Tuesday, December 21, 2010

In Absence of Dedicated Privacy Law & Data Protection Law - Is India Ready for Cloud Computing?

“…The real problem is that India does not have any dedicated Privacy Law, Data Protection Law and Legal Enablement of M-Governance in India informs Praveen Dalal, a Supreme Court Lawyer and leading Techno Legal expert of India. With the proposed use of Cloud Computing, Software as a Service (SaaS) and M-Governance by Indian Government, more “Privacy Violations”, “Cyber Security” and many more “Regulatory Issues” would arise in future. These “Initiatives” cannot succeed in India in the absence of adequate and strong Laws in this regard

--- CJNEWS - India Is Not Ready For M-Governance And Cloud Computing

Though Privacy is our fundamental right yet I wonder how many times it is violated frequently on a daily basis; be it three-four unsolicited telemarketing calls or scores of SMSes & spams. Even the finance minister of India is not spared – a telemarketer offered him home loan while he was attending a high profile meeting with leader of opposition. It seems Do Not Call Registry & Do Call Registry have failed to curb the nuisance. (Come January 1; 2011 & you can at least identify (not prevent) the telemarketer’s call as they will be starting with the prefix 70)

The recent controversy of phone tapping of a top industrialist & the subsequent leakage of tapped conversation in public domain raises a serious privacy concern. Currently, though it’s a honeymoon period for the cloud customers & providers as almost everything is going fine with a little or no hiccups at all. But with the ongoing state of affair, a business owner in India may have to think twice before migrating to the cloud

Trust is intact till it’s broken…

  • What if someone sold your trade secret, customer list or business plan to your rival?
  • Is there a law in India to protect your privacy & data in the cloud?

Cloud by its basic architecture is decentralized & location independent (cross border data transfer). India along with US, EU & other tech-leading nations must come up with some mutually agreed basic framework of legislations to safeguard privacy & data protection across national boundaries but without impeding innovation. A dedicated privacy & data protection law  in place will considerably reduce the fear & friction & in turn might go a long way in creating a favorable cloud ecosystem.

Optional Info: Though not full-proof yet European Union & US customers/vendors enjoy a fair degree of privacy & data protection. The New York Times shared the following on an upcoming bill - balancing between national security & protecting privacy:

The bill, which the Obama administration plans to submit to lawmakers next year, raises fresh questions about how to balance security needs with protecting privacy and fostering innovation. And because security services around the world face the same problem, it could set an example that is copied globally.

In absence of dedicated Privacy Law & Data Protection Law - Is India Ready for Cloud Computing? What’s the opinion of leading cloud experts? Check…

Disclaimer: I am NOT associated with any of the companies mentioned here.

[Opinions published in the order they were received]

Suresh-Sambandam-CEO-OrangeScape Suresh Sambandam - Founder & CEO of OrangeScape, a pioneer Platform as a Service(PaaS).

The only Indian company listed in research reports of Gartner and Forrester on PaaS. OrangeScape's patent pending rule engine based PaaS platform enables entrepreneurs to build scalable SaaS based business applications easily.

I believe 'Law' should always play a catch up role with evolution for new industries, new businesses etc. It is too early days and things are changing rapidly. The law makers wouldn't even know what should be the constituents of the law. I am worried about Law makers creating more confusion than regulation. I feel the economy will regulate itself in many ways - just like the SAS70 certification other things will evolve from the industry to protect the industry. I feel this is much more practical and sustainable. Ultimately Customers will abandon providers who are not adhering to standards.


Kishore-Impel-CRM Narasimhan (Kishore) Mandyam - CEO of PK4, a company that delivers a SaaS Impel CRM for India.

Started as a developer at Infosys in 1986, Kishore has built and run companies in software services and in products in India and the US. Prior to PK4 he has lead many successful ventures viz. Ampersand, Aprisa & zeroCode. In 2006, he co-founded PK4 with the objective of changing the way traditional software is built and sold. Impel CRM is the first large software system from that effort. Kishore is an Electrical Engineer from UVCE, Bangalore.

If businesses had to depend solely on laws to make decisions, there’d be no innovation whatsoever. In fact, India is a terrific market for Cloud Computing, since this is one of the few countries on Earth there access to and the growth of network infrastructure has far outstripped access to basic infrastructure like electricity and water. People and companies can access sophisticated services without having to worry about electricity back-up and air conditioning for their servers, since the infrastructure is all “out there somewhere”. Further, without an “installed base” of in-premise computing, Indian managers have less to worry about in terms of legacy.

The legal issues will get resolved over time, but businesses will have come on board Cloud Computing long before that.


Wolf-Director-Sunny-Ghosh Sunny Ghosh - Director Wolf Frameworks, a browser based On Demand Platform-as-a-Service (PaaS) for rapidly designing and delivering database driven multi-tenant Software-as-a-Service (SaaS) applications.

Sunny is responsible for developing & evangelizing the business model embedded inside the WOLF Platform. A COBOL, RPG, CL programmer by origin, with strong career foundation with Motorola, Sunny started his career in the Telecom domain & holds an honors degree in Mathematics with specialization in Competitive Product Strategies, Intellectual Capital & Software Business Management from NSRCEL, IIM-Bangalore. A voracious reader, core committee member of the prestigious CII - Knowledge Management Community of India, he has published series of papers on how Digital edge empowers large Diasporas & communities, “Mobilizing knowledge management towards digital rights” in assistance from World Bank & UNPAN and dreams of a world filled with choice, service, freedom and optimism.

With the internet becoming an integral part of personal and corporate life, Indians have long been accustomed to the usage of Cloud services such as email and have warmed up to the idea of internet banking, online conferencing & related services. The increasing adoption of web-based services that add significant value and save time, money and effort, indicates a trend which is fast becoming the norm.

When considering Cloud services, most organizations acknowledge that security, customer privacy, data backups and risk mitigation are a part of a Cloud vendor’s core competency and service offering. Moreover, the need for a secure web-based service and the gap needed to fill it leads to the realization that building a security arrangement similar to that of a Cloud vendor would be prohibitive in terms of cost as well as implementation skills.

Importantly, the growing adoption of Cloud services by global clients and their resulting benefits is a clear indicator of the competitive difference and savings that come from adopting these services.


Jamal-Mazhar-CEO-Kaavo Jamal Mazhar is Founder and CEO of Kaavo. He possesses 15+ years of experience in technology, engineering and consulting with a range of Fortune 500 companies including GE and ING.

He has BS in Electrical and Computer Engineering from the University of Texas at Austin and MBA from NYU Stern School of Business. Kaavo Inc.  provides solutions for managing distributed applications in the clouds.  Kaavo’s core product, IMOD, takes an application centric approach for managing infrastructure and makes it easier for businesses to run secure and scalable services and applications in the clouds.

Privacy and related issues will be resolved with the increase in cloud computing adoption not before it. The adoption will happen first in use cases where privacy is not a concern. Ready or not there is already a wide spread use of social networking sites in India and people are actively sharing and putting personal information on these sites in the Cloud. Every time there is a big technological shift, it creates social, economic, and managerial friction and it takes time for all these forces to sort out. Carlota Perez has done an excellent evaluation of the forces that are in play during any major technological shift in her book (Technological Revolutions and Financial Capital); I highly recommend reading it to get a better understanding of the social and economic aspect of new technologies.

What’s your opinion? As a business owner will you wait for the law to refine & arrive with dedicated privacy & data protection regulations? Or do you trust the self regulation & standard followed by your cloud service provider?

Cloud Computing Articles & Interviews at Techno-Pulse


  1. i think this proposed subject is really good for indian online marketers to keep safe their data while they are doing business with the latest technologies of cloud computing or saas services. These are the term which allow business owners to work or drive their business anywhere in the world via internet, and security is always be an important points to set proper with law .

  2. There are a lot of businesses today that use cloud computing to help them lower the business costs.