Naavi.org

I came across an interesting Linked in post today. I could have just given a link to the post and moved on. But I felt that it is better to reproduce the entire post just to ensure that readers donot miss the essence of this post…It  requires guts to write such posts and I appreciate Mr Nicholas P for  his post. (I hope Mr Nicholas has no objection for reproducing his post here)

Quote:

When a Big 4’s own AI report is filled with AI hallucinations – it’s clear the standards need to catch up.
In October 2025, KPMG published a glossy report about the miracle of agentic AI, and last week was exposed for hallucinating the very thing it was selling.
Forty of forty-five citations were fake, half the claims were invented, and the report contradicted KPMG’s own survey numbers – even citing a 2019 East Japan Railway press release as evidence of agentic AI, blowing enough smoke to give a new definition to full steam ahead.
We’ve seen this movie before, and it ended with everyone else footing the bill. Deloitte fed AI hallucinations into a government report, cut a refund, and walked – except a refund doesn’t un-spend the taxpayer money, doesn’t un-make the decisions built on the fiction, and teaches every firm watching that the cost of getting caught is pocket change.
KPMG, in a way, sold trust. A global concrete icon – a hundred and thirty years old, a quarter-million people across a hundred and forty countries, four letters that meant a banker in Frankfurt could believe a ledger in Singapore without ever shaking the hand that wrote it.
Trust is a belief about a partner’s goodwill; assurance is what you sell when that belief is gone – and it only works if you can still trust the firm selling it, which is seemingly a loan the Big 4 are starting to default on.
Buried in the report, KPMG found that integrity was the number-one driver of “customer loyalty”. A belly-chuckle of a finding, dripping with irony, 8 months before its own integrity disintegrated in public. And somewhere down the line, everybody will be asking:
What exactly were we paying for when we said we were buying trust?

Unquote

What Mr Nicholas has written applies to all consultants including Naavi and FDPPI. When we use AI for assistance, we should ensure that we keep our human control in tact. If not, we will churn out decisions which to our customer’s look like a human decision but it actually is an AI output passed through a human zombie.

We have been discussing the use of AI in Judiciary for the last week and in the last article we have debated about how to identify AI before we regulate them. The biggest challenge here is to identify AI elements “embedded” in what appears to be permissible software tools because we donot know what libraries are called in the background and where an AI hallucination can sneak in.

We have found that many companies have a blind faith in Big4 and pick them in preference to others because of the reputation which the Directors feel will cover up for their inability to understand the task. They trust the Big4 as if what ever they say is the truth. Even the Government agencies may have a similar inclination.

The article of Mr Nicholas exposes how hollow this trust is since what they may receive as consultancy may not be the brilliance of the persons who come to present their recommendations and carry IIT or IIM degrees  but the hallucinated AI outputs.

When companies invest in such services and further depend on them for their business, the shareholders have the right to ask them if the Board of Directors are really doing their job or they have to be replaced by an AI board (remember Mika of Dictador or Diella of Albania). We have of often quoted these innovative use of humanoid robots with “Sophia” the humanoid robot which got citizenship of Saudi Arabia as questionable decisions.

But on second thoughts it appears that Sophia decision is relatively less risky than Mika which  is less risky than Albania. This is because the decision making capacities are different in different models. Mika can hallucinate and ruin the company and Diella can hallucinate and ruin a country. May be Sophia is less powerful.  But all these are examples which we in India need to learn before we reflect on ET recommendation that Companies should install an AI agent for DPDPA compliance.

There is a need to adopt a policy of “Restrained Innovation” and not pursue “Innovation over Restraint” which is advocated by technology companies and often endorsed by NASSCOM and MeitY.

Unless a user of AI is able to read and understand every line of text created by an AI generative system, he will be inviting a trap when he uses AI either to write a software code or to draft a pleading in a Court or to write a consultation report on a project.

Directors need to have the ability to ask the right questions to the consultants before accepting their reports. In a  recent discussion at AIDAI (Association of Independent Data Auditors) we discussed the need for

a) Scope of a DPDPA audit to be written independently by some body other than the auditor or the company.

b) Peer reviewing a DPDPA compliance audit report.

These are principles of “Independence” incorporated in AIDAI Code of Conduct for their empanelled Auditors that distinguishes AIDAI from any of the Big4 or other auditors.

Companies who are looking for DPDPA auditors should therefore factor in the expertise available in AIDAI at least for a “Review of an Audit” already done even if it is by a Big 4.

Naavi is in the process of developing a “DGPSI Framework for Review of  a DPDPA Audit”. Perhaps it will be discussed in the next CIDA (Certified Independent Data Auditor)  training.

Hope companies who have done their present DPDPA gap assessment from a Big4 should think of a “Review” with AIDAI empanelled Independent Data Auditors who are not aligned even with NASSCOM and are not under the influence of NASSCOM controlling Big Tech  Companies.

Ponder….

Naavi

Following the comparison of AI definition in the Supreme Court AI framework and the DGPSI definition a need for refinement of the AI definition for DGPSI auditors has arisen.

At present, the DGPSI definition of AI followed the description provided under this article” Defining  of AI: DGPSI approach” . Now the revised thought is as follows.

The objective of the revised DGPSI definition presented here is designed to keep the framework’s distinctive strength , that it triggers on the loss of human control rather than on a list of technical features , while curing the four ambiguities the earlier analysis identified: the undefined “acceptable threshold,” the mismatch between the control-based headline and the capability-based classes, the unstated relationship between the classes, and the “code-correcting” literalism.

Proposed definition

Core definition (the gate). An AI System is an automated data-processing system that, for a given input, produces decisions, predictions, recommendations or content which are not fully pre-determined by explicit human-authored instructions, because the system derives or adapts its own processing logic from data, models or probabilistic methods.

Accountability threshold (when the Standard applies). A system within the core definition is governed by this Standard where the degree of meaningful human intervention in either (a) the formation of its output, or (b) the application of that output to a decision affecting a person or a business or legal outcome, falls below the accountability threshold.

The deployer shall define and record the accountability threshold for each system in its risk documentation. In the absence of such a record, or where the system exhibits any characteristic in Classes 1 to 3 below, the threshold is presumed to be crossed and the system is treated as an AI System requiring governance.

Classes. The three classes are independent risk vectors, not an ascending scale, and are not mutually exclusive; a system may fall within more than one, in which case the obligations attaching to each apply cumulatively. Governance intensity (Low / Medium / High / Critical) is fixed by the risk tier, not by the class number.

• Class 1 — Adaptive (self-learning) systems: a system that alters its own decision behaviour — by adjusting parameters, weights, rules, embeddings or operative prompts — without a human developer revising the underlying logic for each such change.
• Class 2 — Autonomous-action (automated-decision) systems: a system whose output is implemented, or applied to a decision affecting a person or a business or legal outcome, without a human being able to review and override that specific output before it takes effect.
• Class 3 — Generative and affective systems: a system that generates novel content (including text, images, audio, video or code), or that infers, simulates or responds to human emotional or behavioural states.

Interpretation. A system falls within this Standard on either of two independent grounds: because human control has dropped below the threshold (the control ground — Classes 1 and 2), or because the system possesses capabilities that generate unknown or emergent risk irrespective of human control (the capability ground — Class 3).

Either ground is sufficient on its own.

How this corrects each ambiguity

• Undefined “acceptable threshold.” The threshold is no longer left floating. It is made procedurally determinate — the deployer must define and document it per system — and is backed by a default presumption: if it is undocumented, or any class characteristic is present, the threshold is deemed crossed. This also dovetails with DGPSI’s existing Deviation Justification Document discipline.
• Headline-versus-classes mismatch. The definition now openly rests on two grounds rather than pretending everything reduces to “human intervention below a threshold.” Classes 1 and 2 carry the control axis; Class 3 is expressly placed on a separate capability axis, with the note that its inclusion “does not depend on any reduction in human intervention.” The earlier slippage is resolved by acknowledging it rather than papering over it.
• Relationship between classes. It is now stated that the classes are independent, overlapping and cumulative, and that the number denotes risk type, not severity — so an agentic generative tool that is Class 1 + 2 + 3 attracts the combined obligations, and severity is read off the separate risk tier.
• “Code-correcting” literalism. Class 1 now refers to a system altering its “decision behaviour — by adjusting parameters, weights, rules, embeddings or operative prompts,” expressly not limited to rewriting source code. Conventional machine learning, which changes weights rather than code, is now plainly captured.

Short-form version (for the body of the Standard)

An AI System is an automated data-processing system whose decisions, predictions, recommendations or content are not fully pre-determined by explicit human-authored instructions. It is governed by this Standard where meaningful human intervention in the formation or application of its output falls below a deployer-documented accountability threshold — which is presumed crossed where the system

(1) adapts its own decision behaviour without per-change human revision,

(2) applies a decision affecting a person without a human able to override the specific output, or

(3) generates novel content or infers or responds to human emotional or behavioural states.

A useful by-product: the core definition sentence now mirrors the OECD / EU AI Act / draft Supreme Court descriptive boundary, so the revised DGPSI definition is interoperable with the Court’s definition.

Comments welcome.

(P.S: This revised definition of AI does not affect the DGPSI-AI framework implementations. Kindly note that SCAIF defines the Algorithmic Software a term used in DGPSI rules and hence there is a need for integration of the two definitions.)

Naavi

For Better clarity kindly listen here: and  View the following Video overview

This is in further continuation of the discussion on the Supreme Court AI regulations (Draft)

In the Supreme Court draft regulations on AI usage, AI has been defined as

“a machine-based system that infers, learns, and generates decisions, predictions, and recommendations from data, with a varying degree of autonomy, such as, algorithms, computational processes, and software, deployed for court processes, excluding general-purpose software or digital tools, unless such software or tools are specifically embedded with, augmented by, or functionally dependent upon, artificial intelligence”.

DGPSI has used the definition as follows

“Definition of AI under DGPSI AI is a class of automated data processing system where the human intervention in decision output and application of decision to a business decision is below an acceptable threshold. In order to define the threshold, three classes of AI are recognized as part of the definition.

Class 1: Any software that has a Code correcting ability without the intervention of a human developer to generate an output is considered as an AI system-Class 1.

Class 2: Any AI system that automatically implements a decision affecting a human is considered as AI system- Class 2

Class 3: Any system that reacts to the human emotions, capable of creative outputs, including generative AI and is considered as AI system- Class 3″

If wee try to analyse these two definitions we find that

These two definitions are worth examining closely because they belong to two different definitional traditions, and the contrast explains a great deal about how each instrument intends to regulate.

The Supreme Court definition answers an ontological question — “what kind of thing is an AI system?” — and answers it descriptively, by listing capabilities.

The DGPSI definition answers a regulatory question — “at what point does a system require the safeguards that attach to AI?” — and answers it by reference to the displacement of human control.

The first draws a boundary around a category of technology; the second draws a boundary around a category of risk. This is the single most important difference, and almost every other contrast flows from it.

Supreme Court Definition

The Court’s wording is plainly modelled on the OECD’s revised AI definition and Article 3(1) of the EU AI Act — “a machine-based system,” operating “with a varying degree of autonomy,” that “infers, learns, and generates” outputs from data.

Adopting this lineage aligns Indian judicial practice with the emerging global consensus, makes the definition defensible against the charge of idiosyncrasy, and eases future interoperability and mutual recognition. The general-purpose carve-out is also understandable as it prevents ordinary word processors, spreadsheets and case-management software from being swept in, while re-capturing them once they are “embedded with, augmented by, or functionally dependent upon” AI.

This is functionally adequate for the purpose of defining AI for the regulation envisaged.

But the definition carries three drafting weaknesses.

First, it is circular: it defines artificial intelligence partly by reference to software being “functionally dependent upon artificial intelligence.” The term reappears inside its own definition, which gives the boundary no independent anchor at precisely the margin where disputes will arise (for example, a case-management system that calls an external AI translation API — is it “functionally dependent”?).

Second, the operative verbs are conjunctive — “infers, learns, and generates.” Read literally, a system would need to do all three to qualify, yet many narrow tools only infer, or only generate, without learning.

The OECD formulation avoids this by using “such as.”

Third, and most consequentially for a court, the listed outputs are “decisions, predictions, and recommendations” — the word content is absent. Generative systems that draft text, summaries or pleadings produce content, and a literal reading could leave the most common form of “judicial-context generative AI”, sitting awkwardly outside the core verb list, to be rescued only by interpretation.

The DGPSI definition: functional and accountability-anchored

DGPSI defines AI as automated data processing “where the human intervention in decision output and application of decision … is below an acceptable threshold.”

This is an elegant regulatory move because it ties the definition directly to the thing the law actually cares about — the point at which a human stops being meaningfully in control.

It coheres tightly with the human-primacy principle in Section 4 of the Court’s own draft and with DGPSI-AI’s second principle (one accountable human behind every algorithm). Where the Court must reach the same result through separate provisions on autonomy, risk tiers and the Regulation 20 prohibitions, DGPSI builds the accountability concern into the definition itself.

To be critical, DGPSI definition poses difficulties  of a different character. The phrase “acceptable threshold” is left to the discretion of the “Auditor” similar to the word “Reasonable” often used in regulations. It may presuppose a standard-setter to fix the threshold, failing which different deployers will draw the line differently.

The three classes are evidently meant to supply that content.

Class 1 (code-correcting without a human developer) and Class 2 (automatically implementing a decision affecting a human) sit naturally on the control axis.

Class 3, however  reacting to human emotions, creative and generative output  is a capability criterion that does not necessarily involve any reduction in human intervention; a generative tool can be fully human-supervised. So Class 3 quietly shifts the basis of the definition. This is to guard the future development of sentient AI systems.

There may be  two other ambiguities. The classes are not obviously hierarchical or mutually exclusive. For example an agentic generative system could be Class 1, 2 and 3 at once, and the framework does not say whether the classes are cumulative or alternative. Hence the highest class has to be adopted in such cases.

Also Class 1’s reference to “code-correcting ability” invites a literalism trap: most machine learning does not rewrite its own code; it adjusts weights and parameters. Read strictly, Class 1 might miss conventional ML and catch only exotic self-modifying systems; read purposively (any self-adjustment without a human in the loop), it is very broad. The intended reading should be stated. The intention is to include any change in code or weightages that can alter future decisions.

How the two map onto each other

The frameworks are complementary rather than contradictory, and they nest reasonably well. DGPSI Class 1 is a concrete instance of the Court’s “learns.” DGPSI Class 2 corresponds to “generates decisions” exercised with autonomy — but note that in the judicial setting this is largely the prohibited zone, since Regulation 20 bars algorithmic adjudication and automated outcomes; Class 2, in courts, mostly describes what is not allowed rather than what is approved. DGPSI Class 3 is precisely the generative/affective territory that the Court’s verb list under-specifies, so it usefully fills the “content” gap identified above.

What this means for the judicial context specifically

The practical test the Court needs is an approval gate: when a vendor seeks clearance under the draft, the committee must decide whether the tool is AI at all, and if so how intensively to regulate it.

For that purpose the Court’s descriptive definition is good at setting the outer boundary but poor at administrability  “functionally dependent upon AI” is hard to certify cleanly.

DGPSI’s class model is the opposite: easier to administer because a vendor can attest “this is a Class 2 system,” but weaker as an outer boundary because of the threshold’s relativity.

The natural synthesis  and this is exactly what the FDPPI submission  recommends for Regulation 3(1)(m),  to keep a descriptive, OECD-aligned definition as the gate, and layer a control-based classification (the Low/Medium/High/Critical tiers, informed by DGPSI’s classes) as the mechanism that sets the intensity of obligations once a system is inside the gate.

The Court defines what AI is; DGPSI explains how much to worry about a given instance.

P.S: This is an academic debate and comments are welcome.

Naavi

More detailed Audio Overview in English

The above Economic Times report on MoSPI’s proposal to treat Data as an Asset provides independent validation of a principle that FDPPI incorporated into DGPSI as early as September 2023, namely that personal data possesses measurable economic value and therefore requires both governance and valuation. The Data Valuation Standard of India (DVSI), developed alongside DGPSI, specifically focused on methodologies for valuing personal information assets and assessing the corresponding liability exposure arising from their misuse, loss or unauthorized processing. (P.S. Under DVSI, we have focussed only on the valuation of Personal Information).

See  the articles here:

The  statement of the Secretary, Ministry of Statistics and Programme Implementation (MoSPI), reported in the above article of  Economic Times, that India is examining the implementation of the United Nations System of National Accounts (SNA) 2025 and exploring the treatment of “Data as an Asset” deserves the attention of every privacy professional, Data Protection Officer and Data Auditor in the country. This follows the CAG indicating the need to represent value of Data in the PSU asset reporting. (Refer  here) 

According to the report, a dedicated sub-committee has been constituted to study the implications of SNA 2025, which formally recognizes data as an economic asset.

Simultaneously, the Government plans to integrate Artificial Intelligence, Machine Learning and Big Data into official statistical systems, establish a National Statistical Business Register, and create interoperable data exchange systems across States and Union Territories.

While this may appear to be a new policy direction, professionals associated with DGPSI (Data Governance and Protection Standard of India) would recognize that the concept of “Data Valuation” has already been embedded within the DGPSI framework as a recommended best practice for DPDPA compliance.

Data Protection and Data Value: Two Sides of the Same Coin

Most organizations approached DPDPA compliance initially from a defensive perspective.

The focus was on:

• Avoiding penalties.
• Managing consent.
• Handling data principal rights.
• Implementing security safeguards.
• Establishing governance structures.

However, DGPSI has consistently advocated that organizations should not view personal data merely as a compliance burden. Personal data is simultaneously:

1. A regulated asset carrying legal obligations.
2. A business asset carrying economic value.

An organization that understands only the compliance dimension of personal data will always see privacy as a cost centre. An organization that understands both compliance and value dimensions can transform privacy governance into a business enabler.

It is for this reason that DGPSI introduced the concept of Data Valuation as part of its governance philosophy.

Why Data Valuation Matters

Traditionally, organizations record physical assets, financial assets and intellectual property assets in their books of account. Yet, in the digital economy, data often contributes more to enterprise value than many tangible assets.

A customer database, behavioural analytics repository, transaction history archive, AI training dataset or reputation profile may represent substantial economic value.

At the same time, these assets also create legal liabilities.

Therefore, a mature governance framework requires organizations to understand:

• What data they possess.
• Why they possess it.
• What value it creates.
• What risks it creates.
• Whether the value generated justifies the compliance costs and associated liabilities.

DGPSI therefore encourages organizations to move beyond data inventory and progress towards data valuation and data risk quantification.

SNA 2025 and the Emergence of a Data Economy

The significance of the MoSPI announcement lies in the fact that the Government is now considering the same issue at the national level.

If data becomes recognized as an economic asset within national accounting systems, several important developments may follow:

• Recognition of data creation as an economic activity.
• Development of methodologies for measuring data value.
• Inclusion of data-related assets in economic productivity calculations.
• New policy frameworks for data sharing and reuse.
• Greater emphasis on data quality, authenticity and governance.

This represents a shift from viewing data merely as information to viewing data as an economic resource.

The transition is comparable to the historical evolution whereby intellectual property moved from being an abstract legal right to a recognized economic asset.

Towards a Data Balance Sheet: Reconciling Data Value and Data Responsibility

Naavi has previously proposed the concept of a “Data Balance Sheet”, under which personal data is represented simultaneously as an economic asset and a corresponding liability within a double-entry governance framework. While still under development, the concept offers a possible bridge between data economics and data protection jurisprudence.

Traditional accounting systems record assets and liabilities arising from tangible property, financial instruments and contractual rights. However, in the digital economy, personal data simultaneously creates value and obligations.

Naavi’s emerging concept of a “Data Balance Sheet” seeks to recognize this duality.

Under this approach:

Personal data under management is recognized as a data asset.

Potential compensation claims, regulatory penalties, reputational damage and remediation costs may also be reflected as contingent data liabilities.

Data quality improvements increase asset value.

Privacy risks, security vulnerabilities and compliance deficiencies increase liability valuation.

Such a model would align naturally with the fiduciary philosophy of DPDPA and could eventually become an important governance tool for boards, auditors and regulators.

The DPDPA Perspective

The recognition of data as an asset must however be approached carefully.

DPDPA 2023 deliberately adopts a fiduciary model rather than a property model.

Under DPDPA:

• The Data Principal enjoys legal rights over personal data.
• The Data Fiduciary receives limited authority to process data for specified purposes.
• The relationship is governed by trust and accountability rather than ownership.

Consequently, recognizing data as an economic asset cannot be interpreted as granting ownership rights for the data fiduciary over personal data to organizations or Governments.

The economic value of data must coexist with the legal rights of Data Principals.

This is likely to become one of the most important jurisprudential debates of the coming decade.

Implications for Data Auditors

The recognition of data as an asset has direct implications for the emerging profession of Independent Data Auditors.

Future audits may need to examine not only:

• Compliance with DPDPA.
• Security safeguards.
• Consent management.
• Data lifecycle management.

but also:

• Data quality.
• Data lineage.
• Data valuation methodologies.
• Data governance maturity.
• AI training data governance.
• Economic impact of data assets.

The Independent Data Auditor of tomorrow will therefore require multidisciplinary competence covering law, technology, governance, statistics and economics.

DGPSI’s Early Recognition

The significance of the present development is that it validates the broader vision underlying DGPSI.

Long before the national statistical system began discussing “Data as an Asset”, DGPSI had already recognized that organizations need mechanisms to assess both the value and risk associated with the data under their control.

The Government’s present initiative indicates that India is moving towards a future where data will be simultaneously viewed as:

• A subject of rights.
• A source of accountability.
• A factor of production.
• An economic asset.

Organizations that have already adopted DGPSI principles will find themselves better prepared for this emerging paradigm.

DGPSI’s approach differs fundamentally from conventional accounting approaches. It treats data valuation not merely as an exercise in asset recognition, but as an exercise in fiduciary governance. The objective is not simply to measure value, but to measure responsibility associated with that value. That distinction would differentiate DGPSI from conventional accounting approaches and strengthen the argument that DGPSI anticipated the policy direction now emerging through SNA 2025.

SNA 2025 recognizes data as an economic asset for national accounting purposes.

DPDPA recognizes personal data as an object of fiduciary responsibility.

The challenge before policymakers is to ensure that the economic valuation of data does not dilute the rights of Data Principals.

However when Naavi’s  concept of Data balance sheet gets developed, the situation may undergo another paradigm shift.

In summary,

The MoSPI initiative should not be viewed merely as a statistical reform. It represents a conceptual shift in the Indian digital economy.

The question is no longer whether data has value.

The question is how that value should be measured, governed, protected and shared while preserving the rights of Data Principals.

As India moves towards implementing SNA 2025 and integrating AI into official statistical systems, the relevance of robust governance frameworks such as DGPSI will only increase.

The future belongs to organizations that can demonstrate not merely possession of data, but accountable stewardship of valuable data assets.

Just as environmental accounting evolved from a peripheral concept into ESG reporting, data valuation may evolve from a governance practice into a mandatory reporting requirement.

The day may not be far when annual reports carry a certified Data Balance Sheet alongside the Financial Balance Sheet, and Independent Data Auditors provide assurance on the value, quality, integrity and compliance status of an organization’s data assets.

If the twentieth century was governed by the Financial Balance Sheet, the twenty-first century may increasingly be governed by the Data Balance Sheet.

Naavi

To all AI experts

I request all readers who are experts in AI to take the trouble of going through the series of articles presented in this website and study the proposed Supreme Court AI Governance framework  (SCAIF) which  is expected to be the seed for the AI law in India similar to EU Ai act.

Though DGPSI-AI has already captured the essence of the required law, now SCAIF coming from the Supreme Court has a very high statutory weight.

If any of the experts have a suggestion, this is the time for them to act.

I think I have made their work in studying the proposal simpler by the 12 articles along with the Audio and Video overviews created by the AI Chair of FDPPI. You may or may not agree with the views but can benefit by the analysis.

Please write to the member secretary directly. if you feel like, you can mark a copy to Naavi for information.

Naavi