Data theft: Proposed IT Act amendments `inadequate'

  New Delhi , Oct. 6 In the wake of rising concern over data protection in the Indian BPO sector, legal experts are of the view that the proposed amendments in the IT Act are not adequate. Under the current IT Act, Indian BPO companies are considered network service providers or intermediaries. Hence, any BPO company is liable for data theft and can be given a clean chit only if it proves that it had no such knowledge of contravention or despite all diligence, it proves that it could not prevent the commissioning of any offence. The proposed amendment by the Government will make it mandatory for foreign companies to prove that an Indian company had been involved in such an activity. So, unless the foreign firm can substantiate the claim that the Indian BPO "conspired" or "abetted" in such an activity, these intermediaries will not be made liable. Legal experts feel that the proposed changes will adversely impact the BPO sector as it will protect Indian companies further and make foreign companies wary of outsourcing to India. "In the long run, the proposed amendment is even likely to negatively impact the growth of the BPO sector in India as BPO companies come within the ambit of "intermediaries", which would be protected under the proposed law. This may decrease the comfort factor of foreign clients as they would have no effective, real and practical remedy against their Indian BPO partners," said Mr Pavan Duggal, President of Cyber Law Asia and Advocate, Supreme Court of India. Regarding the provisions in the IT Act to compensate for frauds, Mr Duggal felt that over the last six years, since the law was in operation, there has not been any case of compensation. This could be attributed to the fact that IT secretaries in each State have been appointed to look into the matter, though there is lack of any legal body that deals with the issue.