Responsible AI
Not a compliance page. These are the practices that decide whether a model should be deployed at all, and we apply them to our own work before anyone asks.
Accuracy is not the only number that matters
If a system decides who receives a loan, a diagnosis, an interview, or a benefit, then the interesting question is not how often it is right. It is who it is wrong about, and what happens to them next.
A model at 94 percent accuracy that fails almost exclusively on one group is not a good model. It is a discriminatory one with a flattering average. The average is doing the concealing, and the reason it works as concealment is that most reporting stops there.
What follows is what we actually do. It is more work, it lengthens engagements, and it occasionally concludes that a system should not be built. We think that is the point.
Subgroup evaluation
A single accuracy figure hides who the model fails. We evaluate performance across the groups a decision affects, and report the worst performing slice rather than the average.
- Performance disaggregated by relevant subgroup
- Worst case slice reported alongside the headline metric
- Base rates examined before fairness is claimed
- Disparities documented even when we cannot fix them
Human oversight by design
For any decision that materially affects a person, a human must be able to understand, question, and overturn the model. That route is designed before deployment, not improvised after an incident.
- A defined reviewer for consequential decisions
- Explanations sufficient for a reviewer to disagree
- Appeal path documented and reachable
- Override logging, so overrides can be studied
Model cards and documentation
Every model we deliver ships with a card recording its task, training data, metrics with intervals, known limitations, and the conditions under which it should not be used.
- Intended use, and explicit out of scope uses
- Training data provenance and known gaps
- Metrics with confidence intervals
- Known failure modes, written by us, not discovered by you
Monitoring and decay
Models degrade as the world moves. Drift monitoring, alert thresholds, and a retraining plan ship with the model, and we will recommend retirement when the evidence supports it.
- Input and prediction drift detection
- Alert thresholds agreed with you, not defaults
- Scheduled revalidation on fresh data
- A written kill criterion from the outset
Data protection by default
Personal data is minimised, access is scoped, and training data is handled under the Digital Personal Data Protection Act 2023. We do not train on one client's data for another.
- Data minimisation before collection
- Purpose limitation written into the contract
- No cross client training, ever
- Deletion on request, and on engagement end
Independent assurance
We evaluate models we did not build, including for clients who are checking a vendor. It is the engagement we are proudest to be asked for.
- Reproduction of the vendor's claimed metrics
- Evaluation on data the vendor never saw
- Leakage and contamination checks
- A written opinion, including when it is unfavourable
Where Indian law currently stands
India has no comprehensive statute governing artificial intelligence in the way the European Union's AI Act does. What binds you today is the Digital Personal Data Protection Act 2023, the Information Technology Act 2000, and the sectoral rules of regulators such as the Reserve Bank of India for lending and the Insurance Regulatory and Development Authority for underwriting.
That absence is not permission. A model that makes credit decisions is already subject to fair lending expectations, and one that processes personal data is already subject to purpose limitation and the rights of the data principal.
This is a description of the landscape as we understand it, not legal advice. Regulation is moving. Take advice from a lawyer before relying on any of it.
Before a consequential model deploys
Systems we decline to build
Emotion recognition for hiring or policing. Predictive policing of individuals. Social scoring. Biometric surveillance of the general public. Any consequential decision about a person with no route to human review.
These are not declined because they are technically hard. Several are straightforward. They are declined because the harm when they fail lands on someone who never agreed to the experiment, and because the evidence that they work is, on examination, usually absent.
Ask us about a systemSend us your data problem. We will tell you whether it is one.
A working data scientist reads every enquiry. You will get an honest read on whether your data can support the model you have in mind, before anyone quotes you a number.