Posts Tagged ‘India’

h1

India Govt plans rule for encrypted data access

January 13, 2012

Service providers will have to place servers in India to ensure data is not leaked out of country

The India government has proposed a legal provision that puts the onus uniformly on companies such as Skype Technologies SA and Google Inc​. to locate part of their information technology (IT) infrastructure within the country to enable investigative agencies ready access to encrypted data on their servers.

Further, to guarantee privacy, this legal provision will also require that data of Indian citizens, government organizations and firms hosted on the servers of these companies not be moved out of the country, three government officials confirmed separately.

At present, the servers of all service providers are located outside the country and whatever data is generated or exchanged travels to the respective country. If servers or similar facilities are located in India, then data exchanges within the country would stay there.

Source  India Govt plans rule for encrypted data access

Advertisements
h1

Two Indian companies among 20 most admired

December 16, 2011

Teleos, in association with The KNOW Network, established the Global Most Admired Knowledge Enterprises research programme in 1998 to identify and recognize those organizations which are creating shareholder/stakeholder wealth by transforming new as well as existing enterprise knowledge into superior products/services/solutions.

A panel of Global Fortune Global 500 senior executives and leading knowledge experts selects the Global MAKE Winners.

Here are the 20 winners, including two from India.

The Tata Group is recognized in the 2011 Global MAKE study for creating a learning organization. The group is a five-time Global MAKE Winner.

The 2011 Global MAKE panel has recognized Infosys Limited for creating a learning organization. Infosys Limited is an eight-time Global MAKE Winner.

Source Two Indian companies among 20 most admired

h1

Introducing – ISB Leadership Summit 2011

December 7, 2011
h1

FTC Welcomes a New Privacy System for the Movement of Consumer Data Between the United States and Other Economies in the Asia-Pacific Region

November 18, 2011

 

The Federal Trade Commission welcomed the approval by the forum on Asia-Pacific Economic Cooperation (APEC) of a new initiative to harmonize cross-border data privacy protection among members of APEC. The initiative is designed to enhance the protection of consumer data that moves between the United States and other APEC members, at a time when more consumer information is moving across national borders.

 

On November 13, 2011, President Obama and representatives from the other APEC economies endorsed the APEC Cross-Border Privacy Rules at a meeting in Honolulu, Hawaii. The APEC privacy system is a self-regulatory code of conduct designed to create more consistent privacy protections for consumers when their data moves between countries with different privacy regimes in the APEC region.

 

“With personal information now moving around the world in the blink of an eye, we need pragmatic ways to bridge the gaps between different legal systems and privacy regimes. The APEC privacy rules have the potential to significantly benefit companies, consumers, and privacy regulators and move us closer to global interoperability of privacy regimes,” FTC Commissioner Edit Ramirez said.

Source FTC

 

h1

Dominic Barton on Emerging Markets & Global Economic Trends

November 8, 2011
h1

MAKE IT HAPPEN! – Leadership style

October 12, 2011
h1

India Issues Clarification of Recent Privacy Rules

September 1, 2011

On August 24, 2011, the Ministry issued a release clarifying certain aspects of the Privacy Rules which will undoubtedly cause the Indian outsourcing industry and non-Indian companies to breathe a sigh of relief.

Rule 5(1) of the Privacy Rules requires a company to obtain prior written consent through letter, fax or email when collecting sensitive personal data or information from the provider of such information. Rule 6 of the Privacy Rules requires companies to obtain prior consent to disclose or share sensitive personal data or information with third parties. These rules would have made it extremely difficult for Indian call center operators and Indian providers of business process outsourcing services to operate as it would mean, for example, that a call center operator providing customer service on behalf of a U.S. bank or insurance company would have to obtain a caller’s prior written consent before it could collect any personal account or health information required to respond to the caller’s questions or to share such information with the bank or insurance company of whom the caller is a customer. However, the ministry has clarified that Rules 5 and 6 do not apply to companies providing services relating to the collection, storage, dealing or handling of sensitive personal data or information under contractual obligation with any legal entity located within or outside of India. However, companies collecting sensitive personal data or information from individuals pursuant to a contractual obligation directly with such individuals would still be subject to these Rules. Further, in instances where the prior written consent requirement would still apply, the ministry’s release clarifies that “consent given by any mode of electronic communication” is acceptable. This implies that consent provided by checking a consent box as part of an online account registration process would satisfy the consent requirement of the Privacy Rules and that letter, fax and email are not the only acceptable means of obtaining consent.

Another important clarification made by the ministry relates to the potential extra-jurisdictional application of the Privacy Rules. The Privacy Rules have been promulgated under the Indian Information Technology Act (2000) (the “IT Act”). Section 1(2) of the IT Act states that it applies to “the whole of India and…to any offence or contravention thereunder committed outside India.” However, the ministry’s release clarifies that the Privacy Rules only apply to companies or persons “located within India.” Therefore, concerns that foreign companies not located in India may have to comply with provisions of the Privacy Rules mandating the publication of online privacy policies containing certain required disclosures and the appointment of a grievance officer to address privacy-related issues seem to have been alleviated.

The release also clarifies that the term “provider of information” as used in the Privacy Rules refers to a natural person who provides sensitive personal data or information to an Indian company.

With these clarifications, Indian companies providing outsourcing services, non-Indian customers of such services and multi-national companies doing business in India now have guidance on when compliance with the Privacy Rules is required and how such compliance with the Privacy Rules can be achieved.

Source India Issues Clarification of Recent Privacy Rules