New Privacy Laws In Asia May Cripple Data-Centric Outsourcing 98
bizwriter writes "Think privacy issues are a pain when they affect consumers? Get ready for the grandfather of all corporate computing headaches. Big privacy-law changes in India and China are about to turn data-processing outsourcing into a hurdle-leaping, paperwork-generating mess."
Blah (Score:5, Insightful)
Are you kidding? (Score:5, Insightful)
If by "Big privacy-law changes" you mean they're going to have some, then yes that will make it harder for companies to just offshore data processing to these countries and not worry about what happens. How on Earth you can try and paint that as a bad thing for those of us who actually, you know, like having privacy after our details are farmed off to some offshore data processing facility is beyond me.
Result: jettison all personal data (Score:4, Insightful)
For a long time there's been the hope in every company, that if they archive every piece of personal data, including every search term I've ever used and every cookie ever in my browser and everything I've ever bought at the grocery store or drugstore while using a credit card or loyalty card, that somehow this would pay off to them monetarily. They've already been paying money and effort to store this data probably without any obvious benefit to them. If these new regulations drive home the point that there's no point in storing all that useless information because of regulatory costs, what they'll do is simply stop storing it. No problem. Their IT suddenly becomes much more efficient because they are doing useless storage and archiving. They'll probably get a higher profit margin as a result.
It's kind of scary. At many big non-IT companies, IT costs have risen to as much as 6% to 10% of their cost of doing business. This is simply unsustainable. As IT technologies improve, IT should become a cheaper and smaller part of every company. Not get more and more expensive.
Re:Blah (Score:5, Insightful)
From the perspective of someone who prefers their privacy I'm not seeing a problem.
Only problem I see is why we don't have laws like this. With teeth.
Why haven't we seen an article titled "New US Law Will Cripple Data-Centric Outsourcing (and intrusive/careless management of data at home)"? And about 15 years ago?
Oh, wait. I forgot who owns Congress. Silly me.
Re:What's the problem? (Score:4, Insightful)
The real question when do we get a government that is more concerned about the welfare of the population than corporate profits?
Shortly after people start voting for good government instead of knee-jerk issues or whoever promises the best combination of tax cuts and handouts for yourself.
IOW, never.
Re:Result: jettison all personal data (Score:5, Insightful)
It's kind of scary. At many big non-IT companies, IT costs have risen to as much as 6% to 10% of their cost of doing business. This is simply unsustainable.
Wouldn't that judgement kind of depend on how much IT is contributing to their business? If it reduces your payroll, multiplies the number of customers you can reach, allows you to give those customers faster or otherwise better service at reduced cost, and allows you to make better business decisions, 10% might be a helluva bargain.
Re:Blah (Score:5, Insightful)
* Those that hold personal data must receive explicit consent to divulge that data to third parties.
* There are specific restrictions ''during the collection, processing, use, transfer and maintenance of personal information.''
* Personal data cannot be exported unless specifically allowed by law or government authorities.
* A company must get written consent by letter, fax, or email for the collection of data.
* People can opt out at a later time and withdraw their consent.
* There are significant restrictions on disclosing personal data to third parties.
* When a person has given consent for the transfer of data, or it`s necessary by contract, a company can only send the data to an organization that provides the say level of security as the Indian regulations.
* People have the right to review their data and to correct it.
Reading the proposed new rules I totally fail to spot anything unreasonable. On the contrary, any bona-fide company that uses fair and transparent privacy rules will be in compliance without altering a thing about their operational procedures.
So tell me, precisely what part of those proposed rules sounds as if it would hamper a bona-fide company from carrying out its bona-fide processing of personal data they obtained with consent?