The government said that the personal data sent to India by the customers outsourcing work to companies in the country will not be covered under the new rules governing the collection of such information. The information technology rules 2011 introduced in April require companies or their intermediaries to take the consent in writing from the individuals about the sensitive personal information that they collect. In other countries whose data they collect and process through call centers and business process outsourcing operations, the new would make it difficult for the Indian outsourcers to operate if they were required to take written consent from the individuals in the countries.
The result of the new rules, the companies that rely on India-based outsourcing service providers will be required to adjust their data collection practices to conform to India data protection rules., Even though their current practice may comply fully with US or European Union privacy rules. A clarification issued by the Ministry of Communications and Information Technology, this is through the country’s Press Information Bureau. In providing the services relating to the collection storage, dealing or handling of the sensitive personal data or information under the contractual obligation with any legal entity located within or outside India is not the subject to the requirement of the new rules.
To follow Indian while collecting data in their countries, the government has also stated that the body corporate referred to under the new rules are Indian companies, removing the interpretation that US and European companies sending data for processing to Indian outsourcers that would have to follow Indian rules while collecting data in their countries. A company that is set up by Nasscom or the National Association of Software and Service Companies is to set standards for thed ata security and the privacy for outsourcers. The clarification by the government removes any such confusion. According to the rules of the countries, it is now clear that it is not the outsourcer but the companies collecting and sending the data that are responsible for protecting the privacy of the data. The government had reassured Nasscom that a clarification would be issued. The government that the outsourcing industry would be hit if the rules were enforced. The Indian companies collecting data from individuals known as the providers information. It will continue to be covered under yhe new rules governing the collection and the use of the sensitive personal information.
In India’s Supreme Court, the preferential treatment provided to a section of companies, the outsourcers could be struck down in the court a cyber law consultant and advocate. The clarification has not been issued under any provision of the country’s IT act and in the fact that violates the spirit of the IT Act which does not limit the juridiction of its laws to the companies within India. The clarification is also vague and could lead to a variety of the companies claiming to be exempt from the personal data rules.
REFERENCE:
http://www.goodgearguide.com.au/article/398476/india_exempts_outsourcers_from_new_privacy_rules/
