Info-tech

Data Protection Regulation: IT industry seeks data-secure status from EU

| | Updated on: Jan 19, 2018
image caption

The General Data Protection Regulation (GDPR) gives unprecedented rights to individuals in the EU on their personal data. The firms are strictly prohibited from using that data for purposes other than they are meant for. Violations could result in heavy penalties.

As the May 25 European Union deadline for GDPR approaches, the domestic IT industry is seeking a ‘Data Secure Status’ tag so that the hassle for IT firms is lessened.

The EU had given the US such status that gives them certain concessions with regard to handling of data of its citizens. If given, the Indian IT firms too, will be benefited.

Or, they will have to spend on handling of data in the EU there itself.

The General Data Protection Regulation (GDPR) gives unprecedented rights to individuals in the EU on their personal data.

The firms are strictly prohibited from using that data for purposes other than they are meant for. Violations could result in heavy penalties.

“We are seeking for data secure status at least for this sector. It’s not happened yet. We will wait and see,” R Chandrashekhar, Chairman of the National Association of Software and Solutions Companies (Nasscom), told BusinessLine .

Privacy laws

The EU looks at the prevailing privacy laws in a country to see if it can give such a status.

These laws should resonate with its own.

India, however, does not have a privacy law as yet. The government has set up a committee under the Chairmanship of former Supreme Court Justice B N Srikrishna to issues related to data protection and may come up with suggestions on a draft Data Protection Bill.

“The draft is out and we have given our views through the Data Security Council of India,” he said. “We all agree that security and safety of data is paramount. There’s no second opinion on that. But we have a difference of opinion on the argument that it can be safe if it’s kept in that region,” he said

Keeping data physical in a particular place does not guarantee its security. It’s much more dependent on technology shields, processes being adopted, how it is managed and monitored rather than on where it is located, he pointed out.

Costs involved

If data can’t be moved outside the EU, it could cost additional expenditure on handling the data in that region. “If it is combined with challenges in the movement of skilled people and shortage of skilled workforce in that region, it would be a difficult task for the industry,” he said.

“There is no doubt that it will have an impact on the Indian IT industry. It is aware of the developments.

The firms are in the process of assessing the likely impact on them,” the Nasscom President said.

Published on January 19, 2018

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

COMMENTS
This article is closed for comments.
Please Email the Editor

You May Also Like

Recommended for you