Today, governments around the world are increasingly adopting Artificial Intelligence (AI) to improve governance, health services and public facilities. While this technology undoubtedly streamlines and simplifies operations, it also raises an important question: Who has real control over citizens’ data—especially when these systems are developed by foreign companies?
What kind of data do AI systems use?
Modern AI platforms work by collecting many types of data. This includes health records, banking transactions, location data, identity information and even behavioral patterns. In a country like India—where digital systems like Aadhaar and UPI are used extensively—the amount of data has become enormous. By combining these different pieces of information, AI can create a detailed profile of a person; While this proves to be very valuable for policy-making, it also arises as a major concern regarding privacy.
Control over foreign platforms and data
The situation becomes even more complicated when governments rely on foreign AI platforms. Even if the data is stored within the country, the software used to process it—and the operational protocols associated with it—are often controlled by external entities. For example, laws like the CLOUD Act allow foreign governments to demand data from foreign companies under certain circumstances. This means that the data of Indian citizens can, indirectly, become accessible to other countries.
What does India’s data protection law say?
To deal with this challenge, India has enacted the ‘Digital Personal Data Protection Act, 2023’. This law sets protocols for collecting, using and securing data. It also gives citizens certain rights regarding their data—such as the right to access, correct, or request deletion of their information. However, in matters involving national security, the government is given some leeway, which means complete transparency is not always possible.
New risks arising from increasing use of AI
One of the biggest impacts of AI systems is the increasing scope of surveillance. When different data sets are combined together, it becomes much easier to track a person’s activities and behavior patterns. While this technology may be helpful in detecting fraud or improving health services, it also increases the risk that people are assessed—without their knowledge—based on risk profiles. Furthermore, the inner workings of these systems are often not completely transparent, raising questions about accountability.
Why data sovereignty is becoming a big issue
Data sovereignty means that a country should have complete control over the data related to its citizens. India has emerged as one of the world’s largest data producers; However, it is still dependent on foreign companies for its technological infrastructure. This contradiction is the biggest challenge: on the one hand, it is important to take advantage of the benefits of modern technology, on the other hand, it is equally important to maintain security and control over your data.
What effect does this have on the common citizen?
Every time you make a digital payment, avail of a government scheme, or use online health services, you are creating new data. This data can decide what services you get, what plans you are eligible for, and how the system views you. Therefore, it is important to understand how—and by whom—your data is being used.
The way forward and the big question
As the scope of AI continues to expand, the key question is no longer whether data is being used, but on what terms—and under whose control—it is being used. For a large digital nation like India, this determination is of utmost importance, as the decisions taken today will determine the future of privacy, security and rights of its citizens.
