New Privacy Laws In Asia May Cripple Data-Centric Outsourcing 98
bizwriter writes "Think privacy issues are a pain when they affect consumers? Get ready for the grandfather of all corporate computing headaches. Big privacy-law changes in India and China are about to turn data-processing outsourcing into a hurdle-leaping, paperwork-generating mess."
What's the problem? (Score:5, Informative)
>A company must get written consent by letter, fax, or email for the collection of data.
Fucking awesome.
>People can opt out at a later time and withdraw their consent.
Fucking awesome
>There are significant restrictions on disclosing personal data to third parties.
Fucking awesome.
>When a person has given consent for the transfer of data, or itâ(TM)s necessary by contract, a company can only send the data to an organization that provides the say level of security as the Indian regulations.
People have the right to review their data and to correct it.
Fucking awesome.
The only people who have a problem with this are the ones who are intent on anally-raping your and my personal information with no reach-around.
So when do we get this in the States?
--
BMO
Re:What's the problem? (Score:5, Informative)
Re:Blah (Score:4, Informative)
More likely customers from places with privacy laws will start to offer their business to non-US providers.
Notice that the planned Indian regulations will probably make it a "safe 3rd party country" in EU-speak, meaning that personal data can be freely transfered out of the EU to India for processing or whatever because it has a similar level of legal privacy protection. Notice that the same thing EU-US is currently possible only with massive winking, and can end over night e.g. if the EU parliament gets pissed of enough about it.
Re:What's the problem? (Score:3, Informative)
As I said, only wording and tiny details are different from the EU data protection directive, which is as it happens the source where the UK act got cloned from.
(The UK actually being one of the countries that do not care much about privacy, IMHO, so I guess they basically choose the most basic implementation allowed)
Guess the sky has not fallen on the heads of the Brits yet, so one can quite well prosper with privacy.
Re:Blah (Score:5, Informative)
Privacy laws like these have some of the same issues, in that it's impossible to perfectly follow them to the letter while still conducting business. The difference is the consequences are much higher. Since it's China and India I assume that bribing your way out is still possible, but the price is much higher and if you offer too low, you could end up dead (particularly in China).
False. Essentially everyone here in EU follows them to the letter, and has done so for years. In some countries, well over a decade.
The only people who cannot follow them, are either not in EU and do not want to follow EU laws, or are literally too stupid to follow them. They're actually very easy when you get an IT-admin's version of them, and very easy to follow. You do not need to be schooled in law to understand them, one hour review is enough for most people.
As a comparison, when I was getting my security guard card for a summer job, legal rights and obligations took several days to teach and were a major part of the course.
I'm saying this from experience, I spent several years maintaining local university's campus network as a local admin, and one of the things we got a wiki page on was privacy laws, what we're allowed to do, what we're not allowed to do, what users are allowed to do, and what users are not allowed to do.
Interestingly, most of the stuff that opponents of privacy laws scream about as "this hinders my ability to maintain proper network management", as an admin you're actually exempt, by law. It's not a stupid piece of legislation by any means, and most certainly allows for maintaining very complex networks. You just have to actually want or feel obligated to follow the law.