Category Archives: Privacy Laws In India

Is Cloud Computing A Viable Solution In India?

Cloud computing has been projected as an essential requirement in India these days. However, this assertion fails to mention that cloud computing in India is legally risky. The rush for use of cloud computing in India has also ignored the analysis whether cloud computing is a viable solution in India or not.

Cloud computing to be viable and sustainable must be supported by many elements including a sound regulatory framework for the same. Till now we have no dedicated regulatory framework for cloud computing in India. In fact, we have no legal framework for cloud computing in India at all.

As per the recent research and studies of Perry4Law and Perry4Law Techno Legal Base (PTLB), cloud computing in India is risky and India is not ready for cloud computing. This conclusion of Perry4Law and PTLB has been endorsed by other companies and it has been reported that chief information officers (CIOs) in India are not comfortable using cloud computing in India.

Absence of an effective cloud computing policy of India is responsible for limited utilisation of cloud computing in India. However, legal issues of cloud computing in India are the main reason for cautious adoption of cloud computing in India.

Further, India is a country that has weak privacy, data protection and data security laws. India is also infamous for its e-surveillance and eavesdropping exercises without any constitutional laws backing the same. Phone tapping in India is not done in a strictly constitutional manner and we also lack a lawful interception law in India.

With the information technology amendment act, 2008 (IT Act 2008), the cyber law of India has been amended and this has also made it vulnerable to constitutionality attacks. With projects like national intelligence grid (Natgrid), crime and criminal tracking network and systems (CCTNS), central monitoring system (CMS), etc e-surveillance in India has reached its zenith.

In this background we have to analyse the use of cloud computing in India. Cloud computing in India cannot succeed till we have trust in the service provider. We cannot trust a service provider who can be forced to disclose even the most sensitive information and data without a court order.

In India a mere order from the Indian government or its agencies is enough for the service provider to share sensitive information. There is no judicial scrutiny of a warrant that is absolutely required in these circumstances. So you cannot be even sure what government agencies are looking at and what information they are taking from the service provider.

Any business model must essentially balance profit motives and risks associated with the business. Similarly, the users of cloud computing services must ensure that the convenience of software as a service (SASS) and cloud computing is much greater than the risks of data leakages and manipulations.

Till now the legal opinion is weighting against the use of cloud computing and SAAS in governmental departments and for governmental projects. Without a conducive legal framework, user’s data in India is not safe. Let us create a conducive commercial and legal environment before we jump upon cloud computing wagon.

Online Sale And Purchase Of Prescribed Drugs and Medicines In India

Online sales and purchase are governed by electronic commerce transactions. We have no dedicated e-commerce laws and regulations in India. However, a basic level legal e-commerce framework has been provided by the Information Technology Act, 2000 (IT Act 2000) that is the cyber law of India.While we have basic level e-commerce legal framework in India yet e-health related legal framework is

Legal Enablement Of E-Health In India Is Needed

Information and communication technology (ICT) is a real enabler to strengthen healthcare industry of India. Whether it is telemedicine, e-health or any similar concept, technology is central to the successful implementation of these projects.

For some strange reason, health industry of India has neither being given a technology boost nor an appropriate legal framework has been formulated for it by the Indian government. For instance, very few health care industry players in India are using ICT for providing health related services. Similarly, e-health in India is facing legal roadblocks. Till now we do not have any dedicated e-health laws and regulations in India.

Legal enablement of e-health in India is urgently required. When technology is used for medical purposes, it gives rise to medico legal and techno legal issues. In United States, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Health Information Technology for Economic and Clinical Health Act (HITECH Act), etc are some of the laws that take care of medico legal and techno legal issues of e-health and telemedicine.

As far as India is concerned, we have no dedicated e-health and telemedicine laws in India. Even essential attributes of these laws like privacy protection, data protection, data security, cyber security, confidentiality maintenance, etc are not governed by much needed dedicated laws.

Now health ministry of India has given some hints that it would use technology for health related issues in India. It has decided to utilise technologies like Skype and technological concepts like biometrics, m-health, e-health, etc for India’s primary health centres (PHCs) and sub-centres.

Although the intentions of health ministry may be good yet its implementation is flawed from the very beginning. Health ministry is committing the same blunder that Aadhar project of India has committed. Collecting and using sensitive biometric and personal details without privacy law, data protection law, data security law, etc is counter productive.

There are no procedural and technological safeguards in place in India till now that can protect privacy and data rights of Indian citizens from misuses and e-surveillance. This may be the reason why Aadhar project may be scrapped in the long run. The technological initiatives of health ministry may also face similar fate.

In short, for the successful implementation of e-health and telemedicine in India, legal enablement of the same is absolutely required. Till now neither the Indian government nor the health ministry has provided any information in this regard. Till legal enablement of e-health in India is achieved all initiatives in this direction may prove counter productive.

E-Health Laws And Regulations In India

Information and communication technology (ICT) has streamlined the way medical services and para medical services are provided world over. E-health and telemedicine are examples of use of ICT for medical purposes.

However, when technology is used for medical purposes, it gives rise to medico legal and techno legal issues. In United States, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Health Information Technology for Economic and Clinical Health Act (HITECH Act), etc are some of the laws that take care of medico legal and techno legal issues of e-health and telemedicine.

On the contrary, we have no dedicated e-health and telemedicine laws in India. Even essential attributes of these laws like privacy protection, data protection, data security, cyber security, confidentiality maintenance, etc are not governed by much needed dedicated laws.

However, numerous statues carry individual provisions that may be applicable to e-health and telemedicine activities in India. For instance, the e-governance and e-commerce related aspects of e-health and tele medicine may be governed by the Information Technology Act, 2000 (IT Act 2000) that is the cyber law of India. All electronic contraventions and violations pertaining to e-health and tele medicine can be regulated b the IT Act 2000.

Similarly, privacy and data protection aspects in cyberspace pertaining to e-health are also governed by the IT Act 20000. Further, the Supreme Court of India has interpreted Article 21 of Indian Constitution as conferring a right to privacy upon all persons in India. Even in some cases the Supreme Court of India has held that patients have a right to privacy to protect their health related information except where non disclosure of such information is violating fundamental rights of others and is against public interest and public policy.

Even data security and cyber security aspects have been covered by the IT Act 2000 to some extent. The real problem is that these provisions that protect privacy, data protection, data security, etc are piecemeal efforts and they are not serving the purposes as required.

We need to have dedicated e-health laws and regulations in India that are presently missing. The sooner these e-health laws and regulations are formulated in India the better it would be for the larger interest of medical community and patients in India.

Privacy Rights And Laws In India

Privacy rights in India have taken a centre stage in India. From Indian citizens to foreign companies, all are now insisting upon a sound privacy rights regime in India. However, for one reason or other, privacy laws in India have been ignored by Indian government.

Similarly, an exclusive and dedicated data protection law in India is also absent. Absence of proper legal frameworks for privacy and data protection has made the personal information and data of individuals and companies prone to misuse in India.

Telemarketing companies are openly violating privacy of Indians due to lack of proper regulatory regime of India. Spam communications are increasing in India and India has become the premier location to indulge in spam communications.

Privacy rights and data protection rights are essential part of civil liberties protection in cyberspace. With the growing use of information and communication technology (ICT), privacy rights have acquired a very different meaning. It would not be wrong to assume privacy and data protection rights as integral part of human rights protection in cyberspace.

We have no dedicated privacy laws in India and data protection laws in India. The privacy rights in India in the information era are unique in nature that requires a techno legal orientation. The growing use of e-surveillance in India has also necessitated enactment of data privacy laws in India, privacy rights and laws in India and data protection law in India.

At the policy level as well privacy rights and data protection rights have been ignored in India. In fact, an Indian national privacy policy is missing till now. Even legislative efforts in this regard are not adequate in India. A national privacy policy of India is urgently required.

A right to privacy bill of India 2011 has been suggested in the year 2011 yet till now we do not have any conclusive draft in this regard that can be introduced in that parliament of India. In fact, we are still waiting for a public disclosure of final and conclusive proposed draft right to privacy bill 2011 of India that can be discussed in the parliament.

The Supreme Court of India must expand privacy rights in India as that is the need of hour. Fortunately, the issue is already pending before it and there would not be much trouble in formulating a privacy framework for India.

However, the call is for the Indian parliament to take and it must enact sound and effective privacy and data protection laws for India.

Data Protection Laws In India

We have no dedicated data protection laws in India. Data of individuals and companies require both constitutional as well as statutory protection. The constitutional analysis of data protection in India has still not attracted the attention of either Indian individuals/companies nor of Indian government.

The statutory aspects of data protection in India are scattered under various enactments. The Information Technology Act 2000 (IT Act 2000), which is the cyber law of India, also incorporate few provisions regarding data protection in India. However, till now we have no dedicated statutory and constitutional data privacy laws in India and data protection law in India.

Further, we do not have a dedicated privacy law in India as well. Privacy rights in India are still not recognised although the Supreme Court of India has interpreted Article 21 of Indian constitution as the source of privacy rights in India. Just like data protection, provisions pertaining to privacy laws in India are also scattered in various statutory enactments. Privacy rights and laws in India need to be strengthened keeping in mind the privacy rights in India in the information age.

Another related aspect pertains to data security in India. In the absence of proper data protection, privacy rights and cyber security in India, data security in India is also not adequate. Further, we do not have a dedicated cyber security law in India as well.

Perry4Law and Perry4Law Techno Legal Base (PTLB) believe that data protection requirements are essential part of civil liberties protection in cyberspace. With the growing use of information and communication technology (ICT), data protection requirement has become very important. It would not be wrong to assume privacy and data protection rights as integral part of human rights protection in cyberspace.

Perry4Law and PTLB believe that Indian government must formulate different laws for privacy, data protection and data security. The IT Act 2000 has already committed the mistake of incorporating all cyberspace related aspects at a single place. This has resulted in a chaos and we have no effective law for any aspect of cyberspace.

Perry4Law and PTLB suggest that India government must formulate separate laws for issues like privacy, data security and data protection.

Privacy Rights, Privacy Laws and Data Protection Laws In India

Privacy rights and data protection rights are essential part of civil liberties protection in cyberspace. With the growing use of information and communication technology (ICT), privacy rights have acquired a very different meaning. It would not be wrong to assume privacy and data protection rights as integral part of human rights protection in cyberspace.We have no dedicated privacy laws in

Intelligence Gathering In India Is Unconstitutional

Intelligence gathering and fighting terrorism are essential national security and sovereign functions. They cannot be equated at par with other governmental functions. That is the reason why every country provides some extra protection and immunity from public scrutiny to such functions.None can doubt that Indian counter terrorism capabilities need rejuvenation. We have an obvious but

Data Privacy Laws In India

Privacy rights and data protection are essential for protecting civil liberties and commercial interests. We do not have a dedicated privacy law in India as well as data protection law in India. There is no second opinion that privacy laws in India and data protection law in India is needed.Privacy rights and laws in India have been ignored for long. Privacy rights in India in the information era

Privacy Laws In India

We have no dedicated privacy laws in India and data protection laws in India. Naturally, this is a troublesome and undesirable situation. The supreme court of India has interpreted Article 21 as empowering Indian citizens with right to privacy in India.However, despite this constitutional protection, various governmental projects in India are opening ignoring Article 21 and are clearly violating