ABSTRACT:

The emergence of artificial intelligence (AI) technology has brought about a transformation in several industries, including criminal justice and public safety. The goal of this study is to thoroughly examine how AI affects crime in India, paying particular attention to the ramifications, difficulties, and current legal frameworks. The application of AI to cybersecurity, predictive policing, and criminal detection will be examined in this study, and its efficacy and moral implications will be assessed. It will also evaluate the difficulties brought about by AI-generated crimes, including algorithmic biases and cyber threats, and how they may affect India’s legal and regulatory environment. The research seeks to contribute insights for policymakers, law enforcement agencies, and legal scholars to formulate adaptive and effective regulatory frameworks addressing the intersection of AI and crime in India.

KEYWORDS: Deepfake, Malware, Machine learning Algorithm, Financial crimes, Indian penal code 1860, Information Technology Act 2000, Digital personal Data protection act 2023.

INTRODUCTION:

Artificial Intelligence (AI) has brought about unparalleled progress in a variety of fields, including technology, healthcare, finance, and more, revolutionising many facets of our life. But these transforming powers also bring concerns, especially when it comes to criminal activity. The development of AI has sparked new and sophisticated criminal activity in addition to offering chances for constructive innovation. This thorough investigation explores the various ways that criminals have used artificial intelligence, the difficulties that law enforcement has in dealing with it, and the changing cybersecurity landscape.

RESEARCH METHODOLOGY:

This paper is descriptive in nature and the research is based on secondary source of information like newspaper, journals and websites.

Review of Literature:

Artificial Intelligence (AI) has radically altered the criminal activity scene in India, posing previously unheard-of problems to law enforcement and regulatory systems as well as novel

opportunities. For example, in the world of cybercrimes, hackers are increasingly using AI to create complex malware that changes and adapts, making it harder to identify and mitigate. These AI-driven cyberattacks pose serious risks to national security because they may target financial institutions, key infrastructure, and sensitive data.

The use of Artificial intelligence in social media manipulation introduces ethical considerations, including biases and AI algorithms that may result in unfair targeting of certain groups. Misuse of Artificial intelligence algorithms on social media platform can lead to the spread of false information, influencing public opinion and causing social unrest. Regulatory considerations in this context should emphasized the responsible use of Artificial intelligence, transparency in algorithmic decision making, and mechanisms to address biases.

Artificial intelligence has an impact on social engineering attacks as well. Robust algorithms examine large datasets to create phishing messages that are remarkably accurate. Criminals can use people’s preferences, habits, and relationships in this situation to create extremely realistic and customized phishing attempts. Regulations should prioritize raising cybersecurity awareness via educational initiatives and pressuring companies to deploy multi-layered authentication in order to blunt the impact of Artificial intelligence powered social engineering assaults.

The rise of Deepfake technology’s ascent serves as an example of how AI is affecting fraud and identity theft. With the ability to produce incredibly lifelike false audio and video, criminals may now mimic someone for illicit purposes. Consider a scenario where a criminal creates a video of a well-known person making fraudulent claims utilising deepfake technology to harm the person’s reputation or sway public opinion. The issues presented by the abuse of deepfakes must be addressed by regulatory frameworks, which will require the creation of severe punishments for their malicious use and the implementation of detection systems to mitigate their effects. In USA The Pentagon, through the Defence Advanced Research Projects Agency (DARPA), is working with several of the country’s biggest research institutions to get ahead of deepfakes¹. The EU has issued guidelines for the creation of an independent network

¹ https://edition.cnn.com/interactive/2019/01/business/pentagons -race-against-deepfakes/

of fact-checkers to help analyse the sources and processes of content creation². After a so- called ‘deepfake’ video clip of actor went viral on social media the Ministry of Electronics and Information Technology has now sent notices to “all social media intermediaries,” In notices to social media firms, the IT Ministry said that impersonation online was illegal under Section 66D of the Information Technology Act, 2000. The IT Rules, 2021, also prohibit “host any content that impersonates another person,” and requires social media firms to quickly take down “artificially morphed images of an individual” when alerted to one.³

The use of AI algorithms in the financial sector has made it easier to manipulate markets and algorithmic trading. AI is used by criminals to study market patterns, make quick, automated transactions, and manipulate stock prices for their own benefit. The necessity for adaptable legislation that guarantee monitoring of AI-powered financial transactions and encourage transparency in algorithmic trading practises is highlighted by the possibility that traditi onal financial regulations may be unable to keep up with these AI-driven financial crimes.

In order to reduce cyber frauds performed through fraudulently acquired SIM cards, the Department of Telecommunications (DoT) will now require registration and “indisputable verification” of SIM dealers. The detailed guidelines on these new penalties are yet to be published by the DoT⁴.

Artificial Intelligence is used in the field of biometric security to generate realistic biometric spoofs, which puts facial recognition systems to the test. These flaws provide criminals access to restricted areas without authorization. Recent case of A report from US cybersecurity firm Security has revealed that the personal data of 815 million Indians, including their names, phone numbers, addresses, Aadhaar, and passport information, has surfaced on the Dark Web Legislative frameworks ought to place a strong emphasis on the resilience of biometric security systems and require regular upgrades and developments to thwart spoofing tactics powered by AI.

² https://www.thehindu.com/sci-tech/technology/why-has-the-government-issued-a-directive-on-deepfake- explained/article67516589.ece#:~:text=The%20EU%20has%20issued%20guidelines,fake%20accounts%20on% 20their%20platforms.

³ https://www.thehindu.com/news/national/it-ministry-warns-social-media-platforms-on- deepfakes/article67508757.ece#:~:text=After%20a%20so%2Dcalled%20’deepfake,illegal%2C%20said%20a%20 press%20release.

⁴ https://www.thehindu.com/news/national/tamil-nadu/majority-of-sim-cards-activated-with-fake-identities- procured-from-other-states/article66821489.ece

The rapid evolution of Artificial Intelligence (AI) has introduced a dynamic shift in the landscape of criminal activities in India, offering innovative opportunities for criminals while posing complex challenges for law enforcement and regulatory frameworks. Understanding the multifaceted ways in which AI is influencing criminal activities is crucial for developing effective regulatory responses.

1. Cybercrimes and AI-Driven Attacks:

The nature of cybercrimes in India has significantly changed as a result of cybercriminals’ increased ability to carry out automated and sophisticated attacks thanks to AI. Malware that is adaptive and capable of learning and evolving can be created thanks to machine learning algorithms, which makes it harder to identify and remove. Think about a situation where malware powered by artificial intelligence targets a financial institution. Conventional cybersecurity measures might find it difficult to keep up with the malware’s constant tactic adaptations, which could result in data breaches, illegal access, and financial losses. Canadian Centre for Cyber Security Head Sami Khoury said that his agency had seen AI being used “in phishing emails, or crafting emails in a more focused way, in malicious code (and) in misinformation and disinformation.” In order to strengthen collective cyber resilience, regulatory frameworks must place a high priority on the implementation of strong cybersecurity measures, such as strict data protection guidelines, frequent security audits, and procedures for information sharing amongst enterprises.

2. Identity Theft and Fraud through Deepfakes:

Deepfake technology, powered by AI, has opened new avenues for identity theft and fraud. Criminals can create hyper-realistic fake videos and audio, enabling them to impersonate individuals with alarming accuracy. Recently Delhi police registered a FIR under sections 465 (forgery) and 469 (forgery for purpose of harming reputation) of the Indian Penal Code and sections 66C and 66E of the Information Technology Act in connection with the circulation of public figure viral deepfake video. ⁵The realistic

⁵ https://www.businesstoday.in/technology/news/story/rashmika-mandannas-deepfake-video-delhi-police- register-fir-in-case-after-dcw-seeks-action-405440-2023-11- 11#:~:text=%22In%20regard%20to%20the%20deep,the%20Delhi%20Police%20told%20ANI.

nature of deepfakes challenges the ability of individuals and organizations to distinguish between authentic and manipulated content. This raises concerns about the potential for deepfakes to be used for malicious purposes, including influencing public opinion or committing financial fraud.

3. Financial Crimes and Algorithmic Trading Manipulation:

Financial crimes such as market manipulation and algorithmic trading are committed by taking advantage of AI algorithms. Criminals can use artificial intelligence (AI) to study market patterns, make quick, automated trades, and manipulate stock prices for their own gain. With the increasing sophistication and speed of AI-driven financial crimes, traditional financial regulations might find it difficult to keep up. Regulators may find it difficult to identify and punish offenders due to the speed with which algorithmic trading manipulation is executed. As per IIT Kanpur study incubated start up financial frauds accounted for over 75 per cent of cyber-crimes in the country from January 2020 till June 2023, with nearly 50 per cent cases related to UPI and internet banking⁶

4. AI in social Media Manipulation: AI algorithms generate and distribute propaganda, false information, and fake news automatically on social media platforms, swaying public opinion and inciting social unrest. For instance, actors with political or criminal agendas may employ AI to track social media sentiment and trending topics. They could then create and spread customized disinformation campaigns to influence public opinion, foment strife, or accomplish political goals afterwards. An article written by the Washington post on how AI voice clones’ mimic politicians and celebrities, reshaping reality⁷. India is a diverse country having so many religions and communities, and this type of fake news will create instability in the country. Experts have long predicted generative artificial intelligence would lead to a tsunami of faked photos and video. What’s emerging is an audio crisis.

⁶ https://timesofindia.indiatimes.com/business/india-business/financial-frauds-accounted-for-over-75-cyber- crimes-since-2020- study/articleshow/103757208.cms?from=mdr#:~:text=Financial%20frauds%20accounted%20for%20over%207 5%25%20cyber%20crimes%20since%202020%3A%20Study,- PTI%20%2F%20Sep%2018&text=NOIDA%3A%20Financial%20frauds%20accounted%20for,Kanpur%2Dincubate d%20start%2Dup.

⁷    https://www.washingtonpost.com/technology/2023/10/13/ai-voice-cloning-deepfakes/

Thus, Manipulation on social media has the potential to propagate misleading information and have real-world repercussions. Increased cybersecurity measures are necessary to protect the integrity of online information, as demonstrated by the scope and effectiveness of Artificial intelligence -driven disinformation campaigns.

Impact Of AI and Changing Trends of Cybercrimes

Artificial intelligence (AI) has a complex and quickly changing effect on cybercrime trends in India, where new technical developments have brought with them both enormous opportunities and difficult challenges. AI and cybersecurity are closely related fields with significant implications that span several areas, such as the complexity of cyberthreats, Artificial intelligence ‘s place in offensive and defensive tactics, related difficulties, and the regulatory response to this changing environment.

Although AI-generated crimes are not specifically covered by Indian law, there are laws that do address some aspects of cybersecurity and digital crimes. The following are some methods that Artificial intelligence -related offenses may be dealt with under Indian law.

1. Information Technology Act, 2000⁸: This comprehensive law governs digital activities in India. It was passed in 2000. The Act’ address offenses involving computers, damage to computer systems, and unauthorized access. In situations of Artificial intelligence -driven cybercrimes involving unauthorized access, data breaches, or system interference, these provisions may be used.
2. Indian Penal Code (IPC)⁹: The IPC includes provisions that can be applicable to AI-generated crimes, such as those related to fraud, identity theft, and defamation. For instance, Section 420 of the IPC deals with cheating and dishonesty, which could be relevant in cases of Artificial intelligence -driven financial fraud.
3. Digital personal Data protection act 2023¹⁰: The purpose of this legislation is to strengthen data protection and accountability for organizations that

⁸ Information Technology Act, 2000.

⁹ Indian Penal Code,1860

¹⁰ Digital Personal Data Protection Act, 2023

handle citizens’ data, including mobile app developers, internet service providers, and businesses. The primary goal of the DPDP Act is to provide a greater degree of accountability and responsibility for companies that operate in India, such as mobile app developers, internet service providers, and companies that gather, store, and process personal data of Indian citizens.

4. Collaboration with International Entities: countries such as India, United Kingdom, United States of America, and Republic of China have agreed to collaborate to protect against potential harm caused by artificial intelligence and agree to work together against the protentional for artificial intelligence to cause catastrophic harm.¹¹ Cybercrimes often have international dimensions, and India collaborates with international entities to address cross-border offenses. Bilateral and multilateral agreements facilitate information sharing, joint investigations, and the pursuit of cybercriminals, including those utilizing Artificial intelligence.

LIMITATIONS OF INDIAN LAWS

Notwithstanding these endeavours, obstacles endure, and deficiencies in the legal structure continue. Because AI technology is dynamic and constantly changing, it is necessary to update the law on a regular basis to keep it current and effective. To strengthen the legal response, specific legislation addressing the particulars of Artificial intelligence-generated crimes, moral issues, and responsible Artificial intelligence use might be necessary.

One of the main gaps in the Indian legal system is the absence of legislation designed specifically to deal with crimes generated by AI. Existing legislation, including the Indian Penal Code and the Information Technology Act, 2000, cover some aspects of cybercrimes, but they do not specifically address offenses resulting from the malicious use of AI technologies. When considering crimes carried out by autonomous AI systems, for example, assigning blame becomes a difficult task. Efficient prosecution is hampered by the lack of precise regulations for holding people or organizations responsible for crimes committed using artificial intelligence.

¹¹ https://indianexpress.com/article/technology/artificial-intelligence/china-us-and-eu-agree-to-work- together-on-ai-safety-at-uk-summit-9010112/

Furthermore, the laws that are in place in India today do not sufficiently address concerns about data privacy and the moral implications of using AI. Even though the Personal Data Protection Act 2023 is a big step in the right direction, it might need to be amended to handle the particular problems that AI applications present. The practice of mandating people to link their Aadhaar will continue and expand to create 360-degree profile databases, as the Rajya Sabha is expected to pass the Registration of Births and Deaths Bill. Indians will be forced to part with their personal information from birth to death. The Bill ignores purpose limitation entirely and says that any data collected can be used for other purposes by the government. There is currently a lack of a comprehensive legal framework that addresses the ethical ramifications of biased algorithms in hiring and lending practices.

Therefore India needs to pass laws aimed at combating crimes caused by AI immediately in order to close these gaps. These kinds of laws ought to cover a wide range of offenses, from the production and distribution of malicious deepfake content to automated cyberattacks. It is imperative to incorporate provisions that allocate accountability in instances involving artificial intelligence systems, and to delineate the legal ramifications for the malevolent utilization of AI. Regulations that guarantee the moral application of AI are also required, and they must address concerns about bias and justice in algorithmic decision-making.

Methods To Tackle AI Generated Crimes:

Certainly! Here are some different methods and strategies that could be considered to tackle AI-generated crimes in India:

1. Red Team Testing: Conduct regular red team testing on critical infrastructure and AI systems to simulate real-world cyber threats. This proactive approach involves ethical hacking to identify vulnerabilities in AI systems and helps organizations fortify their defence against potential attacks.
2. Cybersecurity Audits for AI Systems: Mandatory cybersecurity audits with an emphasis on AI systems should be implemented. These audits can evaluate the security posture of AI-using companies, spot possible threats, and confirm that sufficient safeguards are in place to stop and deal with crimes caused by AI.
3. AI-Powered Threat Detection: Develop and deploy AI-powered threat detection systems that can identify patterns indicative of AI-generated crimes. These systems can use machine learning algorithms to analyse network behaviour, detect anomalies, and respond in real-time to potential threats.

4. AI Ethics and Governance Committees: Establish AI ethics and governance committees that include representatives from legal, technical, and ethical domains. These committees can ensure that AI systems are developed and deployed responsibly, adhering to ethical guidelines and legal standards.

5. Public-Private Partnerships for Research: Foster public-private partnerships to support research initiatives focused on understanding and mitigating the risks associated with AI-generated crimes. Collaborative research efforts can lead to the development of innovative solutions and policy recommendations.

6. Cybersecurity Awareness Campaigns: Conduct nationwide cybersecurity awareness campaigns to educate the public about the potential risks associated with AI- generated crimes. Increased awareness can empower individuals to recognize and report suspicious activities, contributing to a collective effort in combating cyber threats.

7. AI Transparency Standards: Advocate for and establish AI transparency standards that require organizations to disclose information about the algorithms they use. This transparency can enhance accountability and help in auditing AI systems for potential biases or malicious activities.

Conclusion

In conclusion, even though artificial intelligence (AI) has a great deal of potential for good, its ability to act as an enabler of new and sophisticated crimes calls for an aggressive legal

response. Indian law must change to effectively address crimes caused by AI, balancing the need to advance technology with the need to safeguard society from the dangers associated with its misuse. To guarantee India has a safe and morally compliant digital future, strong and focused legal frameworks must be developed.

SHIVALI NAGAR

LAW CENTRE 2, UNIVERSITY OF DELHI