US – India ICT Working group - PowerPoint PPT Presentation

us india ict working group l.
Skip this Video
Loading SlideShow in 5 Seconds..
US – India ICT Working group PowerPoint Presentation
Download Presentation
US – India ICT Working group

play fullscreen
1 / 10
Download Presentation
US – India ICT Working group
Download Presentation

US – India ICT Working group

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. US – India ICT Working group IT discussion paper 04 November 2009

  2. INDIA PROVIDING GROWTH FOR US COMPANIES Earnings Break up, top 10 companies of S&P500 index Markets such as India fueling growth for US Tech cos** • India has opened up its markets in the Technology sector • US Companies have been generating high growth in both hardware and services, winning large deals • 7 of the top 20 tech companies in India are US origin Source: Annual reports of companies, *USTPO, **Dataquest 2

  3. IN THIS LIGHT, BILLS THAT RESTRICT BUSINESS ARE COUNTER PRODUCTIVE Salient points of the bill introduced by Senators Durbin and Grassley • IMPACT ON INDUSTRY: • No new visas • Business model change • Higher costs • Increased documentation and bureaucracy 3

  4. Protectionist measures globally, cause concerns in the Indian IT Industry Concerns Examples

  5. What does the Industry seek?

  6. CONTRARY TO POPULAR PERCEPTION, INDIAN IT COMPANIES DO NOT HOARD H-1 B VISAS Break up of visas issued to Indian companies (Total visas – 107K) H-1B visas issued to top 30 Indian IT companies Source: DOL report FY’08; NFAP (share changes to 15.1% out of 85K)

  7. Indo-US Totalisation agreement – lack of progress • US has signed more than 20 Totalisation agreements all with developed nations • Systems in the developing world with very large population have to address needs of various strata's of society, hence - multiple layers / frameworks • Mismatch between US visa regime and US social security • Lack of progress on this a concern for the Indian Industry • Estimates suggest Indian workers contribute more than $1B each year without receiving any benefits • Unfair treatment handed to some of the best minds who are contribute towards US companies and economies • Instead of looking at coverage of total population of India, US system should look at workers in the organized sector who are covered under mandatory framework similar to US system India proposes: Till the time US system can accommodate country such as India for a comprehensive treaty. A short term arrangement between India and US Government that allows either exemption or refund of the contribution made by workers in their respective countries on reciprocity basis between both countries

  8. Indian population and Social security coverage Composition of workforce Coverage of the organized workforce Differences between Indian and US system Similarities • Agricultural workers and domestic employees excluded under both systems • Government employees covered under special programs under both systems • Both systems are managed or regulated by the State • Both systems are mandatory Differences • Self-employed excluded under Indian system • Differences are in • Nature of labour force • Stage of development • Historical backgrounds • Indian system not homogenous like US system but is multi-layered

  9. IT (Amendment) Act 2008: Encryption Policy IT (Amendment) Act 2008 Section 84 A Strong Encryption Law Enforcement Reqd Security interest of country Growth of e-governance Govt. to prescribe the modes and methods for encryption Impetus to e-commerce Access to plain text Trust in Transborder data flow Cooperation from industry 84 A-Encryption Scenarios Data-at-Rest, Data-in-Transit, Messaging services Industry Recommendations: NASSCOM- DSCI Encryption Ecosystem • Cooperation with LEA, without resorting to key recovery • Disclosure of plain text- bit length of algorithm is irrelevant, as is the registration of products • Implementation difficulties in Transborder relations • Symmetric encryption for session security: e-commerce/ e-governance • Message encryption • Securing Data-at-Rest • By outsourcing industry for securing client data • Propriety encryption tools • Encryption up to & including 256 bits AES or equivalent • Plain text of encrypted communication, within reasonable time frame (3 days) • Due process- transparent and subject to oversight • Accountability of LEA agency • ISP, mere conduit, is not responsible to help LEA • Various tools used by individual

  10. NASSCOM Approach: DSCI as a Self Regulatory Organization …Best Practices approach to Data Protection Security Market Research Legal Forums Academic Collaborations Data Protection Authorities Privacy Regulations Knowledge Collaboration Security Technology Trends EU Privacy Directives • DSCI- A Self Regulatory Org. • Data Protection • Best Practices • Capacity building • Independent oversight • Enforcement • Dispute Resolution • Cyber Crime Speedier trial Technology Forums UK- Data Protection Act 1998 Architecture Principles US- FTC directives, Patriot Act Solution Categories Canada- PIPEDA Legal & Regulatory Requirements Technology and Vendor interactions Product, solution trends Aus- Privacy Act 1988 Technology advancement JAPAN- JPIPA Compliance Regulations Security Vendor Collaboration GLBA Vendor forums, interactions HIPAA Industry best practices PCI-DSS Security Management ISO 27001 Risk Management OCTAVE | COSO | FMEA IT Governance CoBIT Security Standards ITU-T X.1051 Security Practices NIST SP 800 Infrastructure Mgmt ITIL | ISO 20000