India’s AI new governance: Light-touch rules, sector-led enforcement

India released its AI Governance Guidelines this week, and the approach is about as far from Europe’s AI Act as you can get (MeitY, 2025). The Ministry of Electronics and Information Technology published the framework on November 5, outlining a hands-off regulatory model where sector-specific regulators handle enforcement rather than a single, binding AI law.

The guidelines operate on principles like trust, innovation over restraint, and fairness that set the direction without prescriptive mandates. Instead of telling companies exactly what to do, the framework asks existing regulators, for example, RBI for fintech, to adapt their rules to AI deployments in their domains. 

This means AI developers face dual-layered obligations, where MeitY sets the broad principles, but actual compliance comes from whichever sector you’re operating in.

The institutional setup includes a new AI Governance Group as an inter-ministerial coordinating body, supported by a Technology and Policy Expert Committee and an AI Safety Institute. 

An interesting point is the exemption in the Digital Personal Data Protection Act for publicly available data, which gives AI developers more leeway to train models on scraped datasets than similar laws in Europe.

The new policies affect a variety of stakeholders. Developers will get clarity on principles but will need to navigate sectoral rules. Regulators will get more responsibility without new budgets. Policymakers globally are probably watching to see if this light-touch model can deliver safety without slowing down deployment.