C&L_December 2017 (1)
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>December</strong> <strong>2017</strong> | CIO&LEADER<br />
1<br />
EDITORIAL<br />
Shyamanuja Das<br />
shyamanuja.das@9dot9.in<br />
The GDPR<br />
Opportunity<br />
I<br />
I am in all my senses when I call GDPR an opportunity,<br />
notwithstanding how ‘stringent’ and ‘suffocating’ it<br />
looks today!<br />
Two trends worldwide are making privacy a big concern—one,<br />
the rise of neo-authoritarian regimes globally<br />
who are using democratic means to rise to power and<br />
two, the increasing entry of technology (and of course,<br />
companies behind them) to our personal space. I will not<br />
be surprised if privacy becomes the biggest political issue<br />
in many democratic countries in the next few years!<br />
As the concerns rise, anything with the potential of<br />
breaking into individual privacy will be seen with suspicion.<br />
Many businesses which have no intention other<br />
than to sell their products and services will be under<br />
scrutiny, impacting their business.<br />
It is better to be over-prepared.<br />
GDPR—and the privacy legislations being enacted<br />
around the world, including in India—give the companies<br />
an excellent opportunity to put transparent processes<br />
in place.<br />
Two trends worldwide<br />
are making privacy a<br />
big concern—one, the<br />
rise of neo-authoritarian<br />
regimes globally who are<br />
using democratic means<br />
to rise to power and two,<br />
the increasing entry of<br />
technology (and of course,<br />
companies behind them) to<br />
our personal space<br />
Complying with<br />
stringent international<br />
regulations are not new to<br />
Indian companies. Being<br />
a hub of services—home<br />
to many global IT, BPO<br />
companies and location<br />
for back-offices of many<br />
large corporations in the<br />
world—Indians have been<br />
used to comply with many<br />
sector-specific as well as<br />
horizontal regulations. It<br />
is not surprising that in<br />
GDPR compliance too, IT/ITES and BFSI companies<br />
are a couple of steps ahead as compared to others.<br />
CISOs and CIOs—the ultimate drivers of most compliance<br />
journeys—have challenging times ahead.<br />
While GDPR will be relevant for only companies<br />
that have something to do with EU citizens data,<br />
India is enacting its own regulation. A committee<br />
appointed by the Government and headed by a former<br />
Supreme Court judge has come up with a comprehensive<br />
discussion paper on the issues at hand. In<br />
this issue, we present you a set of what we think are<br />
the most relevant questions for you—in just 5-6 pages.<br />
The document is 233-pages long.<br />
The pace at which the committee is working, I will<br />
not be surprised if, by next year this time, we would<br />
be discussing the implementation plans for Indian<br />
personal data security legislation.<br />
Yes, one of the new requirements may be the<br />
appointment of a chief data protection officer. And<br />
there may even be provisions that the person should<br />
be exclusively devoted to that.<br />
Security professionals will be the first choice. But do<br />
we have that kind of talent available? That is another<br />
big discussion that we must have.<br />
Hope the year <strong>2017</strong> has been great for you. And<br />
wishing you a happy new year 2018