Sunday, March 27, 2011

Data Protection Laws In India

Data protection is a very important aspect of civil liberties like privacy rights and is of great commercial value. Data protection is required as it preserves the privacy of the individuals and organisations whose data has been taken.

Similarly, certain data has tremendous commercial value and its leakage may adversely affect the business profits of organisations. For instance, take the example of the business process outsourcing industry that relies heavily upon data protection requirements. If crucial data like credit cards details is not protected by any law, the same would give rise to many sorts of crimes.

Data protection and privacy rights are becoming important day by day in India. India does not have any specific and dedicated data protection and privacy laws in India. As a matter of fact, privacy laws in India are missing.

On the contrary India is sternly committed to e-surveillance and other forms of privacy violation activities. Ironically, we do not have a lawful interception law in India and phone tapping and e-surveillance are committed in an unconstitutional manner in India.

This indifference of Indian government towards privacy laws, data security laws and data protection laws is also becoming a headache for government itself. Controversial issues like illegal phone tapping, imposition of Aadhar project, launch of projects like national intelligence grid (Natgrid) and crime and criminal tracking network and systems (CCTNS) without any procedural safeguards, etc requires not only enactment of a dedicated and constitutionally sound privacy law but also putting in place sufficient data protection mechanisms.

With issues like cloud computing and m-governance the things have become even more complicated. The real problem is that India does not have any dedicated Privacy Law, Data Protection Law and Legal Enablement of M-Governance in India informs Praveen Dalal, a Supreme Court Lawyer and leading Techno Legal expert of India.

With the proposed use of Cloud Computing, Software as a Service (SaaS) and M-Governance by Indian Government, more “Privacy Violations”, “Cyber Security” and many more “Regulatory Issues” would arise in future. These “Initiatives” cannot succeed in India in the absence of adequate and strong Laws in this regard, informs Dalal.

With the proposed Draft Electronic Delivery of Services Bill 2011 (EDS Bill 2011) things would even become more complicated. When most of the public services would be delivered through Mandatory E-Governance Model, a very strong Data Protection Regime and Privacy Protection Regulatory Framework would be required, opines Dalal.

Till now India has not paid any attention to data protection, data security and privacy laws. This is a bad policy decision that would hamper not only the present but also the future projects of Indian government as well.