Monday, March 12, 2012

Legal Risks Of Cloud Computing In India

Cloud computing is the buzz word these days in India. Cloud computing has many advantages over maintaining your own data centers and storage spaces. However, if the data is not of great quantity, cloud computing is not a viable option at all.

The data generated on Internet and computing world is tremendous in volume. The processing and management may be a costly affair at an organisational level. This is the reason why individuals and organisations prefer to use cloud computing services to reduce their costs and improve their efficiencies.

The benefits of cloud computing are correlated with the drawbacks associated with the same. For instance, cloud computing is a potential landmine for privacy violations. Similarly, cloud computing may also be responsible for data theft, data breaches, confidentiality breach, etc.

Obviously cloud computing without legal framework and procedural safeguards should not be adopted at all. This is exactly the problem of cloud computing in India. We have no dedicated cloud computing laws in India and cloud computing regulations in India. Despite may protests the legal framework for cloud computing in India is still missing.

Further, we have no dedicated privacy law or data protection law in India as well. Handing over of personal, secret and confidential information to law enforcement agencies of India without any judicial order is also possible as Indian laws does not requires a court warrant to be the prerequisite before such data and information can be parted away by an Internet intermediary or Internet service provider.

According to a recent research analysis by Perry4Law and Perry4Law Techno Legal Base (PTLB), Indian chief information officers (CIOs) and chief executive officers (CEOs) are not comfortable using cloud computing in the present situations. Many other organisations have also endorsed this analysis of Perry4Law and PTLB. Now even Telecom Regulatory Authority of India (TRAI) has endorsed these research results of Perry4Law and PTLB.

TRAI has accepted the suggestions of Perry4Law on telecom policy of India 2012. TRAI has clearly maintained that there must be a balance between privacy protection and law enforcement requirements vis-à-vis cloud computing usage in India.

So for all practical purposes, use of cloud computing in India is risky. India is still not ready for cloud computing and India should not use software as a service (SaaS) or cloud computing till suitable legal frameworks and procedural safeguards are at place.