Overview
India’s law enforcement and internal security agencies are increasingly integrating AI into their daily operations, moving beyond initial pilot projects and experiments. This change is especially clear in areas like responding to cybercrime, finding financial fraud, and extensive surveillance. AI is not only improving existing systems in these areas, but it is also starting to have a big effect on how decisions are made. The idea of smart policing is changing to one that is based more on evidence, where algorithms are a big part of how the government and police work.
Parliamentary Committee on the Ministry of Home Affairs has pointed out substantial growth in AI applications within internal security and police functions. AI is now moving from a secondary or experimental position to a foundational role in operational frameworks for law enforcement and cyber governance procedures, with conscious effort to rely on it for security purposes.
Presently, AI is used to support many functions globally in managing cybercrime complaints, identifying fraudulent accounts (aka mule accounts), and monitoring illegal activity on the dark web. Countries like China and the United States have started using predictive policing and real-time facial recognition techniques as a form of monitoring anomalies and real-time predictive profiling. In India, the government has started automating the censorship process through systems such as Surakshini.
This shows an increase in overall AI use for surveillance and intelligence-related functions, indicating that policing will continue to move toward proactive, data-driven models, designed to generate information that enables law enforcement officials to anticipate and prevent threats rather than reactively respond. This shift in policing reflects the larger changes in how law enforcement approaches internal security.
As these systems move from assistance to authority, the main question is no longer whether AI can support policing, but how far it should be allowed to shape it without clear legal and ethical limits from India’s context.
Introduction: From “Smart Policing” to Algorithmic Governance
Throughout the world, many new technologies, such as predictive policing, facial recognition, and AI surveillance, are being promoted as solutions to police units that are understaffed and overworked (Herke Csongor and Dávid Tóth., 2024). These applications help police to handle large data sets, predict and find patterns of crimes (Raji and Sholademi.,2024). However, putting these systems into use has turned out to be more difficult than first thought.
In India, the conversation about how and where to use these new technologies alongside older ones like CCTNS (Crime and Criminal Tracking Network & Systems) and smart policing projects in cities is starting to take shape. The March 2026 India’s Parliamentary Committee report describes AI as a “critical enabler” for internal security (Anand, 2026). It outlines a growing ecosystem that includes complaint triaging, dark-web intelligence, financial fraud analytics, and automated content moderation, with the Indian Cyber Crime Coordination Centre (I4C) at its centre.
In the United States, predictive policing tools such as PredPol and other algorithmic risk models have been widely used in cities like Los Angeles and Chicago, often to allocate patrols based on historical crime data (National Institute of Justice, 2022). However, studies and civil rights assessments have raised concerns that these systems tend to reinforce existing patterns of racialized policing, particularly in African American and Latino neighbourhoods, by feeding biased arrest and reporting data into future predictions (O’donnell, 2019). Similar concerns have been documented in policy reviews highlighting how “data-driven policing” can reproduce rather than reduce structural inequalities (Bozkır et al., 2025).
In China, AI-enabled surveillance has been integrated into a far more expansive security architecture, combining real-time facial recognition, biometric databases, and predictive analytics as part of a broader “public security” strategy (Yan et al., 2026). Research shows that these systems are deeply embedded in everyday life, from transport hubs to residential surveillance networks, enabling continuous tracking and risk-based classification of individuals (Leibold, 2019). Reports from Xinjiang further suggest that intensive surveillance infrastructures have altered everyday behavioural patterns, where individuals increasingly adapt movements, interactions, and expressions in anticipation of possible monitoring rather than direct intervention.
Investigative reports revealed that a Chinese surveillance company had tracked the movements of at least 2.5 million residents in Xinjiang through extensive monitoring systems and large-scale location data collection, illustrating the unprecedented scale of AI-enabled surveillance infrastructures in the region (Kuo, 2019).
In the United Kingdom, police forces have increasingly adopted live facial recognition in public spaces, including at major events and transport hubs (Lang, 2026). While authorities frame it as a tool for improving the detection of serious offenders, independent reports and investigations have highlighted high false-positive rates and documented concerns about disproportionate impacts on minority groups, particularly Black and Asian individuals. Critics have also pointed to the rapid scaling of trials into routine deployment without a clear statutory framework governing its use.
Across these contexts, the common thread is not just technological adoption, but the normalisation of AI systems in core policing functions, often ahead of strong legal safeguards, transparency requirements, or independent oversight mechanisms. This reflects a broader psychological shift associated with surveillance environments: people often begin regulating behaviour not because they have been punished, but because they assume they may be visible or identifiable at any moment. Such developments suggest that AI policing is not only transforming institutional practices but also reshaping how individuals experience and navigate social space.
This commentary builds on how AI is currently being used in policing, assesses its place within India’s evolving data protection framework, and identifies the key governance and accountability gaps that remain.
Mapping Current AI Use in Indian Policing
Delhi Police’s Crime Mapping, Analytics and Predictive System (CMAPS) uses crime and complaint data to map hotspots and guide deployments, reflecting a shift toward anticipatory policing (Marda & Narayan, 2020). However, these systems rely on biased datasets that mirror past policing rather than actual crime rates. Over-surveilled, often marginalised areas generate more records, creating feedback loops that repeatedly label them “high-risk” and reinforce uneven enforcement (Lum & Isaac, 2016).
When combined with discretionary powers like Section 151 CrPC, predictive outputs can indirectly justify increased patrols, surveillance, or preventive detentions, even without a specific offence. This shifts policing from responding to crime to acting on anticipated risk, raising concerns about bias and overreach; some researchers argue such tools should be limited to broader spatial forecasting rather than individual risk assessment (Bluearrow, 2025).
Facial Recognition and City-Scale Surveillance
Several Indian cities are deploying AI-powered facial recognition integrated with CCTV networks and centralised command centres. Hyderabad is a key example, where extensive camera grids enable real-time tracking across public spaces (Jain, 2022). This creates a networked surveillance environment in which everyday movement becomes continuously visible and traceable.
The shift is from passive monitoring to persistent biometric identification, turning routine activity into searchable data. Legal challenges in Telangana highlight a regulatory vacuum—unclear rules on data retention, accuracy, and use, raising concerns under the privacy principles of Justice K.S. Puttaswamy v. Union of India (Parsheera, 2019). Meanwhile, the Ministry of Home Affairs has acknowledged expanding use of such technologies, suggesting a growing surveillance system shaped more by executive practice than clear legislation.
Cybercrime Interventions and Dark-Web Monitoring
The Indian Cyber Crime Coordination Centre (I4C) acts as a central analytics hub in India’s AI-driven cyber policing. Its data lab uses machine learning to sort and prioritise complaints, shifting decision-making from individual officers to algorithmic classification. Proposed AI-assisted intake for the 1930 helpline and tools developed with IIT Bombay and Reserve Bank Innovation Hub further automate case filtering and introduce “suspect scores” for mule accounts.
Beyond intake, AI systems scan dark web activity, detect phishing networks, and analyse financial transactions. Tools like MuleHunter.AI enable anticipatory enforcement by identifying risky patterns before complaints arise (Das, 2024). While this improves speed and coordination, it raises concerns about data-driven suspicion, where accounts may be flagged based on probability rather than direct evidence.
The Psychology Behind AI-Mediated Surveillance
Beyond questions of legality or institutional design, AI-driven policing also reshapes behaviour at a subtler psychological level by altering how people perceive risk, observe, and experience social space. Behavioural psychology, particularly John B. Watson’s behaviourism (1913), has long established that human action is not driven only by internal states or actual reinforcement, but by observable stimuli and learned responses shaped through environmental cues, where behaviour is conditioned by associations between stimuli and consequences.
Classic social facilitation theory (Zajonc, 1965) suggests that the mere presence of others or the perception of being observed increases physiological arousal, which enhances performance on simple tasks but can lead to over-cautious or inhibited behaviour in complex or unfamiliar situations. In contemporary surveillance environments, especially those enabled by AI, this translates into a quieter but more pervasive shift: people begin to self-regulate not because they have been sanctioned, but because they assume they could be identified at any time.
This effect becomes particularly visible in environments saturated with facial recognition cameras and continuous CCTV monitoring. For instance, in cities where facial recognition has been integrated into public surveillance systems, such as parts of London during live trials or Hyderabad’s expanding command-and-control surveillance infrastructure, public behaviour often adapts in predictable ways along with creating other problems (Bradford et al., 2020).
Deterrence theory (Becker, 1968) argues that individuals adjust behaviour based on perceived certainty of detection, which increases avoidance in surveilled environments. Even without confirmed identification events, the possibility of algorithmic detection becomes enough to alter spatial behaviour. This aligns with surveillance theory often described through the “Panopticon effect,” where the uncertainty of observation produces self-discipline as a default behavioural state.
A related psychological mechanism is the “chilling effect,” which has been empirically documented in digital environments (Büchi et al., 2022). Following large-scale surveillance disclosures, studies have shown that users not only adopt privacy-protective behaviours but also reduce engagement with politically sensitive content. Empirical analyses of Wikipedia’s traffic, saw a significant decline in visits to security-and terrorism-related pages after the Snowden revelations, indicating a measurable chilling effect of perceived surveillance on information-seeking behaviour (Penney, 2016).
Another important layer comes from deterrence research, which consistently finds that the perceived certainty of detection, rather than the severity of punishment plays the most significant role in shaping behaviour (Becker, 1968; Nagin, 2013). Surveillance technologies such as CCTV similarly show that their primary effect lies not in increased arrests but in heightened perceptions of being watched, which alter behaviour even when active enforcement is limited. In AI-enabled policing environments, this effect is amplified through predictive systems that designate “high-risk” zones or individuals, signalling continuous monitoring.
Research on data-driven policing further suggests that such systems disproportionately shape behaviour in already over-policed communities, where heightened surveillance encourages avoidance, caution, and anticipatory self-regulation (Brayne, 2017).
Over time, these mechanisms produce what can be described as internalised surveillance. Individuals begin to anticipate how their movements, associations, or digital traces might be interpreted by algorithmic systems. In practice, this means avoiding certain high-risk neighbourhoods, moderating online speech out of fear of automated flagging, or changing routines in response to visible surveillance infrastructure. Importantly, this behavioural adaptation is not evenly distributed, it is often stronger among communities that are already over-surveilled or historically subject to policing bias, thereby reinforcing existing social inequalities in subtle but persistent ways.
Taken together, AI-mediated surveillance does not only expand the reach of policing institutions; it also reshapes the behavioural landscape in which individuals operate and extend into everyday expression, particularly in how individuals speak, associate, and participate in public discourse. Control becomes less about direct intervention and more about producing a constant background awareness of being potentially visible, identifiable, and classifiable at any moment.
Policy Landscape: IT Act, DPDP Act, and the AI Gap
India’s legal architecture for digital policing remains anchored in the Information Technology Act, 2000, a statute designed for an earlier phase of the internet but still widely used to justify contemporary surveillance practices. Provisions such as Section 69 and the accompanying interception and blocking rules grant the state broad powers to monitor, intercept, and restrict digital communications on grounds of national security and public order.
Courts have, at various points, attempted to read procedural safeguards into these powers most notably in Shreya Singhal v. Union of India, which struck down Section 66A and emphasised limits on online speech restrictions but the overall structure remains executive-heavy and opaque. In practice, these powers operate through confidential orders and administrative processes, with limited transparency and judicial oversight, creating a legal environment in which large-scale data collection and monitoring can occur without clear, publicly articulated standards.
The Digital Personal Data Protection (DPDP) Act, 2023, appears, at first glance, to shift this framework toward a more rights-based model, introducing principles such as consent, purpose limitation, and data minimisation. However, its broad exemptions for state functions particularly those related to national security, public order, and crime prevention significantly dilute its applicability to policing and surveillance. Legal scholarship has pointed out that these carve-outs effectively place AI-driven law enforcement systems such as predictive policing tools, facial recognition databases, and automated risk-scoring mechanisms outside the core protections of the Act.
Unlike frameworks such as the EU’s GDPR (General Data Protection Regulation), the DPDP Act does not explicitly regulate automated decision-making, profiling, or high-risk AI systems, nor does it establish robust rights to explanation or meaningful avenues to challenge algorithmic outcomes (IISPPR, 2025). This creates a structural asymmetry: while private actors are subject to increasing compliance obligations, state surveillance systems operate within a relatively permissive and under-specified legal space.
This gap becomes particularly significant when read alongside the constitutional privacy framework established in K.S. Puttaswamy v. Union of India, which requires that any infringement of privacy meet tests of legality, necessity, and proportionality. In the absence of a dedicated statutory framework governing AI in policing, many current deployments struggle to clearly satisfy these criteria. For instance, the lack of purpose limitation and defined retention periods in facial recognition systems raises questions about proportionality, while the opacity of algorithmic models used in predictive policing complicates any meaningful assessment of necessity.
Furthermore, studies on automated decision-making in public sector contexts further highlight the risks of “black-box governance,” where individuals may be subject to adverse decisions such as increased surveillance or suspicion without access to the logic underlying those determinations (Murodova, 2025). This is particularly problematic in policing, where such decisions can have immediate liberty implications.
Conclusion
Overall, the integration of AI into policing marks a structural shift in how internal security is conceptualised and operationalised in India, moving from reactive enforcement toward predictive, continuous, and data-driven forms of governance. While these systems are often justified in terms of efficiency, speed, and improved coordination across agencies, their deeper implication lies in the reconfiguration of discretion itself, where decisions about suspicion, risk, and intervention are increasingly shaped by algorithmic processes that remain largely opaque to both the public and, in many cases, frontline officers.
This expansion, however, is occurring within a legal and institutional framework that is still evolving and, in several respects, underdeveloped. Existing safeguards under the IT Act and the DPDP Act provide only partial and uneven coverage, particularly given broad state exemptions and the absence of specific regulation for automated decision-making in law enforcement contexts. As a result, critical questions around transparency, auditability, and accountability remain unresolved, even as AI systems are being embedded into core policing functions such as surveillance, predictive mapping, and cybercrime enforcement.
In practice, the regulation of AI in policing is unfolding less through legislation and more through executive action via pilot projects, inter-agency collaborations, and institutional partnerships with technical bodies like IITs and public-sector innovation hubs. This results in a fragmented governance landscape, where different agencies develop and deploy AI systems with varying standards, limited interoperability, and minimal external scrutiny. The proposed Digital India Act has been floated as a potential site for addressing these gaps, including through provisions on emerging technologies and regulatory sandboxes.
At a constitutional level, this raises important concerns in relation to established principles of necessity, proportionality, and procedural fairness. When algorithmic systems begin to influence who is flagged, monitored, or prioritised for intervention, the threshold for suspicion itself becomes more fluid and less visible, potentially shifting policing away from individualised assessment toward probabilistic categorisation.
In this context, the challenge is not simply technological adoption, but institutional adaptation. Ensuring that AI-driven policing does not dilute due process or amplify existing inequalities will require stronger statutory clarity, independent oversight mechanisms, and meaningful transparency in how these systems are designed and deployed.
India’s AI policing ecosystem remains characterised by a mismatch between rapidly expanding technological capacity and a legal regime that is still catching up, leaving critical questions of accountability, oversight, and rights protection unresolved. Without any safeguards, there is a real risk that predictive and surveillance capabilities will expand faster than the democratic and legal frameworks intended to govern them, normalising algorithmic decision-making as an unquestioned feature of state power.
Tanvi is a criminologist with a BA in Psychology (Hons) from Delhi University and an MA in Criminology, specialising in Forensic Psychology from National Forensic Sciences University, MHA. She has worked on research and policy-focused projects during her internships with the National Commission for Women and the Ministry of Information and Broadcasting, exploring issues at the intersection of gender, crime, and justice. Beyond her academic and professional work, Tanvi is a trained musician, holding a Prabhakar degree in Music, and a passionate cinephile with a love for storytelling in all its forms. She finds inspiration in films, music, and art, using each as a way to explore and better understand people and the world around her.
