EU not ready to award India 'data secure' status

EU not ready to award India 'data secure' status

Summary: An EU-commissioned study has found gaps in the adequacy of India's system, which could prompt legislative changes in order for Indian outsourcing firms to continue their European business.


The European Union Justice Department has indicated a joint expert dialogue group needs to be set up in order to move along India's application for "data secure" status.

An Indian Commerce Department official told The Hindu on June 15 that legislative changes could be required to meet the EU's data security requirements, which govern where data belonging to local companies can be hosted.

EU not ready to award India 'data secure' status.

"The recent communication from the EU Justice Department is worrying for us as it indicates that the EU is not willing to offer us data secure status till we make changes in our systems. This could take a long time as it may also require legislative changes," the Commerce Department official told Business Line.

The official noted it was very clear that the EU was not in any hurry to award India the data secure status.
Without the status, Indian outsourcing firms will not be allowed to host and manage certain types of data belonging to companies based in the EU. The status is also a key requirement by the EU in ongoing bilateral free trade negotiations with India.

The EU's Justice Department had asked consultants to assess the data adequacy of the Indian system. While the study has not yet been handed over to India, it is believed to have identified gaps in Indian data laws.

It therefore wants a joint dialogue between relevant stakeholders, on both sides, to outline India's path to approval.

Topics: Privacy, Data Management, Security, India

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


1 comment
Log in or register to join the discussion
  • Indian Data Protection (or the lack of)

    India, by it's own admission, has huge problems with corruption, and this coupled with an uncertain legal framework, for me at least, would mean that I would never consider hosting or processing sensitive information there, and yet banks frequently appear to play fast and loose with our data?
    Why is it that my personal data can be processed outside the EU and yet I appear to have no say or control over the process. The EU needs to come down hard on big-business and hit them with some eye-watering fines if they don't protect our personal and financial data.
    You can already see how huge the "Indian data problem" is just by the number of times people in Europe receive unsolicited emails and calls from Indian scammers who seem to have access to some very personal details?