Active Stocks
Thu Mar 28 2024 15:59:33
  1. Tata Steel share price
  2. 155.90 2.00%
  1. ICICI Bank share price
  2. 1,095.75 1.08%
  1. HDFC Bank share price
  2. 1,448.20 0.52%
  1. ITC share price
  2. 428.55 0.13%
  1. Power Grid Corporation Of India share price
  2. 277.05 2.21%
Business News/ Industry / Stringent data protection law to help maintain lead in IT sector
BackBack

Stringent data protection law to help maintain lead in IT sector

Stringent data protection law to help maintain lead in IT sector

Premium


India is the hub of global information technology (IT) outsourcing. The IT and IT-enabled services (ITeS) sector has witnessed phenomenal compounded annual growth of around 30% during the last few years, growing to a revenue of $52 billion (about Rs2.54 trillion) in 2007-08. Even this year, after the global financial meltdown, the industry’s revenue is expected to grow by 18-20% compared with the previous year. It provides direct employment to two million professionals, and indirect employment to four times that number.

For India to maintain its leadership in this field, and to further expand it, certain enablers are necessary—in fact their need has been felt by the industry for quite some time. Most notable among them is the requirement to strengthen the data protection regime so as to make global data flows to India more trustworthy.

Industry gave its inputs to the government on amendments to the Information Technology (IT) Act, 2000, with the objective of addressing its concerns on data protection, and for creating a more predictive legal environment for the growth of e-commerce and e-governance that includes electronic signatures, data leakage and cyber crime, among others.

The IT Act, 2000, created a basic legal framework for e-commerce through acceptance of electronic documents and digital signatures as evidence in a court of law; promoted e-commerce and e-governance as major applications through legal sanctity accorded to electronic records and digital signatures; acceptance of electronic documents by the government, and provided for dealing with offences in cyberspace in the form of hackers and other criminals trying to gain unauthorized access into databases and other business sites.

Also Read Kamlesh Bajaj’s earlier articles in the series

While the amendments to the Act were triggered by the arrest of Avnish Bajaj, CEO, Baazi.com (now part of eBay.com) for transmitting obscene images of schoolchildren, as an intermediary, industry’s concerns about data protection issues were given due consideration by the government.

Given the importance of outsourcing to India, data protection has become a pressing issue. Customers in the US, Europe, Australia and other countries require that the privacy of data is maintained in transborder data flows. In order to manage compliance in global space, adequate local laws will increase India’s ability to compete with emerging outsourcing destinations such as Vietnam and eastern Europe.

Critical support: A legal outsourcing firm in Bangalore. Any disruption in the information technology and outsourcing industry has the potential to affect milions of jobs across sectors. Hemant Mishra / Mint

Cyberspace legal issues include everything: e-commerce and e-governance applications, electronic signatures, data protection, encryption, protection of critical information infrastructure, cyber security and national security. A strong data protection regime requires addressing of all of these. The amended Act does precisely that. It has tried to respond in a way that enhances trustworthiness of the entire cyberspace.

The amendments to the IT Act broadly includes:

• New definitions of certain terms such as electronic signature, communication device, cyber café and cyber security, bringing more devices and services within the ambit of the Act.

• Role and responsibilities of intermediaries have been clearly defined; conditions under which they will be liable for third-party information are more explicit.

• Data protection strengthened through a new clause, 43A, that stipulates that service providers must protect personal information of clients while processing under a lawful contract, with scope for consultation with industry bodies for prescribing security standards.

• Penalty for breach of confidentiality under a new section, 72A.

• Cyber crimes, including cyber terrorism and child pornography, under new provisions of sections, 66A to 66F, 67A to 67C, and 69A, 69B.

• Protected systems under section 70 now declared as critical information infrastructure and protected through additional sections 70A and 70B that have created a nodal agency for their protection— the Indian Computer Emergency Response Team.

• Preservation and retention of traffic data and information by service providers and intermediaries under sections 67C, 69B and 70B for cyber forensic evidence and for analysis for new attacks on the information infrastructure in the country.

Kamlesh Bajaj is chief executive officer, Data Security Council of India. This is the third of a four-part series on cyber security.

Respond to this column at feedback@livemint.com

Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed – it's all here, just a click away! Login Now!

Catch all the Industry News, Banking News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
More Less
Published: 19 Jan 2009, 12:11 AM IST
Next Story footLogo
Recommended For You
Switch to the Mint app for fast and personalized news - Get App