The Indian Department of Information Technology and the National Association of Software and Service Companies are jointly drafting the country's first data protection law. US and EU companies are increasingly outsourcing their back-office functions to Indian companies: Gartner estimates that the Indian outsourcing services market will form 49% of the global offshore market by 2007.

However, there is an urgent need for safeguards to protect data sent to Indian companies (see Pressure increases for competitive data transfer rules). The EU Data Protection Directive requires such safeguards for all data leaving the European Union. Although there is no equivalent legislation in the United States, US companies are subject to various industry-specific and state laws, for example California's identity theft law (see California makes companies liable for hacked databases). In offshore outsourcing deals, data protection provisions are usually embedded into service contracts, and Indian firms are expected to obtain confidentiality agreements from their employees.

In related news, a new statutory, administrative and judicial framework is being created to safeguard intellectual property in India. Steps already taken by the government include:

• amending laws dealing with trademarks, copyright and patents to comply with the Agreement on Trade-related Aspects of Intellectual Property Rights;
  
  
• enacting laws to protect semi-conductor and integrated circuits;
  
  
• giving greater search and seizure powers to the police; and
  
  
• forming anti-piracy consortiums within industry (see Developers join forces to fight hardware piracy).

It is hoped that these developments will help to create an environment for the effective development, protection and sharing of intellectual property in India in which the emerging outsourcing industry can be nurtured.

Prerak Hora and Gowree Gokhale, Nishith Desai Associates, Mumbai