EU law in particular restricts businesses transferring data to
countries with weak privacy protection, and with Indian IT wage
costs rising – albeit still far behind those in the US and Europe –
India wants to eliminate reasons for potential customers to
outsource elsewhere.
European firms are severely restricted in terms of the Data
Protection Directive of 1995 as to what data can be transferred or
stored in countries without equivalent rules and enforcement
procedures. At present, India has no such regulations, and relies
on individual contracts negotiated between the main company and the
Indian outsourcing contractor to address the data protection
issues.
In the US, there is unease over data security in outsourcing,
and with an election in the offing there is growing pressure on
federal and state administrations to limit the export of jobs.
Europe is also facing a backlash, with MEPs from the UK's
largest union, Amicus, warning the European Commission in April
that offshore outsourcing "is an accident waiting to happen."
India has been planning to tighten its data protection regime
for several years. Its National Association of Software and Service
Companies (NASSCOM) is in the process of drafting legislation to
amend the country's existing Information Technology Act of 2000,
with the intention of bringing the data protection regime up to the
standard required by the US and the EU.
According to a report in the Economic Times, KK Jaswal,
Secretary in the Department of IT, revealed on Wednesday: "Within
the next few months, we will remove all the lacunae in laws
covering the BPO [Business Process Outsourcing] industry,
especially regarding data protection, to inspire confidence among
investors".
"A legislative initiative is on the anvil and the amendments,
filling all the gaps in the existing laws dealing with the sector,
will silence the critics," Jaswal added.
