Artificial Intelligence has become a common word used by the industry to describe many software systems. With the advent of EU-AI act, as well as the ISO 42001, industry is being concerned with compliance of AI to an acceptable industry standard and legal requirements. India is yet to pass a separate AI law but the existing ITA 2000 and DPDPA 2023 will continue to guide compliance of the “Development”, “Distribution” and “Usage of AI”.
FDPPI treats an AI system as a distinct process and applies the principles of DPDPA 2023 for compliance. The role of AI developer, distributor and User is determined with reference to ITA 2000 and DPDPA 2023.
A separate Framework DGPSI-AI guides the implementation and audit of DPDPA compliance in a technical environment using AI.
With this approach, FDPPI applies DGPSI framework of compliance to assess an AI system of software or a combination of hardware and software.
The output of such assessment is termed AI-DTS which is a Data Trust Score assigned to the system.
The system adopts the principles of EU-AI act compliance as well as ISO 42001 principles while staying focussed on DPDPA 2023 compliance.
Currently the focus of AI-DTS is the user of an AI system who feeds the personal data collected by him into the AI system for processing. This would be referred to as AI-DTS (Deployer).
AI-DTS (Developer) is a more comprehensive system for developers of AI systems and AI-DTS (Intermediaries) will focus on the category of intermediaries like distributors.
AI-DTS (Deployer or User) is part of the DGPSI audit and assessment process and interested persons for independent assessment of AI products/Services may contact FDPPI for more details.
