Artificial Intelligence · India
AI regulation in India (2026)
India shaded by its artificial intelligence status
India has deliberately chosen NOT to enact a comprehensive standalone AI law, concluding that existing laws plus a 'lightweight', adaptive, principle-based approach suffice for current risks. The flagship instrument is the India AI Governance Guidelines released by MeitY on 5 November 2025 under the IndiaAI Mission, anchored in seven 'sutras' and six pillars, complemented by the 2018/2021 NITI Aayog national AI strategy and responsible-AI principles. Binding obligations come from sector/horizontal laws — notably the DPDP Act 2023 and recently amended IT Rules requiring labelling of 'synthetically generated information' (deepfakes) effective 20 February 2026.
Key points
MeitY's India AI Governance Guidelines explicitly conclude a separate AI statute is not needed given current risk assessment, advocating a 'lightweight', adaptive, techno-legal approach that leverages existing laws and favours innovation over restraint.
The Guidelines are built on seven guiding principles (Trust; People First; Innovation over Restraint; Fairness & Equity; Accountability; Understandable by Design; Safety, Resilience & Sustainability) and six pillars (Infrastructure; Capacity Building; Policy & Regulation; Risk Mitigation; Accountability; Institutions).
The Guidelines recommend an AI Governance Group (chaired by the Principal Scientific Adviser, with MeitY as nodal ministry), a Technology & Policy Expert Committee, and an AI Safety Institute, coordinating with sectoral regulators such as RBI, SEBI and ICMR.
MeitY amended the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 to define 'synthetically generated information' and mandate labelling/metadata (e.g. labels covering ≥10% of visual area or initial 10% of audio), with platform obligations; the amendments take effect 20 February 2026.
The Digital Personal Data Protection Act, 2023 (and its Rules) governs personal data used to train/operate AI; AI developers/deployers are typically 'Data Fiduciaries' subject to consent, purpose-limitation and accountability obligations.
NITI Aayog's National Strategy for AI (#AIForAll, 2018) and 'Principles for Responsible AI' (2021) set seven voluntary principles (safety/reliability, inclusivity, equality, privacy/security, transparency, accountability, human values); the IndiaAI Mission (2024) operationalises compute, datasets and safe-AI initiatives.
Timeline - major decisions & events
MeitY's amendment to the IT (Intermediary Guidelines) Rules, 2021 (notified Oct 22, in force Nov 15) requires platforms to label 'synthetically generated information' with permanent identifiers, with visible labels covering at least 10% of visual content. It is India's first binding rule specifically targeting deepfakes.
Law.asia ↗MeitY notified the Digital Personal Data Protection Rules, 2025, bringing the 2023 Act into operational force and setting consent, breach-notification and children's-data norms that govern how personal data can be used to train and deploy AI systems.
MeitY ↗MeitY published the India AI Governance Guidelines under the IndiaAI Mission, opting for a 'light-touch', sector-led, pro-innovation framework built on seven principles (Sutras) and an AI Governance Group rather than a standalone AI law. This defines India's current regulatory posture.
PIB / MeitY ↗IT Minister Ashwini Vaishnaw announced the IndiaAI Safety Institute, incubated under the IndiaAI Mission on a hub-and-spoke model, to advance research on safe and trusted AI contextualized to Indian datasets and languages, positioning India in the global AI-safety network.
Office of the Principal Scientific Adviser ↗A MeitY/PSA subcommittee released its report recommending a principle-based, voluntary-plus-sectoral approach and creation of an inter-ministerial AI coordination body and technical secretariat. It was opened for public consultation and directly shaped the November 2025 Guidelines.
IndiaAI / MeitY ↗A revised advisory removed the controversial requirement for prior government approval to deploy 'under-tested' AI models and instead emphasized labelling of AI-generated content and clear identification of deepfakes/misinformation, applying to all intermediaries.
MeitY ↗The Union Cabinet approved the national IndiaAI Mission with a ~Rs 10,371.92 crore outlay covering compute (10,000+ GPUs), indigenous foundation models, datasets, skilling and a 'Safe & Trusted AI' pillar — the foundation of India's state-led AI ecosystem strategy.
PIB / Cabinet ↗MeitY directed intermediaries to label untested AI models and obtain explicit prior government approval before deploying them in India — a move triggered by deepfake concerns ahead of the 2024 elections that drew industry backlash and was quickly revised.
MeitY ↗India's first comprehensive data-protection law received assent, creating consent, purpose-limitation and data-fiduciary obligations that are the principal legal constraint on processing personal data for AI training and deployment.
MeitY / Gazette of India ↗NITI Aayog published its Responsible AI approach document setting out seven principles — safety, equality, inclusivity, privacy, transparency, accountability and protection of human values — that became the ethical baseline cited in later governance frameworks.
NITI Aayog ↗India's foundational digital law, with the intermediary-liability and due-diligence regime (Section 79 and the 2021 IT Rules built on it), remains the principal legal basis on which AI-content advisories and deepfake rules are issued today.
MeitY ↗India - other topics
Last verified 5/23/2026 · Orientation, not legal advice - verify against the primary sources linked above. Explore the full world map →