The proposal to use of cloud computing in India has raised many regulatory and security concerns. Without meeting these regulatory and security concerns, software as a service (SaaS) and cloud computing should not be used in India. In fact, cloud computing in India must be techno legal in nature and till it meets the techno legal requirements, it should not be used in India.
Before using cloud computing in India we must ask few questions to ourselves. The first question is whether cloud computing is a viable solution in India? These include what are the regulatory frameworks required for successful cloud computing, how the security concerns need to be addressed, what are the legal frameworks for multi jurisdictional cooperation, and what are the quality of service (QoS) parameters for effective cloud service.
Besides regulatory framework for cloud computing in India we must also ensure high availability levels, appropriate data erasing mechanisms, data privacy at the service provider’s level, export restrictions upon data, data handling monitoring mechanisms, jurisdictional issues, cloud computing security issues, licensing issues for cloud computing, etc.
Till now we have no cloud computing policy of India. There is no cyber security in India and even cyber security policy of India is missing. There is no privacy law in India. There is no data protection law in India. And there is no data security law in and cyber security law in India. In short, there is no legal framework for cloud computing in India at all.
Fortunately, stakeholders have openly supported the need of regulatory framework for cloud computing in India. With an increasing pressure the Indian government may consider formulating a legal framework for cloud computing in India. The sooner it is done the better it would for all the stakeholders concerned.
Source: ICTPS Blog