Businesses must take data privacy seriously, as a growing chorus of Indians seek greater control over their data

Source: The Times of India

Image Source: The Times of India

By Subhashish Bhadra and Roopa Kudva

Privacy matters to regulators, customers and investors/markets - hence the business case for taking privacy seriously; it generates both risks and opportunities for businesses. Poor data practices increase financial risks - including penalties and impact on valuations. In May 2018, Europe enforced the General Data Protection Regulation (GDPR) which sets steep fines of up to 4% of global turnover for non-compliance with its clearly specified privacy guidelines.  

California, the home of Silicon Valley, will start enforcing a similar law in January 2020. Both these laws cover all entities that process their residents' data, including any Indian company that does business directly or indirectly with either Europe or the US.

Closer home, government has said that it is prioritising bringing a robust data protection bill to Parliament. The draft bill under consideration envisages fines similar to Europe, and goes further by introducing criminal provisions and jail terms. This law will cover almost all significant commercial entities in India. Therefore, the initial impetus to better privacy will likely come from regulation. Those with a global customer base can be exposed to both domestic and global laws, and bear the risk of steep fines in case of non-compliance. Both large corporations and startups need to equip themselves to comply with such laws.

To know more, read the full article here.