DATA PROTECTION IN INDIA

Info: The Constitution of 1950 does not expressly recognize the right to privacy. However, the Supreme Court first recognized in 1964 that there is a right of privacy implicit in the Constitution under Article 21 of the Constitution, which states, "No person shall be deprived of his life or personal liberty except according to procedure established by law." There is no general data protection law in India. In June 2000 the National Association of Software and Service Companies (NASSCOM) urged the government to pass a data protection law to ensure the privacy of information supplied over computer networks and to meet European data protection standards. The National Task Force on IT and Software Development had submitted an "IT Action Plan" to Prime Minister Vajpayee in July 1998 calling for the creation of a "National Policy on Information Security, Privacy and Data Protection Act for handling of computerized data." It examined the United Kingdom Data Protection Act as a model and recommended several cyber laws including ones on privacy and encryption. No legislative measures, however, has been considered to date.

Data protection and offshoring to India
India getting data protection laws 30/07/2004
India to tighten data protection laws
Data protection regulations in India
How does European legislation impact on India’s BPO industry?
A: The EU directive 95/46/EC is specific on the requirements for the transfer of data. It states that personal data of EU nationals cannot be sent to countries that do not meet the EU "adequacy" standards with respect to privacy. The directive also sets down the principles regarding the transfer of data to third countries. Under this directive the third country should provide an adequate level of protection to personal data of the citizens of EU member states. It states: "The adequacy of the level of protection afforded by a third country shall be assessed in the light of all the circumstances surrounding a data transfer operation or set of data transfer operations; particular consideration shall be given to the nature of the data, the purpose and duration of the proposed processing operation or operations, the country of origin and country of final destination, the rules of law, both general and sectoral, in force in the third country in question and the professional rules and security measures which are complied with in that country."

Article on bringing data protection law in India
The compelling and much needed mandate for providing protection to the information provided by various interested parties has again set in motion the thought process and the legislative wing of the Constitution of India is facing a situation where it has to decide whether it should bring new amendments to the already existing Information Technology Act, 2000 or to enact a separate law for the same. The choice between these options is not the real issue to be addressed presently but is ancillary to a more important and overlooked perspective relating to data protection. A law on data protection must address the following Constitutional issues on a "priority basis" before any statutory enactment procedure is set into motion:(1) Privacy rights of interested persons in real space and cyber space.(2) Mandates of freedom of information U/A 19 (1) (a).(3) Mandates of right to know of people at large U/A 21.
If these issues are sidelined in the zeal of providing data protection then it may have catastrophic results because the law(s) providing for data protection will be vulnerable to the attack of unconstitutionality on the ground of violation of Articles 19(1) (a) and 21 of the Constitution. Thus, the pre requisite for the enactment of any law dealing with data protection is to keep in mind the mandates of these rights.

BPO: In India data security cost skyrockets
India – The Emerging IT super power..need data protection laws.