The recent incidents of data thefts in the BPO industry have raised concerns about data privacy. The Department of Information Technology (DIT) and Indian Computer Emergency Response Team (CERT-IN) are planning to set up an IT regulatory body, which will monitor the security and privacy aspects of IT and BPO companies.
Data Protection Law in India is currently facing many problems and resentments. In the absence of proper legislative framework private initiatives by Perry4Law assume significance. The Data Security Council of India (DSCI) and DIT must also rejuvenate its efforts in this regard on the similar lines. However, the best solution can come from good legislative provisions along with suitable public and employee awareness. It is high time that we must pay attention to Data Security in India.
India's cyber law, with further confusion about its status, is also detrimental for BPO growth. Cyber Security in India is missing and the same requires rejuvenation. When even PMO's cyber security is compromised for many months we must at least now wake up. If DSCI is really serious about data protection in India first it must acquire expertise to do so. The best option is to scrap the IT Act Amendment Bill, 2008 and come up with good cyber law as well as data protection law in India.
Data breaches and cyber crimes in India cannot be reduced till we make strong cyber laws. We cannot do so by mere declaring a cat as a tiger. Cyber law of India must also be supported by sound cyber security and effective cyber forensics. We cannot expect much in the absence of legal enablement of ICT systems in India. It is unfortunate that the efforts of Indian government, DIT, etc are far from satisfactory in this regard.
We need a good team of techno-legal experts who can not only help in the drafting of good laws but also its amendments and enforcement. Fortunately, we have a techno-legal data protection law database in India where both constitutional as well as statutory aspects of data protection can be analysed. Till the GOI comes up with suitable laws, the foreign investors and outsourcing companies can safely rely upon this database.