Following a number of media exposes of data security breaches in
India, IT industry trade body Nasscom is establishing the DSCI to
counter criticism that outsourcing to India threatens privacy.
Channel 4 and The Sun newspaper have both conducted
investigations in which poor privacy and data security were exposed
in outsourcing agreements to Indian companies. A reporter for
Channel 4's Dispatches programme was offered hundreds of thousands
of banking and financial profiles for sale after investigating
India's call centre industry.
Nasscom (the National Association of Software and Services
Companies) will be able to refer breaches to the police and will
offer certification of privacy policies to companies.
While the new body may refer cases to the police, as may anyone,
there is still doubt about the strength of data protection laws in
India. Though the Government amended the Information Technology Act
(ITA) late last year to punish data theft, there is still no single
piece of data protection legislation in India to compare with that
in the UK.
The legal changes last year included creating fines of up to $1
million for companies or people who fail to stop data theft or
leakage. The move was in response to significant concerns over the
reputation of the massive Indian outsourcing industry.
Nasscom had previously made recommendations to the Indian
government about changes to the ITA. It said last October that the
changes made then met most of their concerns.
