AI Liability in Corporate Decision-Making: Legal Challenges in India
- Admin
- Jun 5
- 5 min read
Updated: Jun 28
Author: Dristi Thapa
Final Year Law Student, IMS Unison University, Dehradun.

Abstract
The increasing reliance on Artificial Intelligence (AI) in corporate decision-making has reshaped governance, compliance, and operational strategies across industries. However, this rapid technological integration has outpaced the evolution of legal frameworks in India. The absence of a dedicated AI liability regime creates significant uncertainty in determining responsibility when algorithmic decisions result in harm.This paper critically analyses the adequacy of existing Indian laws—including the Information Technology Act, 2000[1], Companies Act, 2013[2], Consumer Protection Act, 2019[3], and the Digital Personal Data Protection Act, 2023[4]—in addressing AI-related liability. It further examines the applicability of traditional doctrines such as negligence, vicarious liability, and corporate criminal liability in the context of autonomous systems. By incorporating comparative perspectives and real-world corporate examples, the paper highlights regulatory gaps and proposes a structured framework for AI governance in India.[5]
Keywords
Artificial Intelligence, Corporate Liability, Algorithmic Governance, Indian Legal Framework, Negligence, AI Regulation
1. Introduction
Artificial Intelligence is no longer confined to experimental or peripheral applications; it now occupies a central role in corporate decision-making. From automated hiring systems and credit scoring algorithms to predictive compliance tools, AI has become integral to modern corporate governance. Yet, the increasing autonomy of such systems raises a fundamental legal question: who is liable when an algorithm makes a flawed or harmful decision?
Traditional legal frameworks are rooted in human agency, where liability is attributed based on intent, knowledge, or negligence. However, AI systems operate through complex data-driven processes that often lack transparency, thereby challenging established principles of accountability. This disconnect between technological capability and legal doctrine necessitates a re-examination of existing laws in India.
2. Evolution of AI Regulation in India (2020–2026)
India has adopted a cautious and policy-driven approach to AI regulation. The government’s early initiatives, including the National Strategy for Artificial Intelligence by NITI Aayog,[6] focused on promoting innovation while emphasising ethical considerations.
Subsequent developments, particularly between 2023 and 2026, reflect an increased regulatory awareness. The Digital Personal Data Protection Act, 2023[7], marked a significant step in addressing data governance. Additionally, government advisories on responsible AI and platform accountability have indicated a shift toward stricter oversight.
However, these measures remain fragmented and largely non-binding, highlighting the absence of a comprehensive statutory framework governing AI liability.
3. Existing Legal Framework
3.1 Information Technology Act, 2000
The Information Technology Act [8]remains the cornerstone of India’s digital regulatory framework. Section 79 provides safe harbour protection to intermediaries, subject to due diligence requirements.In the context of AI, this provision raises critical questions regarding whether corporations deploying AI systems can claim immunity when harm results from autonomous decision-making.
3.2 Companies Act, 2013
The Companies Act imposes fiduciary duties on directors, including the duty to act with care, skill, and diligence. However, the statute does not explicitly address reliance on AI systems, creating ambiguity in determining whether directors can delegate decision-making to algorithms without incurring liability.
3.3 Consumer Protection Act, 2019
The Act introduces product liability provisions that may extend to AI-driven products and services. Where an AI system causes harm, courts may need to determine whether the defect lies in its design, training data, or implementation.
3.4 Digital Personal Data Protection Act, 2023
While this Act regulates data processing, it does not address issues such as algorithmic transparency, bias, or accountability, all of which are central to AI liability.
4. Doctrinal Analysis
The doctrine of negligence continues to play a pivotal role in determining liability. Courts may evaluate whether corporations exercised reasonable care in deploying AI systems and whether the resulting harm was foreseeable.The landmark case of Donoghue v Stevenson[9]established the modern principle of duty of care. This principle may be extended to AI developers and corporate users where harm is reasonably foreseeable.
Similarly, the concept of corporate criminal liability was elaborated in Iridium India Telecom Ltd v Motorola Inc[10], where the Supreme Court recognised that corporations can possess criminal intent through their agents. However, this framework struggles to accommodate AI systems that lack intent or consciousness.
Product liability principles, as seen in Grant v Australian Knitting Mills[11], may also be adapted to AI contexts, particularly where defective algorithms cause harm.
5. Real-World Corporate AI Liability Issues
Practical examples illustrate the complexity of AI liability. The hiring algorithm developed by Amazon, which was found to exhibit gender bias, highlights how AI systems can produce discriminatory outcomes.Similarly, the COMPAS algorithm used in the United States for criminal risk assessment raised concerns about racial bias and lack of transparency. These examples demonstrate that AI systems can perpetuate systemic biases, raising serious legal and ethical concerns.
6. Key Legal Challenges
One of the most significant challenges is the attribution of liability within a multi-stakeholder ecosystem. AI systems involve developers, corporations, and data providers, making it difficult to identify a single responsible party.
The lack of explainability further complicates liability. Many AI systems operate as opaque “black boxes,” making it difficult to establish causation or prove negligence.
Additionally, the absence of legal personhood for AI systems prevents direct attribution of liability. As a result, responsibility must be assigned to human or corporate actors, often leading to gaps in accountability.
7. Comparative Perspective
The European Union has taken a proactive approach through its AI regulatory framework, adopting a risk-based model that imposes stricter obligations on high-risk AI systems.
In contrast, the United States follows a sectoral approach, relying on existing laws and regulatory agencies.
India’s current approach remains largely policy-driven, underscoring the need for a more structured and enforceable regulatory framework.
8. Recommendations
India must adopt a comprehensive AI legislation that clearly defines liability and accountability across the AI lifecycle. Such legislation should incorporate mandatory standards for transparency, auditability, and bias mitigation.
Corporate governance frameworks should be updated to address AI-assisted decision-making, providing clarity on the responsibilities of directors.
For high-risk AI systems, a strict liability regime may be appropriate to ensure effective compensation mechanisms. Additionally, the establishment of a dedicated AI regulatory authority could enhance oversight and enforcement.
9. Conclusion
The integration of AI into corporate decision-making represents a transformative shift that challenges traditional legal principles. While existing Indian laws provide a partial framework, they are insufficient to address the unique characteristics of AI systems, particularly their autonomy and opacity.
A forward-looking regulatory approach, combining legislative reform with doctrinal evolution, is essential to ensure that technological innovation is balanced with accountability and legal certainty.
Bibliography / References
Statutes
Companies Act, 2013 (India).
Consumer Protection Act, 2019 (India).
Digital Personal Data Protection Act, 2023 (India).
Information Technology Act, 2000 (India).
Cases
Donoghue v Stevenson [1932] AC 562 (HL).
Grant v Australian Knitting Mills Ltd [1936] AC 85 (PC).
Iridium India Telecom Ltd v Motorola Inc (2011) 1 SCC 74.
Reports, Policies and Government Documents
NITI Aayog, National Strategy for Artificial Intelligence.
Ministry of Electronics and Information Technology (MeitY), Government advisories and policy papers on responsible AI and digital governance.
European Parliament, Artificial Intelligence Act (2024). Available at European Parliament.
Journal Articles and Secondary Sources
Andrew Tutt, ‘An FDA for Algorithms’ (2017) 69 Administrative Law Review 83.
Ryan Calo, ‘Artificial Intelligence Policy: A Primer and Roadmap’ (2017) 51 UC Davis Law Review 399.
Frank Pasquale, The Black Box Society: The Secret Algorithms That Control Money and Information (Harvard University Press 2015).
Stuart Russell and Peter Norvig, Artificial Intelligence: A Modern Approach (4th edn, Pearson 2021).
Surden Harry, ‘Artificial Intelligence and Law: An Overview’ (2019) 35 Georgia State University Law Review 1305.
[1]Information Technology Act, 2000
[2]Companies Act, 2013
[3]Consumer Protection Act, 2019
[4]Digital Personal Data Protection Act, 2023
[5]NITI Aayog, National Strategy for Artificial Intelligence (2018).
[6]NITI Aayog, National Strategy for Artificial Intelligence (2018).
[7]The Digital Personal Data Protection Act, 2023
[8]The Information Technology Act
[9]Donoghue v Stevenson
[10]Iridium India Telecom Ltd v Motorola Inc,
[11]Grant v Australian Knitting Mills
Note - The information contained in this blog is for general informational purposes only. We endeavour to keep all content accurate, updated, and free from any form of misinformation or objectionable material. However, we shall not be responsible for any claims arising out of copyright infringement, plagiarism, or related issues; such responsibility lies solely with the respective authors.
If you find any misinformation or objectionable content on this website, please report it to us at: editors.ilw@gmail.com
