base 77



_Interactive Solutions
(e-Learning, Training, Testing)


#Integrated Solutions
(Web & Application Development)


get in touch

What legal and security standards has the Government of India established?

India has taken the following measures to safeguard intellectual property:

  • General Agreement for Tariffs and Trade (GATT)
  • Trade-Related aspects of Intellectual Property Rights (TRIPS)
  • The Berne Convention and the Universal Copyright Convention
  • Adherence to the EU Data Protection Laws and the Safe Harbor Agreement
  • The Information Technology Act of May 2000 (which brings E-commerce within the purview of law and accords stringent punishments to cyber criminals thereby making India one of the select 12 nations having cyber laws)

Intellectual Property Rights (IPRs) are a key component of the global economy today. The returns to knowledge in an enterprise today far exceed the returns to land, capital, or labor. Therefore, organizations today are trying to acquire the characteristics of knowledge organization. Knowledge management deals with not just explicit, inventive and innovative aspects of knowledge but also with tacit knowledge.

India is a member of the General Agreement for Tariffs and Trade (GATT) and, Trade-Related aspects of Intellectual Property Rights (TRIPS). In addition, India is also a member of both the Berne and the Universal Copyright Conventions. Nationals of member countries cannot register a foreign work in India and such work is automatically protected in India under the aforesaid conventions. Copyright can also be enforced both under civil and criminal laws.

The issue of data security is crucial to the Indian IT services/ITES-BPO industries, particularly with a large number of global companies outsourcing their processes to India. Recent studies by global business intelligence firms such as Gartner indicate that during 2004, over 80 percent of US companies will consider outsourcing critical IT services to destinations including India. In this environment, the issue of data security, the existence of secure regulatory frameworks (relevant anti-piracy, data protection laws), infrastructure and processes will assume increasing significance as the industry moves forward.

Indian software and services providers also conform to the latest regulations such as EU Data Protection Laws and the Safe Harbor Agreement. These regulations require that a country participating in the outsourcing domain should have government-owned data protection agencies that register all databases and have in place processes that seek the prior consent of individuals concerned whose personal data is being processed.

India's regulatory framework
The Indian Government has been extremely responsive to the needs of the fast growth Indian software and services and ITES-BPO industries in the country, particularly in the security domain. The central and state Government have rolled out various initiatives to ensure that a strong regulatory environment exists for the unhampered development of the two sunrise sectors and equally stringent laws exist that secure players operating in these areas. Indian software and services companies have also taken steps to ensure that they inspire confidence among global customers on the issue of data security.

  • The Indian Government, in conjunction with industry associations such as NASSCOM, has created the requisite legal framework for addressing security concerns.
  • The IT Act of 2000 incorporates laws and policies covering data security and cyber crime. India in fact, ranks among the handful of countries in the world with a strong cyber law regime.
  • The Government has given more teeth to the Indian Copyright Act of 1972, which in its amended form (to ensure compatibility with the TRIPS agreement), takes up matters related to copyright issues in computer software. India has one of the most modern copyright protection laws in the world. The Act also deals adequately with the issue of privacy.
  • The Indian Government is currently in the process of reviewing the IT Act 2000 to insert certain provisions to meet the norms specified by EU and as well as the US-EU Safe Harbor Agreement.
  • Indian software and services players have been actively adopting international standards in the area of quality and security including the ISO 17799, BS 7799, COBIT and ITSM.
  • NASSCOM is actively working on creating awareness about the importance of Business Continuity Preparedness among Indian companies. The association, alongside consultancy firm, KPMG, has created a special study on the Business Continuity Management market and is encouraging Indian software and services vendors to adopt best practices in security and data privacy, to ensure minimal damage when a natural or man-made disaster strikes.
  • The Ministry of Information Technology in India has taken steps to upgrade security standards including the following:
  1. Set up the Standardization, Testing and Quality Certification (STQC) Directorate.
  2. Rolled out independent third-party certification schemes for Information Security Management Systems.
  3. Set up the Indian Computer Emergency Response Team (CERT) to protect Indian assets against viruses, etc.
  4. Set up of the Information Security Technology Development Council (ISTDC) to respond to information security incidents and threats and attacks at the national level.