Home
Internet
Internet Features
How EU's GDPR Data Protection Law Applies to Indian Firms

How EU's GDPR Data Protection Law Applies to Indian Firms

By Indo-Asian News Service | Updated: 26 May 2018 10:52 IST

The General Data Protection Regulation (GDPR) designed to give citizens in the European Union (EU) more rights to control their personal information also applies to an Indian entity if it monitors the behaviour of individuals in the EU. Non-compliance of GDPR rules can cost companies a fortune -- EUR 20 million or 4 percent of annual turnover.

"The scope of GDPR is very wide. It does not matter whether you are in the EU or outside," Supratim Chakraborty, Associate Partner at the law firm Khaitan & Co, told IANS.

"If you are providing goods and services through the data subjects in EU, you will be covered under the ambit. For example, the outsourcing services will be covered under GDPR. Moreover, establishments which are engaged in tracking data subjects of the EU through apps or any other tools will be liable to comply to the new regulations," Chakraborty said in a statement.

According to the European Commission, the law applies to a company or entity which processes personal data as part of the activities of one of its branches established in the EU, regardless of where the data is processed.

It also applies to a company established outside the EU offering goods/services -- whether paid or for free -- which monitors the behaviour of individuals in the EU.

According to Shree Parthasarathy, Partner, Deloitte India, Indian businesses are battling severe issues of data protection and cyber security that have larger business implications on productivity and customer confidence.

"Embracing GDPR with a strategic roadmap should be the immediate priority for Indian CXOs, that would include creating awareness, training as well as constitution of a dedicated data protection framework," Parthasarathy said in a statement.

"GDPR can be a competitive advantage for India, if enterprises understand its relevance and further bring in a risk-based iterative mechanism to their business strategy that is trustworthy secure, and agile in the digital world," he added.

According to a Deloitte survey conducted in collaboration with Data Security Council of India (DSCI), large organisations with more than 10,000 employees (21 percent of respondents), embarked on their GDPR readiness journey in 2016 itself. On the other hand, 43 percent of organisations started their GDPR readiness journey only in late 2017 or early 2018, the results showed.

"GDPR compliance should not only be looked at as an effort and money draining exercise but also as a business advantage which can be a differentiator in the market. An entity compliant with GDPR requirements would definitely command more confidence from customers as compared to those who do not," Chakraborty said.

(This story has not been edited by NDTV staff and is auto-generated from a syndicated feed.)

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.