Active Stocks
Thu Mar 28 2024 15:59:33
  1. Tata Steel share price
  2. 155.90 2.00%
  1. ICICI Bank share price
  2. 1,095.75 1.08%
  1. HDFC Bank share price
  2. 1,448.20 0.52%
  1. ITC share price
  2. 428.55 0.13%
  1. Power Grid Corporation Of India share price
  2. 277.05 2.21%
Business News/ Industry / Infotech/  EU GDPR: The implications for Indian companies
BackBack

EU GDPR: The implications for Indian companies

European Union's (EU) General Data Protection Regulation (GDPR) envisages strict rules for handling personal data of users and specifies new protocols for handling and storing private data

The European Union’s (EU) General Data Protection Regulation (GDPR) will take effect from 25 May. Photo: BloombergPremium
The European Union’s (EU) General Data Protection Regulation (GDPR) will take effect from 25 May. Photo: Bloomberg

The European Union’s (EU) General Data Protection Regulation (GDPR), which takes effect from 25 May, envisages strict rules for handling personal data of users and specifies new protocols for handling and storing private data, and sharing it with third parties.

Why should we bother about a European data protection rule?

GDPR will replace the 1995 Data Protection Directive and is aimed at protecting the personal data of EU citizens in the new digital world. The regulation covers all the EU member states and citizens, so all global enterprises with operations or customers in EU must comply. Europe is a significant market for the ITeS, BPO and pharma sectors in India. The size of the IT industry in the top two EU member states (Germany and France) is estimated to be around $155–220 billion.

What are the implications of the new regulation?

The rules will also apply to companies whose activities target data subjects in the EU. The definition of personal data now explicitly includes location data, IP addresses, and identifiers such as genetic, mental, economic, cultural or social identity of a natural person. Individuals will have stronger rights over their personal data. The new rights include the right to be forgotten, the right to data portability, the right to object to profiling. Consumer consent to process data must be freely given.

What if Indian firms do not comply with GDPR?

Flouting the rules can attract a maximum fine equivalent to 4% of an organization’s global annual revenue or €20 million, whichever is higher.

Are there any positives to EU GDPR?

Indian companies are likely to face increased compliance costs on the back of GDPR or risk huge penalties if they fail to comply. But they could see it as a business opportunity. Moreover, following the Supreme Court’s verdict, a data protection framework has been proposed by the Srikrishna Committee in India. Of course, whether the legislation will satisfy the criteria laid down under the GDPR or not remains to be seen.

How should Indian companies prepare for the EU GDPR?

They should review their policies, procedures and existing privacy programmes; impart data privacy training to employees; and review or update contracts signed with third-party vendors, among other things. Besides, Indian companies also need to evaluate how equipped they are to deal with the audit process, and use appropriate technology solutions to prepare for the same.

Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed – it's all here, just a click away! Login Now!

Catch all the Industry News, Banking News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
More Less
Published: 24 May 2018, 12:18 PM IST
Next Story footLogo
Recommended For You
Infotech Stocks
₹1,547.25-0.26%
₹1,484.10.99%
₹4,928.750.15%
₹3,837.51.2%
₹472.21.66%
Switch to the Mint app for fast and personalized news - Get App