“Privacy Cannot Be Compromised”: Sr. Adv. Vivek Sood on AI, Cybercrime and Rule of Law

At the India AI Impact Summit 2026, Senior Advocate Vivek Sood offered a nuanced legal perspective on the growing threat of AI-enabled cybercrime, cautioning that while artificial intelligence can strengthen law enforcement, it must operate within constitutional boundaries and respect individual rights.

Responding to questions on whether AI could help “hunt” fraudsters and counter deepfakes, dark web threats, and data breaches, Sood reframed the discussion from the standpoint of a defence counsel. With over three decades at the Bar, he clarified that he does not function as an investigator but often represents “the accused, the condemned man,” invoking the principles of presumption of innocence and proof beyond reasonable doubt.

He stressed that any future-ready legal framework must begin with privacy. Calling it a fundamental right flowing from Article 21 and recognized in the landmark Puttaswamy judgment, Sood stated unequivocally that “privacy cannot be compromised.” At the same time, he acknowledged that crime prevention and investigation constitute recognized exceptions to this right. The challenge, therefore, lies in maintaining equilibrium: enabling technological empowerment of law enforcement without eroding civil liberties.

Sood emphasized that prevention is preferable to post-crime prosecution. Given the scale of cyber frauds, particularly low-value financial scams, he noted the practical limitations of the criminal justice system. Many victims approach lawyers for frauds involving relatively modest sums, only to confront the harsh reality that investigation and recovery may not be economically viable. This, he suggested, strengthens the case for AI-assisted preventive frameworks capable of detecting patterns and flagging suspicious activity before harm occurs.

From a victim’s perspective, he identified two core objectives: restitution and prosecution. Victims want their money back, and they want the offender punished. Effective prosecution, he said, is where law enforcement must step in, supported by technological tools. However, he warned that AI itself is “a double-edged weapon.” It can serve both as a tool for cybercrime and as a countermeasure against it. The law must therefore evolve to address misuse without stifling legitimate innovation.

One of the central concerns he highlighted was attribution. In traditional crimes, identifying perpetrators in the physical world is relatively straightforward. In the digital ecosystem, layered service providers and anonymization technologies make it “very, very difficult to pinpoint the originator of a particular fraud.” 

Legally, however, Sood was clear that liability mechanisms already exist. Referring to the doctrine of criminal conspiracy embedded in the Indian Penal Code since 1860, he noted that an explicit agreement among all conspirators need not always be proved. Actions indicating coordinated intent can suffice. The law, he said, is not weak; it has historically adapted to criminal innovation.

The real hurdle lies in identifying and attributing digital conduct to specific individuals. AI-driven mechanisms, drones, or automated systems may execute crimes with minimal human traceability. In such cases, attribution becomes more complex than in the physical world. Jurisdictional hurdles, cross-border evidence collection, and sovereignty concerns further complicate prosecution, especially where offenders operate through VPNs or foreign territories.

On cross-border cybercrime, Sood acknowledged the limitations of extradition and international cooperation. While mechanisms like mutual legal assistance treaties and Interpol exist, they are often slow and insufficient to address the scale of contemporary digital crime. The publicized extradition cases, he observed, represent only “the tip of the iceberg.” Many offenders defrauding private individuals remain beyond effective reach.

Despite these systemic constraints, he maintained that financial tracing remains one of the most effective investigative tools. The “money trail” has emerged as a critical method for tracking laundering and cyber fraud networks. As criminal methods evolve, so too must investigative strategies.

In his concluding remarks, Sood articulated three guiding principles for a secure digital India. First, the need for a deterrent legal framework to check cybercriminality. Second, the aspiration that no crime should go unpunished. And third, a caution against obsessive prosecution. The rights of the innocent accused must be protected, and the criminal justice system cannot become a “one-way street.”

In an era where AI accelerates both opportunity and risk, Sood’s intervention serves as a reminder that technological advancement must remain anchored in constitutional morality, procedural fairness, and the rule of law.

Event: India AI Impact Summit 2026

Date: February 17, 2026