Articles: INDIA

-DATA PROTECTION AND PRIVACY-

India Needs Law Against Invasion of Privacy: Ratan Tata

New Delhi: Tata Group Chairman Ratan Tata has said there is a need for a law to keep a tab on invasion of people’s privacy. The call follows an incident last year in which Tata’s private conversation with a corporate lobbyist was leaked to the media. “There should be a law against invading people’s privacy, unless it’s for an investigative purpose,” Tata said in an interview to the ‘Wall Street Journal’.

Indian Data Protection Law Encourages Outsourcing

India’s data protection law, which came into force in February 2009, is already beginningto show its effectiveness according to PavanDuggal, an Indian legal expert. Duggal told the annual international Privacy Laws & Business conference in Cambridge that the act, known as the Information Technology Amendment Act 2008, was starting to ‘flex its muscles.’ He added: “The law encourages more outsourcing of high end operations to India. The legal regime now in place in India to deal with data protection will increase confidence. Effective civil and criminal remedies provided for under the act enhance the comfort factor of corporate organizations which can resort to these remedies.”

The law means that companies outsourcing work to India must ensure that their serviceproviders comply with the requirements of the Act. Companies who set up, or who havededicated outsourcing units, must also ensure that these units comply with the amended Act.Breach of the Act is now a crime punishable by a fine of INR 50 million and imprisonment.MrDuggal said: “For companies doing business in and with India the new law is a breath of fresh air. How the law is implemented will determine its efficacy.”

Read more

Offshoring: Preparing for India’s Proposed Privacy Rules

The Indian government has taken a step toward creating a comprehensive set of data protection rules to safeguard privacy. The draft regulations, which deal with the protection of personal information, are more stringent than either the Gramm-Leach-Bliley Act in the U.S. or the EU Directive in Europe and would create new requirements for companies that outsource to service providers in India or maintain their own operations there, say Miriam H. Wugmeister, partner in the law firm Morrison Foerster and Cynthia J. Rich, senior international policy analyst with the firm.

The new rules are intended to showcase a new commitment by India to rigorously protect data, but they could dampen offshore outsourcing business. Most notably, prior written consent will be required-without exception-to collect and use sensitive data about Indian citizens and about any person who’s personal information is collected within the country.

Read more

Right To Privacy May Become Fundamental Right

The law ministry is working on a proposal to make right to privacy a fundamental right in the Indian Constitution. The right to privacy would include the right to confidentiality of communication, confidentiality of private or family life, protection of his honour and good name, protection from search, detention or exposure of lawful communication between individuals, privacy from surveillance, confidentiality of banking, financial, medical and legal information, protection from identity theft of various kinds, protection of use of a person’s photographs, fingerprints, DNA samples and other samples taken at police stations and other places and protection of data relating to individual. If the legislation is passed, it would address several concerns expressed by some sections of the civil society. For instance, there has been outrage over the `compromise’ of an individual’s privacy in a project like UID, where all personal data will be available at the click of a mouse.

Trilegal Co-Founding Partner Rahul Matthan Creates Draft of an Indian Privacy and Data Protection Law

Trilegal co-founding partner Rahul Matthan has drafted a proposal for the department of personnel training to create an Indian privacy and data protection law that would regulate the storage and disclosure of personal information. The approach paper requests views of the public and experts and sets out the issues involved in Indian privacy legislation. Matthan stated that at this stage it is just an approach paper.

One of the inevitable consequences of the UID Project will be that the UID Number will unify multiple databases. Such a vast interlinked public information database is unprecedented in India. It is imperative that appropriate steps be taken to protect personal data before the vast government storehouses of private data are linked up and the threat of data security breach becomes real. Similarly, the private sector entities such as banks, telecom companies, hospitals, etc. are collecting vast amount of private or personal information about individuals. There is tremendous scope for both commercial exploitation of this information without the consent/ knowledge of the individual In view of the above, privacy of individual is to be protected both with reference to the actions of Government as well as private sector entities.

Right To Privacy May Become Fundamental Right

The law ministry is working on a proposal to make right to privacy a fundamental right in the Indian Constitution. The right to privacy would include the right to confidentiality of communication, confidentiality of private or family life, protection of his honour and good name, protection from search, detention or exposure of lawful communication between individuals, privacy from surveillance, confidentiality of banking, financial, medical and legal information, protection from identity theft of various kinds, protection of use of a person’s photographs, fingerprints, DNA samples and other samples taken at police stations and other places and protection of data relating to individual. If the legislation is passed, it would address several concerns expressed by some sections of the civil society. For instance, there has been outrage over the `compromise’ of an individual’s privacy in a project like UID, where all personal data will be available at the click of a mouse.

Read more

Outsourcers Exempt from India’s Privacy Regulations

The Department of Information Technology had notified Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 under section 43A of the Information Technology Act, 2000 on 11.4.2011 vide notification no. G.S.R. 313(E).   These rules are regarding sensitive personal data or information and are applicable to the body corporate or any person located within India. Any such body corporate providing services relating to collection, storage, dealing or handling of sensitive personal data or information under contractual obligation with any legal entity located within or outside India is not subject to the requirement of Rules 5 & 6. Body corporate, providing services to the provider of information under a contractual obligation directly with them, as the case may be, however, is subject to Rules 5 & 6. Providers of information, as referred to in these Rules, are those natural persons who provide sensitive personal data or information to a body corporate. It is also clarified that privacy policy, as prescribed in Rule 4, relates to the body corporate and is not with respect to any particular obligation under any contract. Further, in Rule 5(1) consent includes consent given by any mode of electronic communication.

NandanNilekani on UID Controversy

Unique Identification Authority of India (UIDAI) Chairman NandanNilekani discusses concerns surrounding India’s unique ID program. UIDAI will assign each citizen a unique identifying number, the world’s first online ID system that can be verified anywhere. But legal experts and advocates have said the plan doesn’t provide enough privacy safeguards. Nilekani says that privacy is “something you trade for convenience” and that once people understand the plan’s convenience, “they will understand what they are giving up is very trivial.” Although biometrics are collected (name, age, date of birth and sex), the data is anonymized, not shared with private companies and no one has access to it. In the future, Nilekani sees each Indian citizen having three “empowering” numbers: Aadhaar number -the number with which you can confirm who you are to anybody; mobile number, and bank account number.

Privacy Concerns Grow in India

The Indian government’s recent announcement that it taps nearly 300 new phones every day has sparked a debate about privacy. This growing desire for privacy stems from changing family structures and lifestyles among the urban middle class, a mass media explosion and the Internet, and the government’s biometric identification program, just as the government has begun tapping more phones and using surveillance cameras in more public places. In fact, Mumbai officials recently announced they plan to add 6,000 new cameras to the existing 400.India’s constitution does not guarantee a right to privacy, nor does the country have a data protection law to guard against the misuse of personal information. However, the government has proposed a wide-ranging privacy law, and a coalition of organizations and activists, including the newly formed advocacy group Privacy India, is trying to help shape it.

Indian Call Centres Accused of Selling Britons’ Personal Data

Employees from Indian call centres are selling Britons’ confidential personal data, including credit card information, medical and financial records to criminals and marketing firms for as little as two pence, an undercover investigation has discovered. Two ‘consultants’, claiming to be IT workers at several call centres boasted of possessing 45 different sets of personal information on nearly 500,000 Britons. The information, much of which is related to customers at major financial companies, including HSBC, Barclays, Halifax, Lloyds TSB and NatWest, would allow criminals to syphon thousands of pounds from bank accounts within minutes.

Indian authorities said their efforts to combat corruption have been thrwarted by the unwillingness of companies, keen to avoid negative publicity, reporting data losses.

Read more

India Seeks ‘Data Secure Nation’ Status, More Hi-end Business from European Union

New Delhi has demanded that the European Union lift restrictions on flow of sophisticated outsourcing business to India by designating it as a data secure country. Currently, India is among the countries not considered data secure by the EU, which prevents flow of sensitive data, such as patient information for telemedicine, to India under data protection laws. “Recognition as a data secure country is vital for India to ensure meaningful access in cross border supply,” a government official told ET, adding, “We have made adequate changes in our domestic data protection laws to ensure high security of data that flows in.” The EU Data Protection Directive requires member countries to ban transfer of personal data to a non-EU country unless the nation ensures adequate privacy protection. Lifting of data flow restrictions can boost trade manifold for India’s $100-billion IT-BPO industry, 30% of whose exports are to the European market.

New Data Protection Act Sought

After being stung by a slew of data theft and misuse issues leading to the denting of investor confidence in the BPO industry in AP, state IT minister Ponnala Lakshmaiah has written to the Centre, seeking the formulation of a new Act on data protection for IT companies. In a letter written to the Union minister for communication and information technology, Mr Kapil Sibal, the state minister said that the various incidents of data theft and misuse of private and personal information had raised concerns about outsourcing to India.

India does not feature in the list of countries complying with Data Protection Standards, prepared by the EU. The need for a specific and stringent legislation in line with the EU or the US Act is of paramount importance, if India has to sustain investor confidence, especially among foreign entities which send large amounts of data to India for back-office operations,” the minister said.

Researchers Publish Study of Indian Privacy Perceptions

In an effort to better understand privacy perceptions in India, two researchers have conducted the largest-ever survey on the topic. Professor Ponnurangam PK (PK) and Niharika Sachdeva have published “Privacy in India: Attitudes and Awareness V 2.0,” which follows a smaller version of the study, published in 2005. The survey aimed to better understand how Indians’ view their own privacy, particularly given advances in technology and government projects such as Unique ID (UID), which aims to give each Indian citizen an identifying number. Some of the study’s key takeaways include: participants’ concerns about privacy surrounding mobile phones and the Internet-more than other platforms or venues; participants’ lack of awareness about privacy concerns in public, such as surveillance cameras; participants’ increasing likelihood to store private information on mobile devices; participants’ beliefs that privacy laws existed where they did not, and a decline in government trust since 2004. The authors say this indicates an overall concern and awareness of privacy since 2004 and that India is “on the path” to becoming a “privacy-aware and privacy-concerned” society.

-EMPLOYMENT OUTLOOK-

Association of National Exchanges Members of India (ANMI) Joins National Skills Registry

Association of National Exchanges Members of India (ANMI) has signed a Memorandum of Understanding (MoU) with NSDL Database Management Limited (NDML) to join National Skills Registry (NSR). National Skills Registry (NSR) is a NASSCOM (National Association of Software and Service Companies) initiative to develop a robust and credible information repository about all professionals working in the IT/ITes Industry in India.

Currently NSR has more than 8.5 lakh registered professionals. There are also 100 Subscriber companies comprising 60- 65% of the employee strength in the IT / ITeS industry. ANMI believes that such security best practices adopted by IT/ITes industry should be adopted by financial services industry and as a premier body of members of stock exchanges, it has taken lead to implement this initiative for broking industry.

India ‘s Population Touches 1.2 Billion

The country’s population has touched 1.2 billion (121 crore), indicating a rise of 17.64 per cent, according to the provisional results of the 15th Census. The combined population of Uttar Pradesh (19.95 crore) and Maharashtra (11.23 crore) is bigger than that of the US. Among the states and Union territories, UP is the most populous state with 19.95 crore people while Lakshadweep is the least populated with just 64,429 people.

While releasing the provisional figures of the Census 2011, Registrar General of India and Census Commissioner C Chandramauli said, “The male population has grown by 17.19 per cent (62 crore) while the female population has risen by 18.12 per cent (58 crore) in the country.”

India ‘s effective literacy rate has recorded a 9.2 per cent rise to reach 74.04 per cent, according to the 2011 census data. The literacy rate has improved sharply among females as compared to the males. Ten states and union territories, including Kerala, Lakshadweep, Mizoram, Tripura, Goa, Daman and Diu, Puducherry, Chandigarh, Delhi and the Andaman and Nicobar Islands, have attained literacy rate above 85 per cent.

Read more

-TECHNOLOGY-

The Associated Chambers of Commerce and Industry of India Calls for National Body to Prevent Cyber Crimes

Industry experts and policy makers called for creating a national body to evolve a fine balance between cyber data protection and privacy of citizens as the society and businesses become a part of the huge electronic ecosystem. They also demanded a detailed regulatory, legal and policy-enabling regime to facilitate further protection and preservation of cyber security. Cyber secrecy and network security are extremely relevant in today’s context, said MrPawanDuggal at the 4th international conference on ‘Safeguarding the Digital Economy’ organised by The Associated Chambers of Commerce and Industry of India (ASSOCHAM).

Ms B. Bhamathi, secretary at the ministry of home affairs, said the government is working on a Rs. 2,000 crore criminal tracking network project which is aimed at seamless connectivity among 16,000 police stations across the country, allowing them to share information on crimes and criminals in real-time.

ASSOCHAM’s secretary general D.S. Rawat said cyber security issues are a major concern for corporates worldwide. However, he said the chamber’s vital suggestions have been accepted by the Parliamentary Consultative Committee and incorporated in the Information Technology (Amendment) Act 2008.

-BACKGROUND SCREENING-

Fake Flying License Scam: Four Arrested

Four persons, including a DGCA official and a pilot were arrested by Delhi Police in connection with the fake flying license scam in New Delhi on March 26, 2011. DGCA had recently grounded 14 pilots who obtained their commercial licences by submitting fake records and document. These pilots whose licenses have been revoked had allegedly not flown the mandatory hours and are alleged to have got fake certificates from a Rajasthan flying training institute. DGCA chief E K Bharat Bhushan said that DGCA would conduct third-party audit of all the 40 flying schools in the country in the wake of cases of forgery behind securing of licences coming to light. Bharat Bhushan, the Director General in DGCA, said essentially there are two types of frauds in regard to fake pilot licenses. One type of fraud related to not passing the Commercial Pilot License (CPL) exam and producing false marksheet to procure the flying license while the other related to flying schools crediting flying hours in certificates which has actually not been undertaken by the persons concerned, he said.

To read more click here

Fake PAN Card Seller Gang Busted  

The crime branch of Ulhasnagar police has busted a racket involved in the printing and selling of PAN cards, ration cards, voter ID cards, mark sheets, degree and leaving certificates (HSC and SSC) and senior citizen identity cards. The police arrested four people, including a schoolteacher in the matter. Acting on a tip off, the crime branch team laid a trap at Mahalaxmi Estate Agent, Mahavir palace, Ulhasnagar-5. They recovered more than 40 PAN cards, 43 senior citizen identity cards, computers, a scanner, a printer and other materials used to print the documents. The seized articles, in various stages of completion, are worth Rs 2 lakh. The accused would sell the school certificates (leaving certificate and marksheet) for Rs 1 lakh, while the fake cards would be sold for Rs 50,000 each.

Read more

Sion Hospital Exposes Document With Fake Certificate

Sion hospital in Rajasthan, India recently uncovered a doctor’s fraudulent work experience certificate which would enable him to practice as a radiologist. New verification guidelines require radiologists to have at least one year of experience at a renowned hospital in order to perform specialized tests such as sonographies (commonly used in fetus sex determination tests). The certificate stated he had completed this requirement at Sion hospital and even bore the hospital’s official letterhead and forged official signatures. Even though the Radiology Department insists this is an isolated incident, they are still taking necessary steps to avoid future incidents.

India’s State to Regulate Private Detective Agencies

The state government will soon regulate private detective agencies that have mushroomed across Mumbai and the rest of Maharashtra. Home minister RR Patil told the legislative assembly that the state government would soon make a legal provision to make registration of detective agencies mandatory. He also assured criminal action against the heads of cell phone service providers if their company employees were found to have helped detective agencies with call records. “This law will fix responsibility and also decide the nature of investigation or detective work that these agencies can undertake,” he said.

Fudging Your CV… Is It Worth It?

Interestingly, this is not the first time that such a senior level employee has been caught lying in his curriculum vitae (CV). In most of these cases, reported primarily from the western countries, strict action has been taken against the errant employees irrespective of rank and associated prestige. Had this kind of a case emerged in India would action have been taken on this scale? In fact, in a country like ours where a person is trusted more for his word and background checking seldom done, would falsification of this nature have been discovered at all?   It is very doubtful. Even in a day and age like this, most HR managers in top companies say that they conduct background screening only when doubts emerge. M S Venkatesh, who heads HR at Educomp, one of India’s leading education companies, says, “Honesty and integrity are personal issues. We generally tend to believe a person if he or she claims to have a certain educational qualification but if we discover during an interview that something related to qualification or experience is not aligning, we go for a check.” What do they do when this kind of a misrepresentation is detected? He says, “We don’t hire that person.”

But background screening agencies which have sprung up in India since the last five or six years, say that just letting employees go is not the right option, action should be taken against such people.

Cops Book Security Agency that Hired Killer Watchman
Police in Wadala, India have arrested the heads of an Indian private security firm after a young lawyer was killed by one of the guards providing security at her Mumbai apartment building. Sajjad Moghul killed 25-year-old Pallavi Purkayastha after attempting to rape her in her apartment where Moghul worked as a security guard. Wadala police arrested Abdul Hamid Kahn and Aslam Wazir Khan, the owners of Abdul Hamid Enterprises, the security firm that hired Moghul. The Khans have been charged under the Private Security Regulation Act for failing to perform a proper background check on Moghul and failing to register him and their other guards with the Mumbai police. The act was passed into law in 2005 in an effort to bring professional standards to India’s poorly regulated private security industry, but has only rarely been applied since then. The killing has thrust the issue of private security back into prominence in India and caused many “housing societies” to reevaluate and harden their physical security and security policies.

Wary Hotels Put Staff Under Lens  

After terrorists took over and held hostages in the Taj and Trident Hotels during the 2008 Mumbai terror attacks, rumors circulated throughout India that the terrorists had been helped by employees at the hotels, prompting Mumbai’s hospitality industry to begin running detailed background checks on employees. Private security agencies and the police are helping the industry to build this intelligence. Shashikant Shetty of Mumbai’s Ahar restaurant and bar association says it has become a norm for candidates to submit photographs, proofs of age and residence, references of people and contact numbers with the employment form. TOPS Security Company representative Brigadier Jaisinghani says his company is one of many private security firms now conducting background checks almost full time. “We check an employee’s passport, lease agreements, bank accounts, property details, previous employment records as well as permanent address,” said Jaisinghani. “These details are then passed on to other private security firms, police, and government security agencies for further verification.”

Read more
-EDUCATION VERIFICATION-

Police Bust Another Fake Degree Group

A day after unearthing a nine-member gang involved in making fake educational and other documents, UT Police SIT busted a four-member gang also involved in supplying fake degrees. The four-member gang, had been operating from two offices- a sub office in Sector 35 and a main office being run under the name of Sai Service Education in Zirakpur. The Gang focused on providing fake degrees for universities located in central and east India.

UT Police added that the scam needed a deeper probe as most of the degrees were not caught in verification which pointed towards them being authenticated at a later date. Police have also found out through middle men in Delhi, that degrees in two universities were being authenticated. Police have identified 18 persons who bought degrees from the gang.