AI candidate screening is becoming common in recruitment. HR teams are using AI tools to scan resumes, match skills, rank candidates, write job descriptions, generate interview questions, and reduce manual hiring effort.
But one question is becoming more important for Indian employers:
Is AI candidate screening legal in India?
The practical answer is: Yes, AI candidate screening can be legal in India, but only if it is used responsibly, transparently, fairly, and in compliance with data protection, employment, and anti-discrimination principles.
India does not currently have one single law that says “AI candidate screening is allowed” or “AI candidate screening is banned.” Instead, HR teams must look at a combination of legal and governance requirements, especially the Digital Personal Data Protection Act, 2023, the Digital Personal Data Protection Rules, 2025, constitutional equality principles, labour and employment laws, disability rights, transgender rights, privacy expectations, and emerging AI governance guidance. The DPDP Act was enacted in 2023, and the Government of India notified the DPDP Rules in November 2025, operationalising India’s personal data protection framework.
For HR professionals, the real issue is not whether AI can be used. The real issue is how AI is used.
What Is AI Candidate Screening?
AI candidate screening means using artificial intelligence tools to review, filter, compare, score, or shortlist job applicants.
AI screening tools may be used for:
• Resume parsing
• Skill matching
• Candidate ranking
• Keyword matching
• Experience analysis
• Certification checks
• Assessment scoring
• Interview scheduling
• Candidate communication
• Background verification support
• Video interview analysis
• Job description matching
• Internal talent matching
For example, an AI tool may review 1,000 resumes and identify the top 100 candidates based on required skills, experience, location, salary expectations, and certifications.
This can save time. But it can also create legal and ethical risk if the system unfairly rejects candidates, processes personal data without proper notice, or uses biased criteria.
Is AI Candidate Screening Legal in India?
The Simple Answer
AI candidate screening is generally not prohibited in India.
However, HR teams must ensure that AI screening does not violate:
• Data protection requirements
• Privacy rights
• Anti-discrimination principles
• Employment law obligations
• Disability and accessibility protections
• Candidate consent or notice requirements
• Fairness and transparency expectations
• Vendor due diligence requirements
India’s current approach is not a standalone AI hiring law. India’s AI governance direction has been developing through advisories, committee reports, data protection rules, and broader digital regulation. A 2025 India AI Governance Guidelines report noted India’s goal of encouraging AI innovation while addressing risks to individuals and society.
So, HR teams should not ask only, “Can we use AI?”
They should ask, “Can we prove that our AI hiring process is lawful, fair, secure, explainable, and human-supervised?”
Why AI Candidate Screening Is a Legal Risk Area
Recruitment is not like marketing automation or internal note-taking. Hiring decisions affect a person’s career, income, dignity, and access to opportunity.
AI screening becomes risky when it:
• Rejects candidates automatically
• Uses biased historical hiring data
• Scores candidates based on unclear logic
• Penalizes career gaps unfairly
• Disadvantages women returning from maternity breaks
• Filters out candidates with disabilities
• Overvalues certain colleges or companies
• Ignores transferable skills
• Uses language, location, age, gender, caste, religion, or other sensitive proxies
• Processes candidate data without proper notice
• Shares candidate data with vendors without due diligence
• Provides no route for human review
This is why AI screening must be handled as a governance issue, not just an HR productivity tool.
The Main Indian Laws and Rules HR Teams Should Consider
- Digital Personal Data Protection Act, 2023 The DPDP Act regulates the processing of digital personal data in India. Candidate resumes, phone numbers, emails, assessment scores, interview notes, employment history, salary details, and identity documents can all qualify as personal data when processed digitally. The Act allows personal data to be processed only for a lawful purpose and in accordance with the Act. The official text describes the law as a framework that recognises both the right of individuals to protect personal data and the need to process personal data for lawful purposes. For HR teams, this means AI screening must have a valid purpose, such as recruitment, assessment, interview management, or employment-related evaluation.
- Digital Personal Data Protection Rules, 2025 The DPDP Rules, 2025 operationalise the Act. The Government of India notified these rules in November 2025, marking a major step in India’s privacy compliance regime. These rules matter for HR because recruitment involves collection, processing, storage, sharing, and deletion of candidate data. Key HR implications include: • Clear notice to candidates • Defined purpose of data processing • Security safeguards • Breach response processes • Candidate rights management • Data retention and deletion practices • Vendor and processor controls EY’s summary of the DPDP Rules notes that organisations must use plain, itemised notices explaining what personal data is collected, why it is collected, and how individuals can exercise rights or raise complaints. It also notes breach notification expectations and purpose-specific retention requirements.
Top comments (0)