India is a country that is weak privacy, data protection and data security laws. India is also infamous for its e-surveillance and eavesdropping exercises without any constitutional laws backing the same. Phone tapping in India is not done in a strictly constitutional manner and we also lack a lawful interception law in India.
With the information technology amendment act, 2008 (IT Act 2008), the cyber law of India has been amended and this has also made it vulnerable to constitutionality attacks. With projects like national intelligence grid (Natgrid), crime and criminal tracking network and systems (CCTNS), central monitoring system (CMS), etc e-surveillance in India has reached its zenith.
In this background we have to analyse the use of cloud computing in India. Cloud computing in India cannot succeed till we have trust in the service provider. We cannot trust a service provider who can be forced to disclose even the most sensitive information and data without a court order.
In India a mere order from the Indian government or its agencies is enough for the service provider to share sensitive information. There is no judicial scrutiny of a warrant that is absolutely required in these circumstances. So you cannot be even sure what government agencies are looking at and what information they are taking from the service provider.
Any business model must essentially balance profit motives and risks associated with the business. Similarly, the users of cloud computing services must ensure that the convenience of software as a service (SASS) and cloud computing is much greater than the risks of data leakages and manipulations.
Till now the legal opinion is weighting against the use of cloud computing and SAAS in governmental departments and for governmental projects. Without a conducive legal framework, user’s data in India is not safe. Let us create a conducive commercial and legal environment before we jump upon cloud computing wagon.
With the information technology amendment act, 2008 (IT Act 2008), the cyber law of India has been amended and this has also made it vulnerable to constitutionality attacks. With projects like national intelligence grid (Natgrid), crime and criminal tracking network and systems (CCTNS), central monitoring system (CMS), etc e-surveillance in India has reached its zenith.
In this background we have to analyse the use of cloud computing in India. Cloud computing in India cannot succeed till we have trust in the service provider. We cannot trust a service provider who can be forced to disclose even the most sensitive information and data without a court order.
In India a mere order from the Indian government or its agencies is enough for the service provider to share sensitive information. There is no judicial scrutiny of a warrant that is absolutely required in these circumstances. So you cannot be even sure what government agencies are looking at and what information they are taking from the service provider.
Any business model must essentially balance profit motives and risks associated with the business. Similarly, the users of cloud computing services must ensure that the convenience of software as a service (SASS) and cloud computing is much greater than the risks of data leakages and manipulations.
Till now the legal opinion is weighting against the use of cloud computing and SAAS in governmental departments and for governmental projects. Without a conducive legal framework, user’s data in India is not safe. Let us create a conducive commercial and legal environment before we jump upon cloud computing wagon.
No comments:
Post a Comment