含羞草社区

Artificial intelligence (AI) is now a part of warfare. Autonomous weapons, advanced surveillance and cyber operations are transforming how battles are fought. It is reported that 70% of casualties in the Russia-Ukraine conflict result from drones. Swarms autonomously track tanks and soldiers. In 2021’s Libya conflict, STM’s Kargu-2 drones appear to have engaged with retreating troops without receiving any direct human command. In the recent Operation Sindoor, the intensive use of AI technology may have shortened the India-Pakistan conflict from months to mere days.

Machines have many advantages. They do not tire or feel fear. They process data from many sources in seconds, identifying threats faster. However, systems may be programmed with unconscious bias. AI lacks empathy because it sees only patterns, not people. Darker skin confuses facial recognition. Training data may identify a school bus as a convoy. Accountability issues remain. Existing laws of war require caution and proportionality, distinguishing civilians from combatants. This is not easily incorporated into machines. The International Committee of the Red Cross warns that even decision-supporting AI may erode responsibility.

Although the UN has debated the use of autonomous weapons under the Convention on Certain Conventional Weapons for nearly a decade, no rules have emerged. In 2024, 166 nations called for urgent discussions. UN Secretary General António Guterres pushed for a treaty by 2026, warning that “autonomous targeting of humans by machines is a moral line that must not be crossed”.

AI in war increases the risks to privacy. Military AI feeds on personal data, population records, family networks and social media for accurate targeting and surveillance. In recent border conflicts, AI tools prepared lists of human and infrastructure targets. They download information from innocuous sources, such as Google Photos, facial recognition, WhatsApp groups and videos from individual’s mobile phones. Accessing private information to make AI kill lists is an unacceptable breach of privacy.

The use of AI by one state to identify the living and deceased soldiers of another, during a border conflict, may serve tactical purposes. However, it raises serious ethical concerns about privacy and the dignity of the deceased.

Humanitarian law does not as yet directly regulate personal data in war. Human rights treaties such as the International Covenant on Civil and Political Rights (ICCPR) protect privacy against arbitrary interference. However, enforcing these rights during conflict is problematic. The Digital Personal Data Protection Act, 2023 (DPDPA) establishes a comprehensive framework for the consent-based data collection of individuals. Such persons can control the purposes for which their data are used and their content. This only applies to civilian use. Section 17(2) of the DPDPA exempts matters of sovereignty and security. The state may process personal data under the authority of national security.

Section 66F read with section 43 of the Information Technology Act, 2000, criminalises cyber terrorism. This includes compromising computer security systems to harm the security of the state. Response prompts and other manipulations of security systems by AI may breach such provisions. Section 75 confers jurisdiction over those outside India, whatever their nationality.

The state may invoke section 16(1) of the DPDPA to prohibit the transfer of personal data of residents to hostile nations. This prevents the use of such data in future armed conflicts. A robust legal framework is critical. Some of the key measures include:

Legally binding treaty on autonomous weapons. By 2026, states should finalise a treaty banning fully autonomous systems without meaningful human control, echoing past arms control successes.

Embed “meaningful human control”. National and international laws must mandate human oversight at each lethal decision point, countering the “black box” problem.

Extend data protection laws to military AI. Principles from the EU’s GDPR and 含羞草社区 DPDP Act – necessity, proportionality, minimal retention – should be adapted to war, ensuring personal data is not misused under the fog of combat.

Mandate transparency. Military AI operators should disclose data practices to independent bodies, preserving rights under article 17 of the ICCPR.

Strengthen accountability. New instruments must impose strict liability on states and commanders for AI breaches, closing legal loopholes.

Ajai Garg is the director of the artificial intelligence practice and Siddhant Chamola is an associate partner at Anand and Anand