ticket for Rajya Sabha by-polls from Bengal
  • Government announces customs duty waiver for Li-ion cell and induction coil and electronics parts in order to boost domestic battery manufacture
  • TCS bucks the tech trend: Q1 revenue rises 2.7% and company adds 9000 to workforce amidst layoffs in most other firms
  • Stocks recover somewhat on Thursday: Sensex gains 238 points and Nifty 80 points
  • U-23 Athletics Championships: India win gold in 4X400 mixed relay
  • FIFA World Cup: Mbappe scores once as France beat Morocco 2-0 to enter the semifinals
  • 4th T20 versus England: India continue their woeful display in this tour, score just 158 for 7 with Shreya Iyer top scoring with 80 not out. England win by 9 wickets. With this, India have lost the 5-match series 0-3 with the first match washed out
  • Calcutta HC says that the rate at which SIR appeals are being disposed, it will take 21 years to clear all such appeals
FIFA World Cup: France beat Morocco 2-0 to enter the semifinals /////// India lose the 4th T20 by 9 wickets and the series to England
oppn parties
Artificial Intelligence Does Not Automatically Need Another Law

By Sunil Garodia
First publised on 2026-07-04 11:05:41

About the Author

Sunil Garodia Editor-in-Chief of indiacommentary.com. Current Affairs analyst and political commentator. Author of Cyber Scams in India, Digital Arrest, The Money Trap and The Human Hack

There is a familiar pattern in public policymaking whenever a disruptive technology emerges. The first instinct is seldom to examine whether existing laws can be adapted to deal with new realities. Instead, the debate quickly shifts to drafting another statute, creating another regulator and establishing another layer of compliance. Artificial intelligence appears to be provoking exactly that response in India. The government has indicated that it is considering a separate law for AI, a proposal that has already generated considerable discussion. Yet the more important question has received surprisingly little attention. Has India reached a point where its existing legal framework is incapable of regulating artificial intelligence, or are we simply assuming that every new technology demands a new law?

The distinction is not merely academic. It goes to the heart of how modern legal systems should respond to technological change. Laws are intended to regulate conduct, define rights and assign responsibility. They are not meant to be rewritten every time a more sophisticated tool emerges. If legislation begins to chase technology instead of governing conduct, Parliament will find itself enacting new statutes at a pace that technology itself will render obsolete.

This is hardly the first time governments have confronted such a dilemma. The internet fundamentally altered communication, commerce and governance. Smartphones transformed the way citizens access financial services and public institutions. Social media changed political discourse and information flows in ways that few had anticipated. Each of these developments produced legal questions that existing statutes had never contemplated. Yet governments generally responded by amending existing laws, refining definitions and issuing sector-specific regulations rather than abandoning established legal frameworks altogether. Artificial intelligence undoubtedly presents challenges of a different scale, but scale alone is not a convincing argument for legislative reinvention.

Much of the anxiety surrounding AI arises because it appears capable of creating entirely new forms of harm. On closer examination, however, many of those harms are variations of familiar offences committed with more sophisticated technology. Fraud remains fraud even when an AI model generates the fraudulent communication. Identity theft does not acquire a different legal character merely because artificial intelligence enables criminals to impersonate another individual more convincingly or on a much larger scale. Phishing campaigns become more efficient when AI writes persuasive messages, but they remain phishing campaigns nonetheless, suggesting that the legal response should continue to focus primarily on the underlying criminal conduct while recognising that the technology may justify enhanced obligations relating to detection, attribution and evidence.

Deepfakes are often cited as evidence that artificial intelligence requires an entirely new legal framework. They certainly present more complex legal questions because the harm extends beyond deception. Non-consensual intimate deepfakes, fabricated political speeches and manipulated evidence may affect privacy, dignity, reputation and democratic processes in ways that conventional forgery never contemplated. Even here, however, the answer does not necessarily lie in constructing a separate AI statute. It may lie in strengthening existing criminal law, privacy law and information technology legislation so that they expressly recognise these new manifestations of harm while preserving a coherent legal framework that regulates conduct rather than the technology itself.

India is not approaching this debate from a position of legislative inadequacy. The Information Technology Act already addresses several categories of cyber offences. The Digital Personal Data Protection Act establishes obligations relating to the processing of personal information. Criminal law continues to deal with cheating, forgery, impersonation, criminal intimidation and financial deception, while consumer protection legislation, copyright law, competition law and sectoral regulations already govern activities that increasingly involve artificial intelligence. None of these enactments anticipated the emergence of large language models or generative AI, but that is precisely why they should now be revisited and updated. Modernising an existing legal framework is not an admission that it has failed. On the contrary, it reflects the normal evolution of law in response to changing circumstances.

The alternative is considerably more complicated than it first appears. A separate AI law would inevitably overlap with legislation that is already in force because artificial intelligence is not a distinct economic sector capable of being regulated in isolation. It is becoming an enabling technology across banking, healthcare, education, manufacturing, agriculture, journalism, transport, insurance, public administration and almost every other field of economic activity. Each of these sectors is already regulated by institutions possessing specialised knowledge of the risks unique to their respective domains. A banking regulator understands financial stability far better than a general AI regulator. Medical authorities are better equipped to evaluate clinical decision-support systems than a technology regulator dealing simultaneously with autonomous vehicles, language models and industrial robotics. A separate AI statute would therefore sit above an existing regulatory structure without replacing it, increasing the likelihood of overlapping jurisdictions, duplicated compliance obligations and conflicting regulatory expectations.

That prospect should concern India because regulatory complexity rarely affects every participant equally. Large corporations possess legal departments capable of navigating overlapping statutes and multiple regulators. Smaller enterprises and start-ups usually do not. India has repeatedly declared its ambition to become a global centre for artificial intelligence research, development and innovation. That ambition will be difficult to realise if entrepreneurs are compelled to devote increasing amounts of time and capital to understanding regulatory architecture before they can bring products to market. Good regulation should create certainty without imposing avoidable procedural burdens, particularly in a field where technological advances occur far more rapidly than legislative amendment.

Developments abroad demonstrate that governments themselves remain uncertain about the most appropriate regulatory model. The European Union has chosen perhaps the most ambitious path by enacting a comprehensive AI Act built around a risk-based framework that imposes extensive obligations on developers and deployers of high-risk systems while prohibiting certain uses altogether. The United States has preferred a markedly different approach, relying largely on existing regulators and sector-specific guidance instead of creating a comprehensive federal AI statute. The United Kingdom has similarly asked existing regulators to apply common principles of safety, accountability, transparency and fairness within their respective sectors, while China has introduced targeted regulations governing recommendation algorithms, deep synthesis technologies and generative AI services. The significance of these differing approaches lies not in identifying a model for India to copy but in recognising that no settled international consensus yet exists. Countries are still experimenting because artificial intelligence continues to evolve more rapidly than legislation can reasonably anticipate.

That uncertainty alone should encourage legislative restraint. Parliament should be cautious about constructing an elaborate statutory framework for a technology that is still evolving at extraordinary speed, particularly when experience suggests that highly prescriptive technology laws often require repeated amendment within a few years of enactment. Amending an existing statute is usually less disruptive than rewriting an entirely new legislative framework each time technological capability advances.

India's more immediate challenge also lies elsewhere. The country is witnessing an unprecedented rise in cyber fraud, digital arrest scams, financial deception, identity theft and online impersonation despite possessing an extensive body of cyber and criminal law. That reality suggests the principal weakness lies not in legislative absence but in institutional capacity, which must encompass stronger digital forensic capabilities within investigative agencies, greater technical expertise among investigators and prosecutors, closer coordination between regulators, law enforcement agencies and digital platforms, and improved public awareness of increasingly sophisticated online threats. Unless those institutional deficiencies are addressed simultaneously, another statute is unlikely to produce dramatically different outcomes simply because it carries the words "artificial intelligence" in its title.

None of this should be interpreted as an argument against regulating artificial intelligence. AI undoubtedly raises legitimate questions about transparency, accountability, algorithmic discrimination, autonomous decision-making and liability when automated systems cause harm. Those concerns deserve careful legislative attention. They also require greater clarity regarding the obligations of developers, deployers and intermediaries, particularly where high-risk AI systems influence employment, finance, healthcare, policing or access to essential public services. The issue is whether those objectives are better achieved by constructing another parallel legal regime or by strengthening laws that already regulate the underlying conduct while introducing carefully drafted AI-specific obligations wherever genuine gaps exist.

There is an understandable temptation in government to demonstrate responsiveness by announcing new legislation whenever technology advances. It creates the appearance of decisive action and signals that policymakers recognise emerging risks. Good governance, however, is measured less by the number of statutes enacted than by the coherence, clarity and effectiveness of the legal system that ultimately emerges. Before embarking on a separate AI law, India would therefore do well to undertake a comprehensive review of the Information Technology Act and related legislation to identify precisely where artificial intelligence has created genuine legal gaps and where existing provisions merely require updating. If that exercise reveals areas that cannot reasonably be accommodated within the present framework, Parliament would then have a stronger basis for considering a dedicated statute. Until then, legislative modernisation appears a more prudent course than legislative multiplication, particularly when the country's more pressing need is to ensure that the laws it already possesses are capable of being enforced effectively in an age increasingly shaped by artificial intelligence.

The lead image is AI-generated