Powered by: Motilal Oswal
2025-08-08 09:49:16 am | Source: IANS
IAMAI seeks amendment to use publicly available personal data for AI training
IAMAI seeks amendment to use publicly available personal data for AI training

The Internet and Mobile Association of India (IAMAI) on Thursday requested the Centre to remove legal barriers to using publicly available personal data for training or fine-tuning of AI models. 

The industry body pointed out that it is impractical for AI companies to verify if all publicly accessible personal data was voluntarily provided by users. As of now, data protection rules mandate that AI companies should determine if the data available on public platforms is voluntarily provided by the user.

If a user publicly shared personal data to comply with a legal obligation, it may be re-shared online by others without the user's consent, making it difficult for AI companies to determine the user's consent, the IAMAI pointed out.

IAMAI requested an amendment to the Digital Personal Data Protection Act, 2023 (DPDP Act) to this effect. "Union Government might, as an interim measure, consider exempting data fiduciaries from the DPDP Act’s provisions if they are processing personal data solely for training or fine-tuning of AI models," the release said.

Ambiguities in the DPDP Act on the processing of publicly available personal data might pose practical challenges for AI companies, particularly those using large datasets for training their models, the IAMAI told the Ministry of Electronics and Information Technology (MeitY).

Restrictions on access to publicly available personal data would impose undue compliance burdens on AI companies, hinder technological progress and the realisation of AI's potential. Such limitations would disproportionately affect startups and smaller companies developing AI models, the association said.

The DPDP Act is a comprehensive data privacy law to regulate the processing of digital personal data. It balances the rights of individuals to protect their personal data with the need for lawful data processing. It provides a framework to hold data fiduciaries accountable for personal data breaches. Data fiduciaries are required to implement appropriate technical and organisational measures to prevent personal data breaches by taking reasonable security safeguards.

Disclaimer: The content of this article is for informational purposes only and should not be considered financial or investment advice. Investments in financial markets are subject to market risks, and past performance is not indicative of future results. Readers are strongly advised to consult a licensed financial expert or advisor for tailored advice before making any investment decisions. The data and information presented in this article may not be accurate, comprehensive, or up-to-date. Readers should not rely solely on the content of this article for any current or future financial references. To Read Complete Disclaimer Click Here