top of page

Chapter XI

PUBLISHED

Chapter XI: EMPLOYMENT AND INSURANCE

Section 24 - Employment and Skill Security Standards

(1) The IAIC shall develop consultative guidelines on:

(i)    the impact of high-risk AI systems on sector-specific employment opportunities in line with relevant sector-specific regulations and standards of employment;

(ii)   employment security in the context of the deployment of high-risk AI systems, emphasizing fair labour practices.

(1)   Data fiduciaries employing high-risk AI systems shall implement the following safeguards to protect the rights and livelihoods of affected employees:

(i)    Conduct impact assessments to identify potential job displacements, skill gaps, and other risks to employee well-being arising from the deployment of high-risk AI systems.

(ii)   Develop and implement mitigation strategies to address identified risks, such as:

(a)    Providing adequate notice and consultation to affected employees;

(b)   Offering retraining, upskilling, or reskilling programs to enable employees to adapt to new job requirements;

(c)    Exploring redeployment opportunities within the organisation;

(d)   Providing fair compensation, severance packages, or outplacement support for employees whose jobs are eliminated.

 

(iii) Establish grievance redressal mechanisms for employees to raise concerns related to the impact of high-risk AI systems on their employment and working conditions;

(iv)  Regularly monitor and review the effectiveness of safeguards and mitigation strategies every six months, and make necessary adjustments based on employee feedback and changing circumstances.

 

(2)   Employers deploying high-risk AI systems shall engage in meaningful consultation with their employees and relevant employee representatives, such as trade unions or works councils, to establish fair transition plans. These plans shall include:

 

(i)    Timely disclosure of information related to the deployment of high-risk AI systems, including the nature and scope of the systems, the expected impact on employment, and the proposed timeline for implementation.

(ii)   Opportunities for employees and their representatives to provide input and feedback on the transition plans, and to negotiate the terms and conditions of any retraining, redeployment, or alternative employment arrangements.

(iii)  Specific provisions for retraining and upskilling programs, including:

(a)   Identifying the skills and competencies required for new or modified job roles;

(b)   Developing and delivering training curricula in collaboration with relevant educational institutions, industry bodies, or skill development agencies;

(c)   Providing paid time off or financial support for employees to participate in training programs;

(d)   Establishing mechanisms for assessing and certifying the acquisition of new skills.

 

(iv)  Clear criteria and processes for redeployment, including:

(a)   Identifying suitable alternative roles within the organisation;

(b)   Providing necessary training and support for employees to transition to new roles;

(c)   Ensuring that redeployed employees retain their seniority, benefits, and other entitlements to the extent possible.

 

(v)   Measures to support employees who may not be able to be retrained or redeployed, such as:

(a)   Offering voluntary separation or early retirement schemes with adequate compensation and benefits;

(b)   Providing outplacement services, job search assistance, or entrepreneurship support;

(c)   Collaborating with other employers, industry bodies, or government agencies to facilitate alternative employment opportunities.

(3)   Data fiduciaries or third-party institutions actively involved in the development, application, or research of high-risk AI systems may contribute to the development of a skilled workforce capable of designing, developing, deploying, and working alongside such systems. This shall include:

 

(i)    Conducting skill gap analyses to identify the knowledge, skills, and competencies required for various roles in the AI ecosystem.

(ii)   Developing and delivering training programs, either independently or in collaboration with educational institutions, industry bodies, or skill development agencies, to impart the necessary skills and knowledge to their workforce.

(iii)  Providing opportunities for employees to gain practical experience in working with high-risk AI systems through internships, apprenticeships, or on-the-job training.

(iv)  Encouraging employees to pursue continuous learning and skill development, and providing the necessary resources and support for them to do so, such as:

(a)   Sponsoring employees to attend conferences, workshops, or training programs;

(b)   Providing access to online learning platforms, educational materials, or research publications;

(c)   Offering incentives or rewards for employees who acquire new skills or certifications relevant to their roles.

 

(v)   Collaborating with educational institutions to develop and deliver specialized courses, degree programs, or certification schemes related to AI, with a focus on the ethical, legal, and social implications of high-risk AI systems.

(vi)  Participating in industry-wide initiatives, such as skill standardisation, curriculum development, or the creation of skill assessment and certification frameworks, to ensure a consistent and high-quality approach to AI skill development across the sector.

 

(4)   The obligations under sub-sections (2), (3), and (4) of this Section shall apply to data fiduciaries employing high-risk AI systems, provided they are:

(i)    Classified as Systemically Significant Digital Enterprises (SSDEs) under Chapter II of the Digital Competition Act, 2024[1], particularly:

(a)   Based on the quantitative and qualitative criteria specified in Section 5; or

(b)   Designated as SSDEs by the Competition Commission of India under Section 6, due to their significant presence in the relevant core digital service.

(ii)   Notified as Significant Data Fiduciaries under sub-section (1) of Section 10 of the Digital Personal Data Protection Act, 2023, based on factors such as:

(a)   The volume and sensitivity of personal data processed;

(b)   The risk to the rights of data principals;

(c)   The potential impact on the sovereignty, integrity, and security of India.

 

(5)   The IAIC shall encourage the development of skills related to open source software development and collaboration in the AI workforce through training programs, certifications, and other initiatives.


 

Section 25 - Insurance Policy for AI Technologies

 

(1)   Developers, owners, and operators of high-risk AI systems, as classified under sub-section (4) of Section 7, shall be required to obtain and maintain comprehensive liability insurance coverage to manage and mitigate potential risks associated with the development, deployment, and operation of such systems.

 

(2)   The insurance coverage requirements for high-risk AI systems shall be proportionate to their risk level and potential impacts, as determined by:

(i)    Their conceptual classification based on sub-sections (3), and (4) of Section 4;

(ii)   Their technical characteristics evaluated as per the criteria under sub-section (4) of Section 5  for Specific Purpose AI (SPAI) systems;

(iii) Their commercial risk factors such as user base, market influence, data integration, and revenue generation specified under Section 6;

 

(3)   The minimum insurance coverage required for high-risk AI systems shall be:

(i)    For systems with potential widespread impact or lack of opt-out feasibility under Section 7(4)(a): INR 50 crores;

(ii)   For systems with vulnerability factors or irreversible consequences under Section 7(4)(b): INR 25 crores;

(iii) For other high-risk AI systems under Section 7(4): INR 10 crores.

 

(4)   The Insurance Regulatory and Development Authority of India (IRDAI) shall, in consultation with the IAIC and relevant stakeholders, specify the minimum insurance coverage standards for high-risk AI systems, which may include:

(i)    Professional indemnity insurance to cover incidents involving inaccurate, inappropriate, or defamatory AI-generated content;

(ii)   Cyber risk insurance to cover incidents related to data breaches, network security failures, or other cyber incidents;

(iii) General commercial liability insurance to cover incidents causing third-party injury, damage, or other legally liable scenarios.

 

(5)   For general purpose AI systems classified under sub-sections (2), and (3) of Section 5, the IAIC, in coordination with IRDAI, shall examine and determine appropriate insurance requirements, considering factors such as:

(i)    The scale and inherent purpose of the general purpose AI system;

(ii)   The potential risks and impacts associated with its multiple use cases across different sectors and domains;

(iii) The technical features and limitations that may affect its safety, security, and reliability;

(iv)  The commercial factors such as user base, market influence, and revenue generation.

 

(6)   Based on the examination under sub-section (5), the IAIC may recommend to IRDAI the development of specialized insurance products or coverage requirements for general purpose AI systems, which may include:

(i)    Umbrella liability insurance to cover a wide range of risks and liabilities arising from the diverse applications of the AI system;

(ii)   Parametric insurance based on predefined triggers or performance metrics to address the unique challenges in assessing and quantifying risks associated with general purpose AI;

(iii) Risk pooling or reinsurance arrangements to spread the risks among multiple insurers or stakeholders.

 

(7)   The IAIC and IRDAI shall collaborate to establish guidelines and best practices for underwriting, risk assessment, and claims handling related to general purpose AI systems, taking into account their distinct characteristics and potential impacts.

(8)   Developers, owners, and operators of general purpose AI systems shall be encouraged to maintain adequate insurance coverage based on the recommendations and guidelines issued by the IAIC and IRDAI under sub-sections (6) and (7).

(9)   Insurance providers offering AI-specific policies for high-risk systems must have adequate expertise, resources, and reinsurance arrangements to effectively assess risks, price premiums, and settle claims related to AI technologies.

(10)Developers, owners, and operators of high-risk AI systems shall submit proof of adequate insurance coverage to the IAIC as part of the registration and certification process outlined in Section 11.

 

(11)Failure to obtain and maintain the required insurance coverage for high-risk AI systems shall be treated as a breach of compliance under Section 19, and the IAIC may take appropriate enforcement actions, including:

(i)    Issuing warnings and imposing penalties;

(ii)   Suspending or revoking the system’s certification;

(iii) Prohibiting the deployment or operation of the AI system until compliance is achieved.

 

(12)The obligations under sub-sections (2), (3), and (4) of this Section shall apply to data fiduciaries employing high-risk AI systems, provided they are:

(i)    Classified as Systemically Significant Digital Enterprises (SSDEs) under Chapter II of the Digital Competition Act, 2024, particularly:

(a)    Based on the quantitative and qualitative criteria specified in Section 5; or

(b)   Designated as SSDEs by the Competition Commission of India under Section 6, due to their significant presence in the relevant core digital service.

 

(ii)   Notified as Significant Data Fiduciaries under sub-section (1) of Section 10 of the Digital Personal Data Protection Act, 2023, based on factors such as:

(a)    The volume and sensitivity of personal data processed;

(b)   The risk to the rights of data principals;

(c)    The potential impact on the sovereignty, integrity, and security of India.

 

(13) For AI systems not classified as high-risk under sub-section (4) of Section 7, obtaining insurance coverage is recommended but not mandatory. The IAIC shall provide guidance on suitable insurance products and coverage levels based on the AI system’s risk profile and potential impacts;

 

(14)The Insurance Regulatory and Development Authority of India (IRDAI), in consultation with the IAIC and relevant stakeholders, shall develop guidelines and best practices for underwriting, risk assessment, and claims handling related to AI technologies. These guidelines shall address:

 

(i)    Assessment methods to evaluate the unique risks and potential impacts of AI systems, taking into account their risk classification and associated factors as outlined in this Act;

(ii)   Premium calculation models that consider the risk profile, scale of deployment, and potential consequences of AI systems;

(iii) Claims processing standards that ensure timely, fair, and transparent settlement of claims related to AI systems;

(iv)  Data sharing and reporting requirements between insurers and the IAIC to facilitate the monitoring and analysis of AI-related incidents and claims;

(v)   Capacity building and training programs for insurance professionals to enhance their understanding of AI technologies and their associated risks;

 


[1] It is assumed that the Draft Digital Competition Act, 2024 proposed to the Ministry of Corporate Affairs in March 2024 is in force.

bottom of page