Naavi.org

The IDPS 2025, Bengaluru was successfully concluded yesterday, on September 17, 2025.

Some pictures of the event are found below.

Vice Chancellors of Ramaiah University of Applied Sciences, Mr Raina and  Ex Vice Chancellor of Bengaluru University Mr Venugopal, watering the plant as a symbolic gesture for inaugurating the program.

Book titled “Taming the twin challenges of DPDPA and AI with DGPSI-AI”, by Naavi being released by the august guests consisting of Retired Justice Sri Subhash Adi in the presence of Vice Chancellor of RUAS, Mr Raina, Ex-Vice Chancellor if Bengaluru University Mr  Venugopal, and Directors of FDPPI.

Members of Panel 1 in discussion

Members of Panel 2 in discussion (Moderated by Nagaraj BS)

Members of Panel 3 in discussion

Members of Panel 4 in discussion. (Moderated by Naavi)

(More pictures will be posted later)

On September 27, the Chennai leg of IDPS 2025 will be conducted at the MMA auditorium, in Thousands Lights, Chennai. Watch out for further information.

Data Protection Experts discuss the impact of DPDPA and Artificial Intelligence at Bengaluru

M S Ramiah Campus in Mathikere-Yashwantpura will be a witness to an interesting one day seminar on 17th September 2025 under the theme “Bracing the Impact of twin Challenges of DPDPA and AI”
The is event jointly organized with the Foundation of Data Protection Professionals in India (FDPPI) and MSR School of Law and supported by FICCI, Bengaluru. Several industry experts will congregate as speakers and delegates to discuss the impact of the impending notification of the new law namely Digital Personal Data Protection Act 2023 (DPDPA 2023).
With Artificial Intelligence usage sweeping across the industry at the same time, compliance to DPDPA given the unprecedented penalties in the range of Rs 250 crores plus has become a huge challenge.
The event will be inaugurated by Retired Justice Sri Subhash B Adi. Former Vice Chancellor of Bangalore University namely Dr K R Venugopal will give a key note address. Dr Kuldeep Kumar Raina , Vice chancellor MSR University will preside. Dr V Vijayakumar, Advisor MSR School of law will provide an overview of the global environment in data protection.
The event will witness discussions on the current status of the Indian law on Data Protection, the global laws of Data Protection and AI regulation and Technical challenges posed by AI in compliance of DPDPA. The seminar will also discuss the Corporate Governance strategies for compliance, and sectoral challenges.
During the event, FDPPI will present a framework for compliance titled DGPSI-AI for “Taming the Twin challenges of DPDPA and AI”. A book of the same title authored by Naavi, the pioneer in the field will also be released.
The event will be held between 9.00 am and 5.00 pm. More details of the event will be available at www.idps2025.in.

High Court on 10th September 2025  directed the State government to establish a fully functional and empowered Cyber Command Centre (CCC) to address the menace of digital crimes. It is stated that cyber crime complaints are now about 20% of the complaints  received by the Police in Karnataka.

This has been a long felt need often recommended by the undersigned in the early years of Cyber Crime Police station and now the Court under Justice Nagaprasanna has issued an order to set up the  centre and also added that the officials posted in this centre should not be frequently transferred.  Court has also mentioned that political interference should be  avoided.

The Court directed that all Cyber Crime investigations should be consolidated with the CCC to ensure uniformity, expertise and accountability. The control of CCC will rest with a separate DIG and move away from CID. For the time being  it will function from the CID premises but all the 43 Cyber Crime Police stations in the State.

Following the order, the government has re-designated a senior IPS officer of 1994 batch – DGP, Internal Security Division (ISD), Police Computer Wing (PCW) and Cyber Crime & Narcotics (C&N), Pronab Mohanty as DG, Cyber Command. This will be the first such unit in India.

The CCC will have four  wings namely

1. Cyber Crime Wing – Handles complaints, registers cases, and investigates cyber fraud, financial scams, and hacking incidents.
2. Cyber Security Wing – Tracks and prevents hacking of bank accounts, social media, and critical software systems.
3. IDTU Wing (Information, Detection, Tracking Unit) – Focuses on tracing cybercriminals through IP addresses, geolocation, and data sourced from social media platforms.
4. Training, Capacity Building & Awareness Wing – Provides advanced training for cyber officers, enhances technical skills, introduces new technologies, and runs public awareness programs for citizens and students.

These developments followed a petition filed in December by a company, Newsspace Research and Technologies Pvt. Ltd., against some of its former employees  for allegedly stealing the confidential data.   In the past there have been several such complaints but the Judge in this case, honourable Justice Nagaprasanna and set up an SIT for investigation which has now evolved as the CCC.

The credit goes to the Judge and not to the political leadership of the State.

We suppose such CCCs will emerge in all other states and eventually, a National CCC should evolve taking Cyber Crime investigation and prosecution to a different level.

Hope Mr Amit Shah takes note of this developments and encourages  other states to follow the example.

Naavi

Every day we get some new development in the AI world. We are all enthusiastic about the potential of AI in increasing the productivity of our  organizations. Many SMEs/MSMEs and perhaps even the bigger organizations are restructuring their manpower  to use AI for reducing the costs. Some believe that AI agentic force can replace whole teams of employees for a given task.

The capability of AI is certainly visible in accomplishing some of our routine tasks in fraction of seconds.

However another risk which we are viewing is the tendency of some of the employees to jump the gun and start using AI tools for improving their personal productivity creating their own personal AI agents. Some employers may be encouraging this and some may not even be aware.

This BYOAi or Bring your own AI tendency which is some times referred to as Shadow AI is a new threat vector for organizations.

While we at  FDPPI are launching DGPSI-AI as an extended framework of DGPSI to assist organizations to mitigate the AI risk, it is necessary to first appreciate the extent of AI risks that is silently overcoming us.

In a recent compilation by an  AI enthusiast Mr Damien R Charlton, more than 358 legal cases involving AI hallucinations were tracked . This included 227 cases in USA, 28 each in Israel and Australia. At a  time when many were arguing that Courts can be replaced with AI and the AI tool is more honest than the dishonest Judiciary, the recent developments in observed hallucinations and rogue behaviour of AI have driven home a sense of caution.

A detailed analysis of these 358 cases is required to be attempted separately. But monetary sanctions have been indicated in many cases though the amount is only in thousands and not reached the millions and billions of dollars seen in GDPR and Competition Acts around the world. There have been public reprimand and warnings in most cases.

The highest penalty appeared to have been levied in the “Crypto open patent Alliance v Wright” amounting to 100,000 GBP stating “documents, which .. bore the stamp of having been written using an AI engine, contained a series of falsehoods,”

There were several other penalties such as  GBP 24727 imposed in the Bandla V Solicitors Regulation Authority  ,( UK High Court, 13th May 2025) , USD 31100 in USD in Lacey V State Farm General Insurance  (California District Court, 6th may 2025)  7925  In re Boy, Appellate, ( Court of Illinois, July 21, 2025) both for filing fabricated case laws.

These indicate that AI does lie and fabricate outputs and develops content which is not reliable in responsible usage. Hence placing reliance on  AI is extremely risky and replacing humans with AI an unwise move.

It is for this reason that DGPSI-AI considers AI risk is an “Unknown” risk and should be considered as Significant risk. All users of AI for personal data processing should be considered as “Significant Data Fiduciaries”. They need to designate DPOs, Do a DPIA and organize an annual data audit.

Considering these developments and unstoppable growth of AI, data auditors in India need to equip themselves with not only the knowledge of DPDPA but also of AI to some extent atleast to detect the use of AI and collect evidence of human oversight, possible hallucination etc. The data auditors need to also verify if any of the employees or their own use AI. In the Ethical declarations signed by employees, a disclosure of such usage should also be considered mandatory.

Naavi

FDPPI is launching the IDPS 2025, the flagship event of FDPPI on September 17, 2025

As a prelude to the conference and to ensure that all participants will get refreshed on on the underlying legal and technical background information, FDPPI is organizing a complimentary virtual program “Master Class on DPDPA and Introduction of AI to business Managers” tomorrow.

The program for September 12 is as follows.

Joining link has already been forwarded to all those who have registered for IDPS 2025-September 17 through the registration process.

If any others would like to register for IDPS 2025 now, they can do so at the above link. If any body wants to join the September 12th event as a special guest of FDPPI, they may contact us with their request.

We look forward to interacting with you both on September 12th and September 17. Event of September 17 will be a physical event which will happen in the MSR Institute’s auditorium and will be co-hosted by MSR School of Law and supported by FICCI.

Naavi

Our partners for IDPS 2025