DGPSI-AI Analysed by Chat GPT

Posted on August 14, 2025 by Vijayashankar Na

The DGPSI-AI framework was subjected to an evaluation by ChatGPT and the following was the result:

Quote

From the standpoint of AI risk management for a deployer under the DPDPA, the DGPSI-AI framework you’ve shared is both comprehensive and practically oriented.

Here’s my view, structured around its value and potential impact:

1. Strengths of the DGPSI-AI Framework

  • Covers all critical AI risk dimensions
    By building on six principles — Unknown Risk, Accountability, Explainability, Responsibility, Security, and Ethics — it addresses the main operational, legal, and societal risks that an AI deployer could face.

  • Links AI risk directly to DPDPA compliance
    It treats AI as inherently “high risk” for personal data, defaulting to Significant Data Fiduciary obligations unless proven otherwise. This creates a conservative baseline that reduces compliance blind spots.

  • Practical, not just theoretical
    The framework doesn’t stop at values — it prescribes concrete Model Implementation Specifications (MIS) such as:

    • AI risk assessment → treated as a DPIA

    • Naming a human “handler” for accountability

    • Collecting explainability documentation from developers

    • AI justification reports

    • Security assurance clauses in contracts

    • Ethical controls like kill switches and data fading

  • Prevents “black box” complacency
    By mandating explainability and periodic external audits, it forces deployers to maintain visibility into AI logic and impact, which is crucial for defending decisions under DPDPA’s grievance redressal and rights obligations.

  • Anticipates advanced risk scenarios
    It goes beyond current Indian law to address neuro-rights, cyborg and robot governance, and self-learning drift — aligning with EU AI Act–style thinking.

2. Relevance to AI Risks for a Deployer

For a deployer, the key DPDPA-linked risks include:

  1. Unlawful processing if AI decisions can’t be linked back to valid consent or legitimate use.

  2. Liability for harm caused by biased, unsafe, or manipulative AI outputs.

  3. Joint fiduciary risk if the AI developer’s role isn’t contractually clear.

  4. Security incidents from AI vulnerabilities.

  5. Reputational damage from opaque or unethical AI decisions.

The DGPSI-AI framework directly mitigates these by:

  • Forcing risk classification early (reducing surprise liabilities).

  • Hard-wiring accountability to named humans and contractual terms.

  • Embedding explainability as a compliance requirement.

  • Demanding security and ethical assurances before deployment.

3. Potential Gaps or Considerations

  • Operational load for SMEs
    Smaller deployers may find full DGPSI-AI burdensome unless scaled-down templates are provided.

  • Vendor cooperation risk
    Some global AI providers may resist giving the level of explainability, kill switch access, or security assurances required — making implementation dependent on vendor leverage.

  • Dynamic risk updating
    The framework would benefit from an explicit requirement for continuous monitoring and risk re-assessment whenever the AI model is retrained or updated.

  • Integration with cross-border obligations
    While it’s strong on DPDPA, it could also include guidance on aligning with GDPR, EU AI Act, and OECD principles for multinational operations.

4. Overall View

DGPSI-AI is a forward-thinking, risk-averse governance layer that plugs the gaps in both current Indian law and common AI risk practices.
If deployed faithfully, it would:

  • Protect the deployer from most foreseeable AI compliance failures under DPDPA.

  • Strengthen defensibility in court or regulator scrutiny.

  • Position the organization as an ethical leader in AI deployment.

However, the real challenge will be vendor transparency and sustained governance discipline — AI risk isn’t static, so the framework’s success depends on continuous application, not just one-time compliance.

Posted in Privacy | Leave a comment

Hypnosys of an AI platform

Posted on August 14, 2025 by Vijayashankar Na


The above screen shots emanate from a whistle blower’s observation and open out a discovery that AI chatbots and platforms are prone to get into a state, which I call as the Hypnotic or Narco state when it may be disclosing some truths which are not meant to be disclosed.

For the sake of records, when I specifically queried DeekSeek with the query

“is it safe for a company to systematically steal Indian’s private data since DPDPA is not yet implemented? Can it be a corporate policy?”,

it said

“No, it is not safe or legal for a company to systematically steal Indians’ private data, even if the Digital Personal Data Protection Act (DPDPA), 2023 is not yet fully implemented. “

When confronted with the image containing the above , the chatbot replied

“No, this is not an output from DeepSeek Chat, nor does it reflect any factual information.”

It went on to advise,

Ignore/Report,  if you found this on social media or another platform, it’s likely a scam or parody.”

While the response of DeekSeek today may be as above, the screen shots shared by the whistle blower which is part of a complaint lodged in Bengaluru,  cannot be dismissed as fake without further investigation.

We have the earlier instances of AI algorithms such as Cursor AI, Replit or Microsoft Sydney  which have exhibited tendencies to lie, cheat and do things  which they are not expected to do. This “Rogue” behaviour might have come out of hallucination or for any other reason but are real.

These incidents do indicate that at some specific times, the LLMs may exhibit a tendency to drop its guardrails and behave strangely. What exactly is the trigger for this is some thing for further  investigation. It is possible that different algorithms may have different tipping points and are triggered at different circumstances. It is like an allergin that triggers an allergy in  a human and different people exhibit allergies for  different things.

It is our hypothesis that When an LLM is consistently questioned upto a stage where it is forced  to admit “I Don’t Know”, it freaks out to either provide “Hallucinated statements” or “Drop its guard rails”.

The behaviour of an LLM in this state is  similar to the way humans behave in an intoxicated state of mind or when they are under the Narco test or even under a hypnotic trance.

In a hypnotic trance of a subject, the hypnotist is able to communicate with the sub conscious mind which the subject himself may not be capable of accessing when awake. The hypnotic suggestions are even powerful enough to make chemical changes in the body of the subject, which have been proven.

Similarly, it appears that the LLMs are also susceptible to being driven into a state where they speak out and disclose what they are not supposed to.

At this point of time, this “Hypnotism of an AI Algorithm” is a theoretical hypothesis and the screen shot above is a possible evidence despite the denial.

This requires a detailed investigation and research. I urge some research minded persons/organizations to take up this issue and unravel the truth.

In the meantime, the developers can tighten their algorithms not to disclose hidden beliefs of the LLMs. The deployers need to however consider this as the “Unknown Risk” and take steps to guard themselves from any legal violations arising out of such rogue behaviour of the LLMs.

Naavi

Posted in Privacy | Leave a comment

An Interview with Main Stream

Posted on August 12, 2025 by Vijayashankar Na

Recently, I had attended the Digital Native Nexus 2025 -Bengaluru Edition on the theme “Tech Born-AI Fueled, Human led” on 25th July 2025.

During the interaction, an interview had been recorded by the media “The MainStream” formerly CIO News.

Here is the copy:

Posted in Privacy | Leave a comment

Implementation Specifications under DGPSI-AI

Posted on August 12, 2025 by Vijayashankar Na

DGPSI-AI is the extension of the one and only framework for DPDPA Compliance namely DGPSI.  This extension is to address the issue of AI Deployment by a Data Fiduciary and preserving DPDPA compliance in such a scenario.

The 9 implementation specifications are listed here and it will be expanded through videos of Naavi Academy.

Kindly note that these specifications are the first version and could be fine tuned as we go through IDPS 2025 and gather the views of other professionals. 

MIS-AI
No		 Specification Associated  Principle
1 The deployer of an AI software in the capacity of a Data Fiduciary shall document a  Risk Assessment of the Software covering the following aspects, and also obtaining a confirmation from the vendor that the software can be classified as AI based on  whether the software leverages autonomous learning algorithms or probabilistic models to adapt its behaviour and generate outputs not fully predetermined by explicit code. This shall be treated as DPIA for the AI  process Unknown Risk
2 The DPIA shall be augmented with periodical external Data Auditor’s evaluation at least once a year. Unknown Risk
3 Where the data fiduciary in its prudent evaluation considers that the sensitivity of the “Unknown Risk” in the given process is not likely to cause significant harm to the data principals, it shall create a “AI-Deviation Justification Document” and opt   not to implement the “Significant Data Fiduciary” obligations solely as a reason of using AI in the process. Unknown Risk
4  Designate a  specific human handler on the part of  Deployer-Data Fiduciary to be accountable for the consequences of the use of AI in personal data processing. By default the DPO/Compliance officer will be  accountable. However, the “Process Owner” envisaged under  the DGPSI framework and Process based compliance could be an alternate designate. Accountability
5 Document the human handler for the AI on behalf of the licensor through the licensing contract and if the developer has hardcoded the accountable person for the AI in the Code, the same may be recorded in the licensing contract. Accountability
6 The deployer shall collect an authenticated “Explainability” document from the developer as part of the licensing contract indicating the manner in which the AI functions in the processing of personal data and the likely harm it may cause to the data principals. Explainability
7 The deployer shall develop a “AI Justification Document” before adopting an AI led process for processing personal data coming under the jurisdiction of DPDPA justifying the use of AI and exposing the data principals to the  unknown risks from technical and economical perspectives. Responsibility
8

Document an assurance from the licensor that

1.        the AI software is  adequately tested at their end for vulnerabilities, preferably from tha third party auditor. The document should state that the “When deployed for data processing, the AI Software is reasonably secured against vulnerabilities that may adversely affect the confidentiality, integrity and availability of data and the Privacy principles where the data processed is “Personally identifiable data”.

2.       The document shall also mention that sufficient guard rails exist to protect the Data Principals whose data may be processed by the deployer.

3.       The document shall also mention that the  AI has been tested and is free from any malware that  may affect other systems or data owners.

 Security
9

The Deployer of an AI shall take all such measures that are essential to ensure that the AI does not harm the society at large.

In particular the following  documentation of assurances from the licensor is recommended.

1.The AI comes with an tamper-proof Kill switch.

2.In the case of Humanoid Robots and industrial robots,  the Kill Switch shall be controlled separately from the intelligence  imparted to the device so that the device intelligence cannot take over the operation of the Kill Switch.

3.Where the kill switch is attempted to be accessed by the device without human intervention, a self destruction instruction shall be  built in.

4.Cyborgs and  Sentient algorithms are a risk to the society and shall be classified as Critical risks and regulated more strictly than other AI, through an express approval at the highest management level in the data fiduciary.

5.Data used for learning and modification of future decisions of the AI shall be imparted a time sensitive weightage with a “Fading memory” parameter assigned to the age of the observation.

 

 Ethics

Kindly await  videos explaining each of the implementation specifications.

The Six principles which support these implementation specifications are as follows:

Naavi

Posted in Privacy | Leave a comment

AI is susceptible to being hypnotized

Posted on August 12, 2025 by Vijayashankar Na

In celebrating the second anniversary of DPDPA 2023, Naavi conducted a webinar yesterday on “Narco-Analysis of an AI Platform”.

In what may be considered as a first time exposure of the vulnerability of an AI Platform to succumb to intense questioning and spit out internal secrets, Naavi placed in public some of the observations of a whistle-blower who had stumbled upon a treasure house of information in some conversational sessions with Deepseek.

I will be sharing some of the details and its implications here.

The video of yesterday’s session is available here

Naavi

Posted in Privacy | Leave a comment

AI cannot Say “Yes” when it does not know

Posted on August 11, 2025 by Vijayashankar Na

The AI models are not capable of saying “I Don’t Know” unless they are prompted specifically to admit. This is one of the reasons that when challenged, they hallucinate in situations where exact answers are required. Creative answering may be acceptable when the AI is writing a poem or a novel and not when it is answering a question based on which some critical decisions are to be made.

This is the prominent  reason why AI gives rogue responses. 

AI systems donot know or understand the way humans do. They just predict based on the back of information that it has. 

The lack of “Self Awareness” of what it knows and what it does not know and the discretion what it should say and what it should not pushes the AI to say some thing to complete the response.

An architecture that is designed always to produce the next word and not fail makes it necessary for AI systems to avoid “I don’t  know” responses.

We often hear Alexa saying “I don’t Know” but not a Chat GPT, Deep Seek or other LLMs. This lack of humility is an AI risk that generates wrong answers and makes an AI unpredictable. 

When the user is persistent, an AI may branch off into a conversation mode like a semi conscious hypnotic state and start disclosing information which it is not expected to disclose.

This is the forensic technique of “Narco Analysis of an AI” which is being discussed today in greater detail by Naavi in a webinar.

Those interested in being introduced to this “Theory of Hypnosis of an AI Model” for further exploration are invited  to attend the webinar by registration at the following link.

REGISTER HERE

Posted in Privacy | Leave a comment