We US lawyers who follow this sort of thing advise our clients to use the contractual solution for India.There is a bill moving forward in India by fits and starts, but it seems more focused on security than data protection. My sources advise that policy-makers there are concerned that their outsourcing businesses are exposed over this issue.
Although never stated "in haec verba" I believe most DPA's would take the position that a country is inadequate until it proves otherwise to the satisfaction of the Article 29 Committee. The relevant language in the Directive is certainly open to debate. Of course your previous DPA put up a position paper some years ago on your Act basically saying it was the data exporter's responsibility to make that sort of assessment, but that advice seems to have been "lost".:-) The quick and not very easy way to resolve this and be able to sleep at night is to use the relevant contractual solution approved by the Commission. Available on Data Protection section of Justice.Or e-mail me and I will send you them.
Charles Prescott
[Message delivered by NotifyLink]
----------Original Message----------
From: "Simon Howarth (WSL)" <[log in to unmask]>
Sent: Wed, July 20, 2005 6:05 AM
To: [log in to unmask]
Subject: Re: [data-protection] India and the 8th principle
John,
Have a read of this article by Chris Pounder. Third to last para is of
interest. This may help you make a decision.
http://www.out-law.com/page-5013
There is also this from the OIC, but I think it may be somewhat out of date.
http://www.informationcommissioner.gov.uk/cms/DocumentUploads/international%
20transfers%20of%20personal%20data.pdf
I believe that India are currently working on a DP law that provide adequacy
with the EU, however I am not up-to-date. Hopefully the above will help.
Regards,
Simon.
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of John Hughes
Sent: 20 July 2005 10:42
To: [log in to unmask]
Subject: [data-protection] India and the 8th principle
Does anyone know the status of India with regard to the 8th principle - i.e.
do they have adequate levels of protection for the rights and freedoms of
data subjects in relation to the processing of personal data? I have been
asked to investigate the feasibility of certain departments using a typing
service which would involve the transfer of personal data to India and back,
but I'm not sure whether this is permissible or not. There is an option to
anonymise letters prior to transfer but it would be quicker and simpler to
keep certain identifiers on them.
This is something I have puzzled about at home when bombarded with phone
calls from the Far East wanting to sell me cheaper gas, electricity, phone
bills etc. etc. Have they the right to be processing my personal data over
there?
John
===========================================================================
This e-mail and any files transmitted with it are confidential. If you are
not the intended recipient, any reading, printing, storage, disclosure to
another person, copying or any other action taken in respect of this e-mail
is prohibited and may be unlawful. If you are not the intended recipient,
please notify the sender immediately by using the reply function and then
permanently delete the email from your inbox.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|