India will approach the European Union seeking ‘adequacy’ status with the General Data Protection Regulation (GDPR) once the country has finalized and passed its own Personal Data Protection Bill, said two familiar people.
It is anticipated that reciprocal recognition of data protection equivalence will decrease the compliance burden and provide a leg-up for the outsourcing and technology sector to attract customers from Europe.
A similar equivalency agreement was signed between the EU Commission and Japan to allow secure information transfers based on a high level of private data protection.
As a consequence, all EU-to-Japan information transfers will be shielded by the same GDPR guarantees. With 13 nations, including Canada and New Zealand, the EU has signed adequacy contracts so far. “Adequacy provides convenience for EU businesses to send information to India. It offers automatic compliance and helps strengthen the ability of Indian businesses to offshore IT, “said Nikhil Narendran, partner of Trilegal legal firm. While data protection law compliance requirements will originally boost expenses, India will be equipped in the long run to become an accountable worldwide digital hub, he said.
Entities operating in the EU or even outside the bloc had to modify their business considerably if they are holding, processing or transacting EU national information. This includes rewriting both customer and service provider agreements. The new legislation has most impacted the Indian data technology and IT-enabled services sector as it derives nearly 30% of its revenue from Europe.
“Adequacy helps improve transfers of information, removes obstacles to outsourcing and makes it simpler for businesses. It provides convenience to businesses provided a country-level contract,” said Rama Vedashree, CEO of India’s Data Security Council.