Saturday, June 25, 2011

Legal Framework For Cloud Computing In India

Cloud computing is a commercial project that most of the IT vendors of the world would love to launch in India. This is so because India has a large market for cloud computing business. However, the crucial question is whether India is ready for cloud computing? In short, we have to check whether cloud computing is viable for India especially when techno legal experts of India have answered in negative.

There are many hurdles for the successful implementation of cloud computing framework in India. The biggest among them is absence of legal framework for cloud computing in India. Further, allied legal frameworks are also missing that makes use of cloud computing in India non feasible and prone to numerous legal challenges.

For instance we have no dedicated privacy laws in India, data security laws in India and data protection laws in India. Further, India is fast becoming an endemic e-surveillance society in the absence of proper laws and constitutional procedural safeguards.

For instance, the central monitoring system project of India (CMS project of India) would have absolute control over telecommunications and Internet communications that also without any legal framework and parliamentary oversight. Further, companies like Research in Motion (RIM) have openly declared their support for e-surveillance activities of Indian intelligence agencies by extending cloud computing based e-surveillance model for its Blackberry messenger services.

Further, India is also the only country of the world where phone tapping and e-surveillance is done without a court warrant and beyond the judicial scrutiny. The executive branch of Indian constitution is neither accountable to the parliament of India nor to the judiciary in this regard.

All a police officer or governmental officer has to do is to approach the concerned cloud computing service provider, and it would hand over all your sensitive data and information to him without your knowledge. Further, even if the data is not physically handed over, access to the same can be given to such officer without anybody knowing of such access.

Privacy violations would definitely arise in cases of use of cloud computing in India. The only fact is that you may not be aware that your privacy rights have been violated and your sensitive and personal data is no more a secret.

Indian government must not use software as a service (SAAS) or cloud computing for governmental and public services delivery till suitable procedural safeguards against violation of civil liberties in general and privacy rights in particular are at place. Even industrial players like Infosys and CII have endorsed this viewpoint. Time has come to enact a constitutionally sound legal framework for cloud computing in India.

No comments:

Post a Comment