Category: Information Technology

Here’s the roadmap of India’s pioneering AI regulation

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

India’s stance on regulating artificial intelligence (AI) is a dynamic process, evolving in tandem with global developments while addressing domestic challenges. The Ministry of Electronics and Information Technology (MeitY) has articulated its intent to regulate high-risk AI applications, emphasising user protection, potentially through dedicated rules within the proposed Digital India Act.

However, the enactment of a bespoke AI legislation is yet to materialise. Recognising the need to catalyse emerging technologies’ growth, including AI, MeitY underscores the importance of establishing guardrails for safe and ethical AI use, ensuring accessibility to trustworthy AI, averting misuse, and leveraging AI’s potential as a catalyst for India’s digital economy.

Challenges and Considerations

AI regulation in India is met with various ethical and risk-related challenges, encompassing concerns such as bias, privacy violations, lack of transparency, and liability attribution ambiguity. In response, central and state government agencies have initiated efforts to standardise responsible AI development and promote best practices. Despite these endeavours, MeitY acknowledges that India’s current AI strategy falls short in adequately addressing these concerns.

Global Influences and Collaboration

India seeks to align its AI governance with global trends, particularly inspired by the European Union’s (EU) recent regulatory milestone — the AI Act. This legislation, featuring harmonised rules based on AI risk levels, serves as a benchmark for India’s regulatory aspirations. MeitY aims to collaborate with like-minded democracies to negotiate a global AI regulation agreement and establish a supranational institutional framework based on international consensus. The timeline for such global agreements remains optimistic, with expectations of tangible progress within the next six to nine months.

India’s Initiatives

India’s AI journey is punctuated by various initiatives and reports, including the National Program on AI (NPAI), Indiaai portal, Gen AI Report, recommendations from the Telecom Regulatory Authority of India (TRAI), and the Responsible AI Report. These efforts underscore India’s multifaceted approach to AI governance, encompassing skilling, capacity-building, and sectoral integration.

MeitY has formed expert groups to deliberate on India’s AI program goals and design. These groups submitted the initial edition of the AI Report, shaping India’s AI ecosystem’s future trajectory. Additionally, India, as Chair of the Global Partnership on Artificial Intelligence (GPAI), hosted a summit and crafted the New Delhi Declaration, reinforcing commitments to advancing safe and secure AI globally.

India’s endeavours in AI regulation reflect a nuanced approach, balancing the imperatives of progress with the imperatives of protection. Inspired by global regulatory frameworks and informed by domestic considerations, India’s evolving AI governance landscape underscores the country’s commitment to harnessing AI’s potential while safeguarding societal interests. As India continues to navigate the complexities of AI regulation, collaboration, innovation, and ethical stewardship will remain paramount in shaping the country’s AI future.

—The authors Shaguftha Hameed, Aditi Tripathi  and Abhay Kumar Yadav, are   Principal Associate and Associates respectively at law firm Gravitas Legal. The views expressed are their personal. 

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

IT Q4FY24 earnings preview | What guidance to expect from Infosys and HCLTech

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

The most important thing to track in the January-March 2024 results of the information technology (IT) sector will be the annual guidance from Infosys and HCLTech.

Demand recovery expectations have been pushed back. Now the Street expects demand recovery in the second half of the current financial year (FY25).

Accenture’s guidance last month further soured the sentiment towards the demand recovery.

So, the Street expects a conservative guidance from both Infosys and HCLTech.

For Infosys, CNBC-TV18 estimates around 3-5% revenue growth, and for HCLTech, it’s about 4-6%. But this is just a broad range, and the pace of recovery will be monitored.

One question that analysts are asking is whether the risk of a disappointing guidance is partially priced in.

The Nifty IT index has shed 4.5% in the last one month, while the Nifty has gained over a percent.

So, IT stocks have underperformed. Infosys shed nearly 8% in the last month, while Wipro lost close to about 6% during the same period.

This indicates that some disappointment might have already been priced in.

A few brokerages have also upgraded some stocks.

For instance, CLSA recently upgraded TCS and HCLTech to ‘underperform’ from ‘sell’.

CLSA also upgraded Tech Mahindra to a ‘buy’ from an ‘outperform’.

JPMorgan too upgraded Persistent Systems to an ‘overweight’ and LTIMindtree and KPIT Technologies to ‘neutral’ from ‘underweight/.

But it must be noted that despite these upgrades, many brokerages still have a ‘sell’ or ‘neutral’ call on some top IT companies.

In its report, JPMorgan notes that the Nifty IT’s negative price action over the last month appears to bake in some weakness keeping absolute downsides limited.

Also Read | Infosys, TCS are this analysts’ top picks based on three factors

Many analysts believe that the earnings have bottomed out in the third quarter but recovery will likely be gradual and back-ended, with companies likely to report low to mid-single-digit kind of revenue growth for FY25.

In the fourth quarter (Q4FY24), TCS is likely to lead the pack with about a 1.3% constant currency revenue growth. This growth will be led by the ramp-up of their BSNL deal and some quarter-on-quarter (QoQ) recovery in the banking vertical.

Many of the companies, Infosys, Wipro, and LTIMindtree are expected to see a revenue decline on a quarter-on-quarter basis.

HCLTech is the only company which could post a flat or marginally positive revenue growth, according to the CNBC-TV18 poll.

Also Read | The 40% Infosys underperformance to Nifty since 2022 may start reversing, as per this analyst

The fourth quarter numbers also assume importance in view of changes across companies in senior leadership and strategy.

Wipro, for instance, said its CEO Thierry Delaporte has stepped down ahead of the conclusion of his official term.

The company announced the appointment of Srinivas Pallia as the new CEO. This could mean a change in strategy for Wipro.

Tech Mahindra CEO, Mohit Joshi, has also talked about unveiling a turnaround strategy in April, or in the first quarter of current year (Q1FY25).

For Infosys, the Street will also track the possibility of a buyback, considering the last one ended in February 2023.

Also Read | Wipro’s new CEO will have an arduous task ahead, says analysts while staying cautious

In a nutshell, Q4FY24 numbers may be less important in terms of financial performance.

However, the Street will closely track the guidance by Infosys and HCLTech to gauge the pace of recovery on revenues and margin.

Citi also pointed out that from a valuations perspective, the NSE IT is trading at 25 times versus the pre-pandemic five-year average of 18 times.

Also Watch: Ankur Rudra from JPMorgan talked a lot about what we can expect from major tech companies in the fourth quarter of fiscal year 2024, during a chat with CNBC-TV18.

For more details, watch the accompanying video

Catch all the latest updates from the stock market here

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

Cloud and DevOps jobs bucking 2024 appraisal trends — what’s in for non-coders 

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

The business landscape is evolving at a break-neck pace and frequent innovations across the board have made tech adoption indispensable. Professionals across businesses and geographies are working on integrated cloud systems to design, build and execute product-led services. This transformation has sparked a global demand for Cloud and DevOps professionals, who possess the unique ability to tackle the challenges plaguing software development and IT operations. 

According to industry reports, over 50% of enterprises are projected to adopt industry Cloud platforms by 2028 to expedite their business endeavours, highlighting Cloud’s evolution from technology disruption to business indispensability. However, over 19% of recruiters are struggling to find experienced DevOps professionals. It is also interesting to note, that organisations practising DevOps, as per reports, deploy code 46 times more frequently and have a 96% higher success rate when compared to traditional development methods.

The growing demand for skilled talent and the existing shortfall have started attracting even non-techies and non-coders with corporate experience of 5-7 years who are looking for a career switch. It also means that the talent must understand cloud platform knowledge to code and hone critical soft skills for navigating industrial challenges. 

Let’s look at some key power and technical skills that can help professionals with or without a prior coding background break into the world of technology.

Cloud Platform Proficiency

Mastering cloud platforms such as AWS, Azure, and Google Cloud Platform is essential for Cloud DevOps Engineers. This expertise encompasses a thorough understanding of cloud architecture, services, and security features. Engineers must excel at deploying and managing cloud-based systems that are scalable, highly available, and fault-tolerant. Proficiency in this domain enables Cloud DevOps Engineers to leverage the full range of cloud resources, improving application performance and reliability.

Collaboration and Communication

Yes, that’s correct — to be able to collaborate and communicate is crucial for Tech professionals. Cloud DevOps Engineers must excel in these power skills to effectively engage with development, operations, and other stakeholders. They need to articulate technical issues clearly, share knowledge, and promote a culture of continuous improvement. Strong interpersonal skills are essential for facilitating smooth information flow and driving collaborative efforts essential for successful DevOps practices.

Culture of Continuous Learning and Innovation

In the contemporary professional landscape, employers are actively scouting for agile and adaptable talent. This necessitates Cloud and DevOps professionals to engage in a perpetual cycle of unlearning and relearning, enabling them to proficiently navigate and leverage emerging tools and technologies. Embracing a culture of continuous learning not only fuels personal growth but also fosters ongoing improvement and innovation within organisations.

DevOps Engineer for Catalysing Org Transformation

The role of a DevOps Engineer is pivotal in spearheading the shift towards a robust DevOps culture, assuming responsibility for driving transformative initiatives within the organisational framework. These professionals adeptly navigate the intricate intersections of software development, operations, and testing teams, seamlessly aligning with existing network infrastructures to orchestrate efficient design, planning, and testing processes. As versatile experts, DevOps Engineers seamlessly transition between multiple roles throughout the application lifecycle, ensuring streamlined operations and accelerated innovation.

Automation Architect for Orchestrating Efficiency 

The Automation Architect plays a critical role within a DevOps team by spearheading the automation of systems, a core principle of DevOps. Tasked with developing processes that streamline operations and diminish manual interventions, they focus on enhancing efficiency by identifying and integrating appropriate automation tools into the DevOps framework. Their primary responsibilities entail designing and executing strategies to automate manual tasks and discerning the most suitable DevOps tools tailored to various operational needs.

Cloud Engineers

A Cloud Engineer is accountable for designing, building, and maintaining cloud-based systems and services. They work in collaboration with other engineers and developers to ensure that these systems are reliable and scalable. Cloud engineers must have a thorough understanding of cloud computing concepts and technologies. They must be able to design and implement cloud-based solutions that are aligned with the needs of the organisation. They must also be able to diagnose and fix issues that arise with these systems.

Security & Compliance Engineer 

Modern-day applications are bound to have security vulnerabilities. Traditionally treated as an afterthought, security is now a primary concern for DevOps teams aiming to avert costly mishaps. The role of the Security & Compliance Engineer is pivotal. In smaller projects, this role may merge with that of a DevOps engineer, ensuring security practices are woven into the project’s fabric from inception. However, in larger teams, dedicated compliance engineers collaborate closely with developers throughout the product lifecycle. Their mission? To fortify code and infrastructure, ensuring robust security measures and regulatory compliance are upheld at every turn.

Additionally, the demand for Remote Engineers has also surged, reflecting the global shift towards remote work arrangements. For instance, a global survey highlighted that remote work has seen a 159% increase since 2005 in the United States alone. Even the Indian IT-BPM industry as per reports, witnessed a rapid transition to remote work during the pandemic, with nearly 90% of the workforce operating remotely.

This trend is echoed worldwide, with companies in Europe, Asia, and other regions embracing remote work to enhance flexibility and productivity. Major tech companies are switching to long-term remote work policies, highlighting the enduring importance of Remote Engineers in maintaining robust digital infrastructures. This shift towards remote work has also accelerated the need for such Engineers who specialise in cybersecurity, cloud integration, and virtual collaboration platforms, underscoring their pivotal role in ensuring operational continuity and security in today’s distributed work environments.

All these emerging roles are highly sought-after, well-paying positions. For those looking to take the next step in their career – either freshers or seasoned professionals coming out of Tech or Non-Tech domains, mastering key technical and soft skills is paramount for success in these transformative roles. It also provides a competitive edge to professionals and makes them specialists in the landscape of generalists.

—The author, Mayank Kumar, is Co-founder and MD, upGrad. The views expressed are personal.

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

Dextara acquisition aligns with focus on hyper-scalers: Datamatics’ Rahul Kanodia

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

Datamatics Global Services, a leading provider of information technology services, recently acquired Dextara Digital for ₹143.4 crore. Rahul Kanodia, the VC and CEO of Datamatics Global Services, discussed the significance of the acquisition during an interview with CNBC-TV18.

“We acquired it because of our focus on hyper-scalers,” Kanodia stated, highlighting the alignment of the acquisition with the company’s overarching growth strategy.

The acquisition involves picking a 100% stake in Dextara Digital. The company has a healthy growth rate of 19% earnings before interest, taxes, depreciation, and amortization (EBITDA). This acquisition not only strengthens Datamatics’ portfolio but also opens avenues for cross-selling opportunities, as stated by Kanodia.

Datamatics will pay an additional maximum of ₹30.6 crore depending on the achievement of certain business targets and milestones. This acquisition will help Datamatic expand its capabilities in the salesforce ecosystem as Dextara Digital has worked on over 600 salesforce projects for more than 150 global customers.

Furthermore, Kanodia mentioned that the acquisition will be financed through internal accruals.

Also Read | BYJU’S layoffs: Edtech to let go 500 employees as part of biz restructuring, up to 1,500 more job cuts likely

While discussing future growth prospects, Kanodia mentioned that Datamatics will continue to explore selective inorganic growth opportunities.

“We are talking to a few other companies. But we have been very selective with the companies we acquire, so we will continue to be selective,” he stated.

Demand looks healthier this year compared to last year. Kanodia emphasised that the company is not dependent on the banking sector, which is facing headwinds. “Therefore, we don’t see that impacting our performance for the next year,” he stated.

Addressing concerns about margins, Kanodia projected an improvement in the fiscal year 2025 compared to fiscal year 2024. The company’s current market capitalisation stands at ₹3,474.75 crore.

For more, watch the accompanying video

Also Read | Blackstone eyes $300 million IPO of India diamond certification firm, sources say

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

Baring’s Rahul Bhasin expects Indian IT services to retain global dominance despite AI disruption

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

Rahul Bhasin, Managing Partner, Baring Private Equity Partners  believes Indian information technology (IT) services companies will continue to retain their global dominance despite the challenges posed by artificial intelligence (AI).

However,  he says, “They (the industry) will go through a transition time…there is an inflection point and a state of flux, which the industry will go through. And I think there will be revenue uncertainty and business model uncertainty for a while.”

Currently, a bulk of the work earlier being done by Indian IT companies is getting automated due to AI. This shift, Bhasin believes, will necessitate transitions in business models within the IT industry, especially for large IT service companies.

While technology and software will stay the world’s fastest growing industry, eating up all other industries, “what people may have missed is that it will also eat itself up .”

Read Here | WEF 2024: Gita Gopinath says AI could impact 30% of jobs in India

Bhasin says while Baring will still prefer the tech theme, it will pick business models depending on evolving market trends.

In addition to the technology sector, Bhasin discussed the outlook for consumer and industrial sectors. While he acknowledged the soundness of consumer businesses with promising growth trajectories, he cautioned against their current expensive valuations.

Regarding the industrial sector, Bhasin noted the absence of a significant capital expenditure (capex) cycle since approximately 2011. He suggested a potential turnaround, citing increasing activity in real estate, hotels, hospitals, and malls. With government support for infrastructure investments, Bhasin anticipated a positive impact across the value chain.

Talking about PE firms exiting via block deals, IPOs, Bhasin said, “Private equity industry is time bound. So any investment made, you will see divestments. Now, that mode of divestment keeps evolving and keeps changing, depending on market conditions. Sometimes it’s strategic, sometimes it’s M&A, sometimes it’s via buyback and sometimes it’s through the listed markets in the public markets.”

Also Read | 2023 witnesses record-breaking block deals, private equity & venture capital stole the spotlight

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

Legal Digest | Why the court refused to stay govt’s Fact Check Unit for social media posts

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

Case 1 : No stay on Fact Check Unit for posts in social media 

Kunal Kamra v. Union of India with connected cases, the Bombay High Court on March 13, vide a 2:1 majority verdict refused to stay the constitution of a Fact Check Unit (FCU) by the government of India to rein in misleading and fake social media posts on government businesses. Rule 3(1)(b)(v) of the IT Rules amendment 2023 empowers the government to establish a fact check unit and unilaterally declare online content related to the government’s business on social media platforms as fake, false or misleading.

The social media intermediary then either has to remove the information or be ready to defend its actions in court if need arises. The dissenting judgement dubbed the move as censorship harking back to the post office bill of the nineties and thus trampling down the right of freedom of expression. The majority however didn’t think so in the face of the undertaking given by the government that the FCU will not strike against satire, parodies, political opinions and light-hearted humour.  

Though the FCU would censor only ‘Fake,’ ‘False,’ or ‘Misleading’ posts, these words could be the proverbial thin edge of the wedge to gag freedom of expression. Time alone will tell if the FCU would be fair and not become a spoil sport. 

Case 2: Workers performing perennial/permanent work cannot be called contractual workers 

The Supreme Court on March 12 observed that the workers employed to perform perennial/permanent nature of work couldn’t be treated as contract workers under the Contract Labour (Regulation & Abolition) Act, 1970 to deny them the benefit of regularisation of a job. 

This judgement has tremendous significance as it gives a shot in the arm for the so-called contract workers who work as hard and as regularly as regular employees. The Supreme Court rightly frowned on this discrimination and granted back wages too.  

Thumbs up on whatsapp isn’t always celebration but often it is the harmless equivalent of saying okay 

In a recent case — Narendra Chauhan v. Railway Protection Force — the Madras High Court absolved the guilt of indiscipline pronounced on the appellant against the disciplinary authorities of the organisation and affirmed by appellate authority. The murder of an assistant commandant by a constable was posted on the constables’ Whatsapp group to which the appellant constable Narendra Chauhan had posted the thumbs up emoji. 

The Madras High Court didn’t agree that thumbs up was celebratory or an act of exultation but is often a harmless okay. Arguably it is the most frequently used response to a message on the social media and is often a shorthand expression of “I got the message or simply okay”.  Netizens with hundreds of contacts in the Whatsapp are often inundated with messages and they often react with emojis.

Breath analyser test at polling booths not necessary

A Public Interest Litigation (PIL) filed in the Andhra Pradesh High Court seeking mandatory Breath analysers at polling booths was dismissed recently. The petitioner, a registered political party (Janavahini Party), argued that allowing intoxicated voters would violate the principles of free and fair elections. Breath analyser test is perfectly justified to discourage accidents on roads due to reckless driving due to intoxication and lack of control.  

Recently when a flyer peed on a fellow passenger in a long-distance Air India flight, the accused was found intoxicated. A clamour for breath analyser test by the airline staff at the ‘gate’ followed.  But then when the cabin crew itself serves liquor freely especially to the first-class passengers, such a demand becomes unsustainable. 

Levity aside, the staff on duty at the polling booths cannot simply be expected to subject all voters to such a test. If it is made mandatory by the Election Commission all hell would break lose as denial of voting right in a democracy could lead to a large-scale litigation besides giving a potent tool in the hands of political parties and their agents to frustrate the democratic process. In any case booze flows freely in the run up to the hustings. That needs to be stopped first!

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

Sonata Software sees 10-12 week delay in pipeline to order conversion

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

Sonata Software is seeing a delay of around 10-12 weeks in closure of deals in the pipeline, the company’s CFO, Jagannathan Chakravarthi, told CNBC-TV18 .

The company, which offers services such as cloud transformation, business intelligence, and application development management, is currently pursuing over 40 large deals accounting for around 48% of the total pipeline.

The deal pipeline in artificial intelligence (AI) is over $50 million across more than 90 clients and prospects, Chakravarthi said.

On March 18, the company signed a go-to-market partnership with Zones, a global provider of end-to-end IT solutions and cloud-managed services.

This five-year partnership between Zones and Sonata Software will support cost efficiency and data optimisation through joint offerings and delivery of industry-specific solutions, Sonata said in an exchange filing.

Headquartered in Bengaluru, India, Sonata has a strong global presence, including key regions US, UK, Europe, APAC, and ANZ.

Also Read | Sonata Software likely to close 8-12 large deals with multiyear contracts in FY24, says MD & CEO

Sonata Software aspires to achieve revenue of $1.5 billion by the end of FY26 at an international earnings before interest, taxes, depreciation, and amortization (EBITDA) level of low-20s. It also expects 20% of its revenue from AI services in the next 3 years.

In October-December 2023, Sonata Software’s revenue grew 30% to reach ₹2,493 crore. However, the earnings before interest, tax, depreciation, and amortisation (EBITDA) margin slipped to 8.2% from 10.3% QoQ. The company reported a loss of ₹46 crore compared to the profit of ₹124.2 crore in the previous quarter.

The current market capitalisation of the company is ₹20,741.62 crore.

For more, watch the accompanying video

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

Deepfakes — here’s the relevance of safe harbour protection

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

In recent months, there have been discussions about the concept of ‘intermediaries and safe harbour’ protection in India and an intermediaries ability to claim safe harbour in the context of deepfakes. It is undeniable that the Information Technology Act needs to be augmented with a modern and up-to-date tech legislation.

The ‘Digital India Act’ which is purposed to meet the challenges of the present-day digital ecosystem in India seems to be the solution. This process of updating the law involves intrinsically reconfiguring safe harbour principles, which perceivably continue to be the default option for all intermediaries under the present law. 

The concept of safe harbour protection, as embodied by Section 230 of the US Communications Decency Act and Section 79 of the Information Technology Act, has played a pivotal role in facilitating the growth and development of the internet. By exempting intermediaries from liability for third-party content, these provisions have nurtured a vibrant online environment by fostering free speech and enabling internet users to freely express themselves without arbitrary intrusion.

However, the rise of deepfakes, manipulated content and misinformation has raised significant concerns about the potential misuse of safe harbour immunity. Critics argue that intermediaries, by passively hosting deepfakes, become complicit in the spread of misinformation, thus undermining the integrity of the online ecosystem. These concerns are triggering a paradigm shift in the realm of intermediary liability. Governments, industry bodies, and jurists are engaged in critical discourse to recalibrate the balance between protection of free speech and intermediary liability for hosted content.

The safe harbour principles are fundamental to the functioning of a free, open to all and borderless internet. Any legislation that seeks to completely abolish safe harbour, would not only be ineffective but also counterproductive. Whilst the discourse seems to suggest that Digital India Act may potentially weaken safe harbour protection, I maintain that intermediaries should still be entitled to claim safe harbour benefits, if they can demonstrate fulfilment of well-defined thresholds of due diligence. It is the due diligence thresholds that need revision and reset; not the concept of safe harbour itself. Eliminating the safe harbour principle altogether would blur lines between content publishers and intermediaries, which would only further undermine the efficacy of internet, making the remedy worse than the malady. 

It is imperative for the discourse to emphasise that whilst determining due diligence obligations for safe harbour protection, our Constitutional thresholds and goals are not ignored. Whilst legislation can define specific due diligence requirements, it ought not to vest upon the executive, the power to determine safe harbour status of an intermediary.

Any role to the executive in such determination will indirectly permit it to pre-censor content and suppress dissenting voices detrimentally impacting the fundamental right to freedom of speech. This would create a dangerous precedent where the executive could potentially curtail or influence free speech by selectively granting or withholding safe harbour protection. Constitution of India is people centric and permits ‘free trade’ — in ideas and ideologies.

After all, as has been observed by the Supreme Court of India, it is not the function of the government to keep the citizen from falling into error; it is function of the citizen to keep the government from falling into error. ‘Thought control’ is alien to our constitutional democracy.

Specifically in the context of deepfakes, the notion that intermediaries will not be entitled to safe harbour protection has become a prevalent assertion, often repeated without rigorous examination. This superficiality stems from the belief that intermediaries, simply by hosting deepfakes, are complicit in their distribution and the harm they inflict.

This reasoning is fundamentally flawed as it overlooks the intermediaries’ role as mere passive conduits of content and not the originators of deepfakes. The issue deserves a more intelligent debate. The level of discourse reaching a mailbox simply cannot be limited to that which would be suitable for a sandbox, the latter offering a more controlled environment for expressing speech. Superficial discourse will fail to acknowledge the complexities inherent in determining intermediaries’ culpability for deepfakes and the legal framework surrounding them. 

In light of the unique challenges posed by deepfakes and intermediary’s ability to claim safe harbour, technological solutions may offer better remedies than superficial regulations. Tech players must collaborate to develop common standards to ensure transparency when AI-generated media is shared. This could be achieved through robust mechanisms to identify and flag deepfakes, including systematic fact-checking, timely disclosure and watermarking.

Policymakers and industry stakeholders must collaborate to educate users about the dangers of deepfakes and methodologies to identify them. After all, the internet user is also a stakeholder in the assessment of authenticity and potential harm of deepfakes. Prudence lies in strengthening the existing safe harbour regime whilst enhancing the accountability and transparency of intermediaries. 

To conclude- any legal framework that seeks to undermine the fundamental principles of safe harbour protection or grants excessive discretion to the executive in determining intermediaries’ eligibility for safe harbour protections will ultimately exacerbate the issue of online harm.

—The author, Sajan Poovayya, is a Senior Advocate with constitutional, technology, corporate and commercial law practice in the Supreme Court of India. He was also among the youngest to serve as an Additional Advocate General for the State of Karnataka. The views expressed are personal.  

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

Dark Patterns regulation guidelines — how it brings dishonest online market practices to light

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

Dark patterns refer to deceptive user interface designs employed by online services such as websites or applications to influence users to make decisions they otherwise might not. These misleading tactics are pervasive, extending from popular news websites to your favourite food delivery application. In response to the aforesaid issue, the Department of Consumer Affairs introduced Guidelines for Prevention and Regulation of Dark Patterns under Section 18 of the Consumer Protection Act, 2019 (“Guidelines”). 

Their primary objective is to curb dishonest practices and promote transparency in the online marketplace. This marks a significant and commendable stride, considering that the Indian legal framework had been largely silent on dark patterns until now. The Guidelines define dark patterns as “any practices or deceptive design patterns using UI/UX (user interface/user experience) interactions on any platform; designed to mislead or trick users into doing something they originally did not intend or want to do; by subverting or impairing the consumer autonomy, decision making or choice; amounting to a misleading advertisement or unfair trade practice or violation of consumer rights.”

These Guidelines apply to (i) all platforms offering goods or services in India; (ii) to advertisers; and (iii) to sellers; and prohibit engagement in dark patterns by any person, including platforms. Dark patterns are influenced by human thinking and are designed deliberately to get you to click somewhere where you don’t want to or get you to agree to something you don’t want to. Under the Guidelines, 13 (thirteen) deceptive patterns have been outlined as banned. The most common patterns include:

1. False Urgency: This dark pattern refers to an act of misleading a user into believing that there is a false sense of urgency or scarcity to persuade them to act quickly and make a purchase, e.g. showing false popularity of a product or service to influence a user’s decision. A lot of times, when users are adding products to their cart, there is an instant pop-up stating, “only a few items are left”, when in fact the product remains in stock even after weeks (sometimes even at reduced prices!).
2. Basket Sneaking: This dark pattern is the act of automatically adding extra items like products, services, charitable contributions or donations during the checkout process on a platform without the user’s consent, resulting in an unintended increase in the total amount payable by the user. The most common example being the Rs. 1/- donation, which is automatically added during checking out and does not usually meet the eyes of the customers (given that the addition made to the cart is almost negligible).
3. Forced Action: This dark pattern refers to compelling a user to purchase extra items, subscribe to unrelated services, or share personal information just to access or buy the initially desired product or service. A very common example of ‘Forced Action’, is that of gated websites. There are numerous websites/applications which allow the users to access the information/data only after signing up. These are a means to collect personal data for targeted advertisements, et al. 
4. Subscription traps: Also known as a “Roach Motel”, this pattern makes it difficult or impossible for users to cancel a subscription, such as by requiring them to call a customer service number or navigate through a complex maze of menus. There are several applications, which do not show the option of closing or de-activating the account in a straight-forward manner. In a market where every user is not tech savvy or has the patience of going through several steps to de-activate his/her account, the accounts of such users remain active, thereby granting perpetual access to their personal data.

Punishment for engaging in Dark Patterns

Post induction of Guidelines, the Consumer Protection Act has inculcated an Annexure, namely Annexure 1, whereby penalties and punishments are prescribed for Dark Pattern practices reported till date. The said Guidelines are newly inducted and hence, are only indicative in nature and do not envisage an exhaustive list of all the Dark Pattern practices which may be devised by online aggregators and advertisers in the future.

Under the current regime, any non-compliance exposes Dark Pattern users to punishments, such as imprisonment for up to 6 months or a fine of up to ₹20 lakh, or both. This is in addition to the pre-existing punishments prescribed under the Consumer Protection Act, 2019 for false, deceptive and misleading advertisements floated around by Dark Pattern which are punishable with imprisonment up to 2 years and a fine of up to ₹ 10 lakh. The stringency of the said punishments increases many folds for Dark Pattern users who are identified as repeat offenders.

Anticipating the insurgency of new Dark Pattern practices in the future, the said guidelines are expected to mitigate such future  practices by empowering consumers, civil society, and market players to report new instances of Dark Patterns, through an institutionalised and automated feedback mechanism, to the Department of Consumer Affairs. The Department, post evaluation, may notify and include the same in Annexure 1 of the said guidelines. This approach endeavours to encourage industry self-regulation with necessary proctoring by the Department of Consumer Affairs and ultimately aims to boost online consumer protection.

The internet is flooded with content aimed at grabbing attention, but there’s a distinction between trustworthy content and manipulative tactics like subscription traps. Legislation like the Information Technology Rules of 2011 and the Digital Personal Data Protection Act of 2023 prioritises obtaining informed consent before collecting sensitive personal data. 

To mitigate such unwarranted collection of data legislations, like the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 are enacted which specifically mandate the requirement of a user’s informed consent before their sensitive personal data is collected.

Similarly, the newly enacted Digital Personal Data Protection Act, 2023 places importance on obtaining explicit consent from the Data Principal before processing such data. Implicit or opt-out consent which lacks a clear, positive, and affirmative action is not considered valid under these regulations. 

The Global trend towards prioritising a user’s free and informed consent is evident in data protection laws worldwide. For instance, in the US, the California Consumer Privacy Rights Act, 2020, and the California Consumer Privacy Act, 2018 and in the EU, legislations such as the General Data Protection Act, the Digital Services Act, the Digital Markets Act, and the Unfair Commercial Practices Directive recognize dark patterns and discourage their usage by rendering consent obtained through them invalid, which in turn, provides safeguards against such manipulative tactics online.

Notably, the French Data Protection Act resulted in a €8 million fine on Apple for implementing the ‘personalised ads’ setting as the default without prior consent thereby making it challenging to change the setting through multiple steps. Another such instance of dark patterns is observed on the online platform of an e-Commerce Giant which makes it challenging for a user to disband its account once created, thus creating a vicious trap. 

In conclusion, despite the enactment of the Digital Personal Data Protection Act in 2023, there is still a notable gap in safeguarding against Dark Patterns. The Act does not directly address the interfaces or designs utilised by Dark Patterns operators, who often manipulate user experience under the pretext of creative freedom. Consequently, such designs evade classification under deceptive advertising or personal data piracy, highlighting the need for further regulatory measures.

—The authors; Juhi Khanna, is Senior Associate in the Corporate and Commercial practice, and Manbhar Mittal and Aman Jhawar, are associates in the Dispute Resolution & ADR practice, at law firm Gravitas Legal.   

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

Cyber attacks in healthcare — here’s the deadly war the world doesn’t talk about, yet 

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

A more silent war has been going on for quite a while, under our radar. It is not televised, and images of ruin and human suffering have not yet surfaced, its soldiers and weapons unseen. And yet, it’s very dangerous, affecting more and more people around the world- millions at a time, to be exact. 

Cyber warfare has become one of the most dangerous means of war, in accordance with the technological advances of our time. Countries and governments, or hacker groups who act in their name, carry out such attacks cheaply and discreetly. As more and more aspects of our lives become digitalised, the impact cyber-attacks have on us simultaneously increases. Worryingly enough, the healthcare sector is hit hardest, as it can kill. It’s no more about data breaches, it’s about human lives.

2023 has been the worst year ever recorded globally for cyberattacks aimed at healthcare organisations, with no less than 116 million human beings affected in the US only, this being more than double than in 2022, and many more worldwide! Just to name a few; 7 million patients of Delta Dental of California were warned their data was stolen and possibly manipulated in June 2023.

In Seattle’s Fred Hutch cancer centre, some 800,000 people’s data was stolen and access disabled, and a ransom of $50 per patient was demanded for the removal of a single person’s details. In May 2023, 2.5 million patients of Louisville’s Norton Healthcare were also victims of a similar attack.

HCA Healthcare, the US largest for-profit hospital system, reportedly suffered a “theft” of health data affecting as many as 11 million patients. Just last month, Ardent Health Services said it suffered a ransomware attack. The system, which operates 30 hospitals in six states, said hospitals have had to postpone elective surgeries and temporarily divert services.

These attacks aren’t exclusive to the USA; German hospital chain KHO has reported that three of its hospitals were victims to such ransom cyber-attacks, leading to the hospitals’ entire computer systems being shut, with patients having to be transferred to other institutions, as their medical data became inaccessible.

The European Union Agency for Cybersecurity (ENISA) published its first-time report on healthcare cyber-attacks, based on data collected between 2021-2023. It’s conclusions are astounding; the majority of the attacks were targeting healthcare providers and hospitals, 53% and 42% respectively. 46% of the total incidents targeted healthcare data, 83% were financially motivated, and 10% had ideological motivation. 22% of the attacks disrupted the actual delivery of healthcare services to patients.

Also Read: What makes cyber shields indispensable in India?

India is also facing a sharp rise in cyber-attacks. 2022 already saw a rise of 24% in cybercrime; the NCRB states that 64.8% of the cybercrimes were fraud motivated, followed by extortion (5.5%), and sexual exploitation (5.2%). Data for 2023 is as worrisome – an astonishing 10,319 crore was lost to online frauds across the sub-continent between April 2021- December 2023 only, with Delhi leading with the highest per capita cybercrime complaints in India in 2023.

Last year’s G20, which was hosted in India, was also a target for cyber-attacks;  Multiple government and law enforcement websites were attacked by different cyber groups. The official G20 website was also a target, and a distributed denial of service (DDoS) was launched against it. Statista released their report in December 2023, and claimed that the IT, Healthcare, Manufacturing and Finance sectors were most likely to be targeted, and that only as low as 24% of all Indian companies were adequately prepared to take on cyber-attacks. 

India’s healthcare sector has specifically been hit hard with India’s top institutions such as the All India Institute of Medical Sciences (AIIMS), the Indian Council of Medical Research (ICMR), and corporate drug makers like Sun Pharmaceuticals  been attacked. (ICMR)  potentially suffered the largest data breach in Indian history, exposing the personally identifiable information (PII) of 81 crore Indians, while AIIMS,  suffered a loss of 1.3TB data containing 40 million records back in November 2022. Cybercrime involving large health institutions is becoming more complex and multi-layered.

Ransomware groups are currently infiltrating software and encrypting networks  mostly seeking payments from hospitals and other healthcare providers to restore access to networks. Attackers further also simply steal patient records as well. They simultaneously exfiltrate data and hold it for ransom as well, commonly referred to it as the double-layered extortion. This is outright warfare.

We might not intuitively treat it as such, but it may be time that we do so. Millions of people affected, their private data stolen, possibly manipulated and often made inaccessible to their healthcare providers, unless paid for. This directly impacts patients privacy, safety and more importantly medical outcomes. When they attack a hospital, they are sometimes shutting down life critical systems, from diverting ambulances to sabotaging ICU systems and more. 

In turn, medical institutions are less trusted by the people, consequently affecting public and private healthcare services of all kinds. Such attacks are also known to have broader psychological impact, considering how unsuccessful governments and institutions have been so far in dealing with such attacks, and preventing them from happening.

Why fight army to army, spend billions of a country’s defence budget, when you can cost-effectively, remotely play with people’s lives, or at least set whole nations on a medical and psychological frenzy?! Just imagine a family member of yours who is allergic to a number of medications. Not having access to his medical records would mean a doctor won’t necessarily know this life-saving information.

If governments, and healthcare providers of all kinds fail to address this new war and implement effective responses, these attacks will become deadlier over time, not just resulting in financial losses and psychological distress, but in many human losses.

Not far are the days in which robotic surgeries will be disrupted, patient monitoring in acute care settings will deliver false data, diagnoses alongside e-prescriptions manipulated and patient data not only publicly exposed but sold and leveraged against innocent people for political or intelligence gains; all resulting in loss of health and life. With global geopolitical instability and a few proxy wars already going on, cyber warfare, might just be our next pandemic. AI may be part of the solution, but is also clearly part of the problem, fueling the capabilities and increase in cyberattacks. 

We must address this issue strategically and publicly, and work to create a global coalition to find solutions to this pressing threat, before hacktivists, extremists or other terrorist groups turn medical cyber into one of their most attractive and borderless methods of war. Healthcare service providers of all kinds must prioritise cybersecurity, now.

It’s not just a financial matter; it’s about saving human lives.

—The author, Sigal Atzmon, is Founder and CEO of Medix Global, and a thought leader and influencer. The views expressed are personal. 

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow