#FactCheck-AI-Generated Video Falsely Shows Mishandling of Baggage at Indian Airport

The global race for Artificial Intelligence is heating up, and India has become one of its most important battlegrounds. Over the past few months, tech giants like OpenAI (ChatGPT), Google (Gemini), X (Grok), Meta (Llama), and Perplexity AI have stepped up their presence in the country,  not by selling their AI tools, but by offering them free or at deep discounts.

At first, it feels like a huge win for India’s digital generation. Students, professionals, and entrepreneurs today can tap into some of the world’s most powerful AI tools without paying a rupee. It feels like a digital revolution unfolding in real time. Yet, beneath this generosity lies a more complicated truth. Experts caution that this wave of “free” AI access isn’t without strings attached. This offering impacts how India handles data privacy, the fairness of competition, and the pace of the development of homegrown AI innovation that the country is focusing on. 

‍

The Market Strategy: Free Now, Pay Later  

‍

The choice of global AI companies to offer free access in India is a calculated business strategy. With one of the world’s largest and fastest-growing digital populations, India is a market no tech giant wants to miss. By giving away their AI tools for free, these firms are playing a long game:

1. Securing market share early: Flooding the market with free access helps them quickly attract millions of users before Indian startups have a chance to catch up. Recent examples are Perplexity, ChatGPT Go and Gemini AI which are offering free subscriptions to Indian users. 
2. Gathering local data: Every interaction, every prompt, question, or language pattern, helps these models learn from larger datasets to improve their product offerings in India and the rest of the world. Nothing is free in the world - as the popular saying goes, “if something is free, means you are the product. The same goes for these AI platforms: they monetise user data by analysing chats and their behaviour to refine their model and build paid products. This creates the privacy risk as India currently lacks specific laws to govern how such data is stored, processed or used for AI training. 
3. Create user dependency: Once users grow accustomed to the quality and convenience of these global models, shifting to Indian alternatives,  even when they become paid, will be difficult. This approach mirrors the “freemium” model used in other tech sectors, where users are first attracted through free access and later monetised through subscriptions or premium features, raising ethical concerns.  

Impact on Indian Users

‍

For most Indians, the short-term impact of free AI access feels overwhelmingly positive. Tools like ChatGPT and Gemini are breaking down barriers by democratising knowledge and making advanced technology available to everyone, from students, professionals, to small businesses.  It’s changing how people learn, think and do - all without spending a single rupee.But the long-term picture isn’t quite as simple. Beneath the convenience lies a set of growing concerns:

• Data privacy risks: Many users don’t realise that their chats, prompts, or queries might be stored and used to train global AI models. Without strong data protection laws in action, sensitive Indian data could easily find its way into foreign systems.
• Overdependence on foreign technology: Once these AI tools become part of people’s daily lives, moving away from them gets harder — especially if free access later turns into paid plans or comes with restrictive conditions.
• Language and cultural bias: Most large AI models are still built mainly around English and Western data. Without enough Indian language content and cultural representation, the technology risks overlooking the very diversity that defines India

Impact on India’s AI Ecosystem  

India’s Generative AI market, valued at USD $ 1.30 billion in 2024, is projected to reach 5.40 billion by 2033. Yet, this growth story may become uneven if global players dominate early.  

Domestic AI startups face multiple hurdles — limited funding, high compute costs, and difficulty in accessing large, diverse datasets. The arrival of free, GPT-4-level models sharpens these challenges by raising user expectations and increasing customer acquisition costs.  

As AI analyst Kashyap Kompella notes, “If users can access GPT-4-level quality at zero cost, their incentive to try local models that still need refinement will be low.” This could stifle innovation at home, resulting in a shallow domestic AI ecosystem where India consumes global technology but contributes little to its creation.  

CCI’s Intervention: Guarding Fair Competition  

The Competition Commission of India (CCI) has started taking note of how global AI companies are shaping India’s digital market. In a recent report, it cautioned that AI-driven pricing strategies such as offering free or heavily subsidised access could distort healthy competition and create an uneven playing field for smaller Indian developers.

The CCI’s decision to step in is both timely and necessary. Without proper oversight, such tactics could gradually push homegrown AI startups to the sidelines and allow a few foreign tech giants to gain disproportionate influence over India’s emerging AI economy.  

 What the Indian Government Should Do  

To ensure India’s AI landscape remains competitive, inclusive, and innovation-driven, the government must adopt a balanced strategy that safeguards users while empowering local developers.  

 1. Promote Fair Competition  

The government should mandate transparency in free access offers, including their duration, renewal terms, and data-use policies.  Exclusivity deals between foreign AI firms and telecom or device companies must be closely monitored to prevent monopolistic practices.  

 2. Strengthen Data Protection 

Under the Digital Personal Data Protection (DPDP) Act, companies should be required to obtain explicit consent from users before using data for model training.  Encourage data localisation, ensuring that sensitive Indian data remains stored within India’s borders.  

3. Support Domestic AI Innovation  

Accelerate the implementation of the IndiaAI Mission to provide public compute infrastructure, open datasets, and research funding to local AI developers like  Sarvam AI, an Indian company chosen by the government to build the country's first homegrown large language model (LLM) under IndianAI Mission. 

4. Create an Open AI Ecosystem

India should develop national AI benchmarks to evaluate all models, foreign or domestic, on performance, fairness, and linguistic diversity. And at the same time, they have their own national data Centre to train their indigenous  AI models. 

5. Encourage Responsible Global Collaboration

Speaking at the AI Action Summit 2025, the Prime Minister highlighted that governance should go beyond managing risks and should also promote innovation for the global good. Building on this idea, India should encourage global AI companies to invest meaningfully in the country’s ecosystem through research labs, data centres, and AI education programmes. Such collaborations will ensure that these partnerships not only expand markets but also create value, jobs and knowledge within India.

Conclusion

The surge of free AI access across India represents a defining moment in the nation’s digital journey. On one hand, it’s empowering millions of people and accelerating AI awareness like never before. On the other hand, it poses serious challenges from over-reliance on foreign platforms to potential risks around data privacy and the slow growth of local innovation. India’s real test will be finding the right balance between access and autonomy, allowing global AI leaders to innovate and operate here, but within a framework that protects the interests of Indian users, startups, and data ecosystems. With strong and timely action under the Digital Personal Data Protection (DPDP) Act, the IndiaAI Mission, and the Competition Commission of India’s (CCI) active oversight, India can make sure this AI revolution isn’t just something that happens to the country, but for it. 

References

1. https://www.moneycontrol.com/artificial-intelligence/cci-study-flags-steep-barriers-for-indian-ai-startups-calls-for-open-data-and-compute-access-to-level-playing-field-article-13600606.html# 
2. https://www.imarcgroup.com/india-generative-ai-market 
3. https://www.mea.gov.in/Speeches-Statements.htm?dtl/39020/Opening_Address_by_Prime_Minister_Shri_Narendra_Modi_at_the_AI_Action_Summit_Paris_February_11_2025 
4. https://m.economictimes.com/tech/artificial-intelligence/nasscom-planning-local-benchmarks-for-indic-ai-models/articleshow/124218208.cms 
5. https://indianexpress.com/article/business/centre-selects-start-up-sarvam-to-build-country-first-homegrown-ai-model-9967243/# 

‍

Introduction

The advent of Electronic Vehicles (EVs) represents a transformative leap towards a more sustainable and environmentally conscious transportation future by nations. However, as these vehicles become increasingly connected and reliant on advanced technological systems, a parallel concern emerges—data privacy. Integrating sophisticated technologies in EVs, such as GPS tracking, biometric authentication, and in-car connectivity, raises substantial questions about the collection, storage, and potential misuse of sensitive personal information. This intersection of automotive innovation and data privacy underscores the need for comprehensive solutions and regulatory frameworks to ensure that the benefits of electric vehicles are realised without compromising the privacy and security of their users.

Electronic vehicles primarily record three types of data;

1. Driving behaviour and patterns: The e-vehicle records braking and driving patterns, including acceleration, speed, and swerve. Some vehicles even track air conditioning usage and airbag deployment to determine the point of failure in the event of a crash.
2. Location data: The e-vehicles also track GPS systems to gauge the speed and direction of the vehicle.
3. EV functions and use of telematic services: Monitoring of EV functions includes battery use management, battery charging history, battery deterioration, electrical system functions and software version information.

Data Privacy requirements of companies

Companies manufacturing e-vehicles are saddled with several data privacy requirements as concerns about consumer safety. Data collected by e-vehicles may be sensitive in nature. Location tracking is a key issue that has garnered attention. The constant recording of a driver's whereabouts can lead to the creation of detailed profiles, raising questions about the potential misuse or unauthorised access to this sensitive information. The risk of surveillance, stalking, or even theft of valuable personal data is a genuine concern for EV owners.

Moreover, integrating smart features, such as voice recognition, biometric authentication, and in-car personal assistants, adds another layer of complexity. These features require the collection and processing of personal data. If not handled securely, they may become vulnerable to hacking or unauthorised access, leading to identity theft or other malicious activities. Additionally, Smart charging systems offer convenience by allowing remote monitoring and control of charging, but they also gather extensive data. The geographical data collected during charging may raise concerns about location privacy.

Striking a delicate balance between leveraging this data for enhancing vehicle performance and user experience while safeguarding the privacy of EV owners is paramount. Transparent privacy policies, secure data storage practices, and stringent encryption protocols are essential components of a comprehensive approach to data protection. If a company is eyeing the international market or utilising cloud-based software with decentralised global data storage, it must also navigate international privacy and data protection laws. A prime example is the General Data Protection Regulation (GDPR), a globally recognised and stringent data protection law applicable to both European-based companies and international entities providing goods, services, or monitoring activities of residents within Europe. 

Manufacturers of these vehicles are subjected to compliance with this comprehensive legal framework. Obligations on companies are levied by them being data fiduciaries; dual liability may also emanate since some data fiduciaries may also qualify as data processors. Special care must be taken when data is being transferred to third parties. 

Further, compliance with consumer safety laws is also an important consideration. In India, the Consumer Protection Act of 2019 safeguards the rights of consumers, holding manufacturers, sellers, and service providers responsible for any harm resulting from faulty or defective products. This extends the Act's coverage to include manufacturers and sellers of internet and technology-based products. When read with the Digital Personal Data Protection Act of 2023 (DPDP Act), the Consumer Protection Act of 2019 takes on additional significance. The DPDP Act, focusing on the security of an individual's digital personal data, introduces provisions such as mandatory consent, purpose limitation, data minimisation, obligatory security measures by organisations, data localisation, and enforcing accountability and compliance. These provisions apply to information generated by and for consumers, offering a comprehensive framework for protecting digital personal data.

Conclusion

The intersection of e-vehicles and data privacy necessitates a careful and comprehensive approach to ensure the coexistence of automotive innovation and user security. As electric vehicles record intricate data related to driving behaviour, location, and telematic services, companies manufacturing these vehicles must navigate a complex landscape of data privacy requirements. The potential risks associated with location tracking, smart features, and the extensive data collected during charging underscore the importance of transparent privacy policies, secure data storage practices, and stringent encryption protocols. Moreover, as companies expand globally, compliance with international privacy laws like the GDPR becomes imperative. Balancing the enhancement of vehicle performance and user experience with the safeguarding of privacy is paramount. Manufacturers, deemed as data fiduciaries, must exercise diligence, especially when transferring data to third parties. Additionally, adherence to consumer safety laws, such as the Consumer Protection Act of 2019, further emphasises the need for a holistic and vigilant approach to ensure the responsible use of data in the evolving landscape of e-vehicles.

References

• https://digitalcommons.law.scu.edu/cgi/viewcontent.cgi?article=1556&context=chtlj 
• https://cyberswitching.com/electric-car-charging-and-data-privacy/#:~:text=Smart%20charging%20systems%20provide%20convenience,in%20safeguarding%20EV%20user%20privacy

Introduction

Attacks by cybercriminals targeting national critical infrastructure are increasing at an unsettling rate. Such attacks have the potential to do severe damage by upsetting transportation networks, utilities, financial services, and other vital infrastructure. The physical and digital systems that underpin a nation's economy are known as critical infrastructure thus if they were to be disrupted, there would be serious risks to the economy and public health and safety. Establishing proper cybersecurity measures and protecting those digital systems from possible threats or cyberattacks is necessary. Both public and private sector assets are included in these essential infrastructure categories.

Nationwide alert:

Recently one of the biggest hacker organizations has warned of an upcoming cyberattack on the critical infrastructure and websites in India, causing a countrywide alert. A gang of hackers from Indonesia and Pakistan, celebrating 4,000 members, announced a planned “Cyber Party” on 11 December 2023. The event’s claimed goal is to compromise and disrupt India's digital infrastructure. They disclosed this information on their Telegram channel.

This hacker organization holds a record of launching extensive cyberattacks; in the past, it sent out a "red notice" that was intended to target 12,000 websites run by the Indian government. They have previously attacked other nations, such as Israel, Sweden, and the United States. Their reasons are varied and might include anything from assaults on certain groups to religious disagreements.

The gang has also been acclaimed for hacking into a New York City police agency, obtaining health and social media data from Israel, and exposing information from Swedish social media users. These alarming events show how urgently strong and all-encompassing cybersecurity measures are needed, not only in India but throughout the world.

Effect(s) on India

1.  Central Agencies Are Alert, Expect Health Sector Attacks: The cyberinfrastructure of the health sector has been a common target of assaults, particularly in the aftermath of the COVID-19 epidemic, which has authorities particularly concerned. Relevant ministries have received notifications from central authorities advising them to take precautions against unwanted access. The security of digital infrastructure is seriously challenged by the constantly changing panorama of cyber-attacks, according to those who are aware of the warning and threat.

2. National security concerns: Because of the interconnectedness of critical national infrastructure, a cyberattack may have an impact on national security. Attacks against defense networks, intelligence organizations health infrastructure, or military systems, for instance, might make it more difficult for the nation to respond to threats from outside.

3.    Concerns for Public Safety and Health: Cyberattacks on healthcare systems run the risk of compromising patient data, stopping medical procedures, and even endangering the general public's health. This might have potentially fatal results in urgent circumstances.

4.  Data Breach and Privacy Issues: Stealing confidential data is a common component of cybersecurity assaults. A breach of critical infrastructure systems might result in sensitive data, including personal information, being misused and accessed without authorization, raising privacy issues.

Preventive and protective measures

1.    The plan for responding to incidents: Make sure a clear incident response strategy is in place, with a focus on healthcare systems, and that it is especially designed to handle cyber-attacks on critical infrastructure.

2.  Better Tracking: Observing vital networks, systems, and data flows more closely, especially in the healthcare industry. Using cutting-edge threat detection technologies to spot odd or questionable activity.

3.   Critical System Isolation: Cutting off vital healthcare systems from the wider network to reduce the chance of attackers moving laterally.

4.   Continual Backups: Make sure that backup copies of important data and systems are kept in a safe, isolated location by regularly backing them up. In the event of a ransomware attack or data breach, this makes recovery easier.

5.    Update and patch systems: Make sure that all operating systems and apps utilized in the infrastructure of the healthcare industry are updated with the most recent security updates.

6. Protocols for Communication: In the case of a cyber-incident, establishing explicit communication mechanisms to guarantee that pertinent parties are notified as soon as possible. This covers correspondence with law enforcement, the public, and other members of the healthcare industry as needed.

Conclusion

Urgent preventative actions are essential in response to an impending cyber threat revealed by a large hacker organization that is targeting India's key infrastructure, specifically the healthcare sector. The interconnectedness of this infrastructure puts public safety, privacy, and national security in danger. A crucial defensive approach is formed by the proactive measures mentioned, which include communication protocols, system isolation, improved monitoring, incident response preparation, and frequent backups. The dangers underline the necessity of international collaboration in tackling cybersecurity issues and the requirement for shared responsibility of everyone to safeguard digital networks. To reduce risks and guarantee the resilience of vital national infrastructure in the face of changing cyber threats, authorities must continue to develop and adapt their cybersecurity tactics.

References:

• https://www.cnbctv18.com/technology/exclusive--nationwide-alert-sounded-as-hacker-group-plans-cyber-party-to-attack-indias-critical-digital-infra-18520021.htm
• https://www.the420.in/ndian-authorities-high-alert-hacker-groups-threaten-cyber-assault/
• https://www.cnbctv18.com/technology/exclusive--nationwide-alert-sounded-as-hacker-group-plans-cyber-party-to-attack-indias-critical-digital-infra-18520021.htm#:~:text=By%20News18.com%20Dec%208,%3A58%20AM%20IST%20(Published)&text=A%20nationwide%20alert%20has%20been,Indian%20websites%20and%20critical%20infrastructure
• https://verveindustrial.com/resources/blog/critical-infrastructure-cyber-security/