O C TO B E R 2 0 1 1

Regulation of the Cloud in India
By Patrick S. Ryan, Ronak Merchant, and Sarah Falvey


t is popular to make claims that the “new” movement of data to the “cloud” requires heightened attention from lawmakers and regulators. These calls for attention are based on beliefs that people are entrusting their information to third parties in ways that were never previously contemplated, and that new laws must be enacted in order to protect everyone’s privacy. The theory is often stated this way: without swift action, cloud computing will result in significant privacy breaches that will harm consumers. While it is reasonable for regulators to be wary of the increased reliance on third parties as the world becomes more digital, it is a mistake for regulators to assume that cloud computing (and its privacy and security challenges) are new. It also is a mistake to assume that cloud computing is inherently less secure than data stored on individual computers. In fact, cloud computing has been the aspiration of leading thinkers since the 1950s, and the development of the cloud has taken a similarly

progressive path as the development of the Internet itself. It is risky to attempt to regulate the cloud separately as well as to assume that the “cloud” can be controlled in a different manner from the flow of data on the Internet. Because computation in the cloud is no different from use of the Internet itself, it is not readily feasible or practical to cage and confine data flows within the cloud in a way that is substantially different from the flow of worldwide information generally. For this reason, regulatory frameworks should not be sui generis or custom tailored for the cloud and, instead, should leverage or update existing laws that are already in place. This article proposes a regulatory model for the cloud and shows how this model can be applied to India. Continued on page 7
REGULATION OF THE CLOUD IN INDIA . . . . . . . . . 1 By Patrick S. Ryan, Ronak Merchant, and Sarah Falvey PROTECT IP ACT: ONE APPROACH TO DEALING WITH INTERNET PIRACY . . . . . . . . . . . .3 By Michelle Sherman VARIOUS COURT RULINGS ON INTERNET COMMERCE TAXATION. . . . . . . . . . . . . . . . . . . . . . . . . . 18 By James G. S. Yang

Patrick S. Ryan, PhD, is Policy Counsel, Open Internet at Google Inc. and Adjunct Professor in the Interdisciplinary Telecommunications Program at the University of Colorado at Boulder, CO. Ronak Merchant is a research assistant at the Interdisciplinary Telecommunications Program at the University of Colorado at Boulder, CO and holds a B.E. from the University of Mumbai, and an MS from the University of Colorado at Boulder. Sarah Falvey is Senior Policy Analyst at Google Inc, and holds a BA from Hamilton College and an MA in International Relations and an MPA from Syracuse University. The authors are grateful for comments and input to earlier versions of this draft from Venkatesh Hariharan, Raman Jit Singh Chima, Pradeep Agarwal, and Nicklas Lundblad.

Electronic copy available at:

CA Jeffrey S. Telephone: 212-771-0600. Aspen Publishers. Redmond. Rein & Fielding Washington. CA Hilary Pearson Bird & Bird London. CA Katherine C. Hale Executive Editor Maureen S. CA Eric J. Purchasing reprints: For customized article reprints. CA Roszel Thomsen. CA Prof. Register of Copyrights Washington. Inc. Morris & Hecksher LLP San Francisco. DC David Phillips CEO. NY Thomas Raab Wessing Berenberg-Gossler Zimmerman Lange Munich. Ballen Schwartz & Ballen Washington. France Stephen J. Hergott. DC Ian C. Lease EDITORIAL OFFICES 400 Hamilton Avenue Palo Alto. Barry Wilson. Gervaise Davis III Davis & Schroeder. Thompson Bloom. Newsletters Susan Gruesser Managing Editor Jayne K. CA David L. Cook. England Prof. Michael Geist U. Phelps & Phillips Palo Alto. NY Richard D.C. DC Charles R. All rights reserved. CA Executive Managing Editor Robert V. Laurie Skadden. NJ Christopher Millard Clifford Chance London. CA William A. For customer service. NY 10011. Rockower Editor-in-Chief Mark F. Goodrich & Rosati Palo Alto. Trotter Hardy School of Law The College of William & Mary Peter Harter Security. LLP New York. Dorney DLA Piper Associate Editors Gigi Cheah Elizabeth Eisner Ann Ford Thomas M. 76 Ninth Avenue. van Engelen Stibbe Simont Monahan Duhot New . the services of a competent professional person should be sought. LLP Santa Monica Henry V. Hays & Handler.877-652-5295 or go to the Wright’s Media Web site at www. NY 10011 (212) 771-0600 JOURNAL OF INTERNET LAW (ISSN# 1094-2904) is published monthly by Aspen Publishers. It is sold with the understanding that the publisher is not engaged in rendering legal. MD 21704. LLP Palo Alto. New York.A. of Houston Law Center Lee Patch General Counsel Sun Microsystems’ JavaSoft Division Mountain View. Germany Lewis Rose Collier Shannon Scott PLLC Washington. French Vicky Lee Peter Leal Jim Nelson Scott Pink Allyn Taylor Vincent Sanchez Patrick Van Eecke Jim Vickery DLA Piper Thomas Jansen Nils Arne Gronlie Kit Burden Mark O' Connor Hajime Iwaki Mark Crichard Director. DC Michel Béjot Bernard. In no event may these opinions be attributed to the authors’ firms or clients or to DLA Piper Rudnick. Street and Deinard Minneapolis. Hertz & Béjot Paris. Inc. Radcliffe DLA Piper Palo Alto. D. CA 94301 (650) 328-6561 76 Ninth Avenue New York. CA Jon A. Sunnyvale. 7201 McKinney Circle. NY Prof. CA Morton David Goldberg Schwab Goldberg Price & Dannay New York. Nimmer Univ.S. NY Allen R. Arps. Fierman. One year subscription (12 issues) price: $552. Grogan General Counsel. Baumgarten Proskauer Rose Washington. CA Prof. Slate. Merrill McCarter & English Newark. Davidson Leonard. Hayes Fenwick & West LLP Palo Alto. Sonsini. Harvard Business School Robert G. please contact Wright’s Media at 1. Judith M. If legal advice or other professional assistance is required. New York. Electronic copy available at: http://ssrn. Toronto. —From a Declaration of Principles jointly adopted by a Committee of the American Bar Association and a Committee of Publishers and Postmaster: Send address changes to JOURNAL OF INTERNET LAW. CA Edmund Fish General Counsel Intertrust. Viacore. Tanenbaum Kaye.C. Katz Manatt.JO U R N A L O F Internet Law EDITORIAL BOARD Constance Bagley Associate Professor of Business Administration. Ray T. accounting. P. call 1-800-234-1660. Ballon Greenberg Traurig.J.wrightsmedia. Dick C. This publication is designed to provide accurate and authoritative information in regard to the subject matter covered. Orange. Saffer Asst. of Ottawa Law School Goodman Phillips & Vineberg. Monterey. Wolfson Assoc. WA Joel R. Pamela Samuelson Boalt Hall School of Law University of California at Berkeley William Schwartz Morrison & Foerster San Francisco. LLP Beverly Hills. Mountain View. Inc. D. Scholer. England Michael Pollack General Counsel Elektra Entertainment New York. CA Ronald S. DC Copyright © 2011 CCH Incorporated. BOARD OF EDITORS Founder David B.C. Spelman Steinhart & Falconer. To subscribe. Sinrod Duane. Gray Cary or its attorneys or clients. CA Ronald S. General Counsel Broadcast Music. call 1-800-638-8437. London. The opinions expressed are for the purpose of fostering productive discussions of legal issues. General Counsel Blank Rome Comisky & McCauley LLP Washington. iCrunch Ltd. Frederick. II Thomsen and Burke. Diemer & Klein. England MaryBeth Peters U. Single issue price: $55. Linder Wiley. MN G. LLP San Francisco. LLP Washington. Meagher & Flom. or other professional services. NY Colette Vogele Microsoft Corp.

For example.9 Thus. this theory was enshrined and endowed with the character of a law of nature in a concept known as “Grosch’s Law. Indeed. His law held rein for nearly three decades. interactive databases.10 The French adoption of the Minitel is illustrative for modern cloud-computing. that migration to centralized computing would happen because of the need to leverage economies of scale coupled with the need to invest in massive data processing centers. government-controlled cloud) would prevail. the French chose to leverage existing laws. While Grosch was wrong about the cost model of cloud computing. The Minitel was widely adopted and used. while governments will always be faced with new issues and challenges.) Although the Minitel largely has been replaced by the Internet. As with any good thinker who is ahead of his time. chat fora.” Herbert Grosch developed this “law” more than 60 years ago based on an assumption that computing increased by the square of its cost. and broad exchanges of information in large data centers. the French had laws and codes that governed publications in the press and certain audio-visual communications.11 Naturally. a number of “dumb” Minitel terminals are still available for installation and use in France. and the cases that dealt with civil and criminal liability issues within the Minitel cloud relied on these rules to ensure consumer protection while at the same time allowing the service to flourish.4 Those that claim that Grosch was wrong called for the “repeal” of Grosch’s Law as other more accurate cost models came to light. the Minitel cloud brought tremendous value to the French economy due to the ability for small and medium-sized businesses to exchange information.October 2011 J O U R N A L O F I N T E R N E T L AW Regulation of the Cloud in India Continued from page 1 G R O S C H ’ S L AW The development of cloud computing is as old as computing itself. it is important that when contemplating any regulatory framework to step back and examine how the specific technology has evolved in relation to other industries. directions. So. The terminals were inexpensive to manufacture and maintain and so consumers shared these costs among themselves and therefore were given to consumers for little or no capital expense. there were some hiccups when the exchange of certain kinds of information became controversial. and there was no accompanying 7 .7 It is one of the first examples of mass deployments of cloud services (also called “utility computing. for the past 30 years. he was correct in his assumption that significant economies of scale and efficiencies could be achieved by relying on massive. because rather than passing new laws to control or contain the type of information that was exchanged on the Minitel cloud. it enabled France to be wired much earlier than the rest of the world.2 Grosch expressed his theory as follows: “I believe that there is a fundamental rule…giving added economy only as the square root of the increase in speed—that is to do a calculation ten times as cheaply you must do it one hundred times as fast. is the root of cloud computing. and partially right. and to provide offers. because the unanticipated “killer app” for the Minitel was erotic chats (which made the government uncomfortable as the system’s sponsor). while Grosch’s cost model was wrong (now replaced by Moore’s Law). Grosch’s observations highlight that the debate around the theories of cloud computing have been taking place for more than 50 years. THE MINITEL The Minitel was designed in the 1970s and allowed the public in France to use their telephone network to access a number of interactive databases. centralized data centers rather than an over-reliance on storage in end units. the world’s leading thinkers within the area of cloud computing are just as old as the theories of computing themselves. and other details. there was considerable debate as to whether the Internet (a decentralized cloud-based system) or the Minitel (a centralized. the French consumer has been involved in significant use of cloud services that included bank transactions. Mr.8 As late as 1995. essentially. essentially. like modern cloud computing. Grosch was partially wrong.” in this case because of its link to France Telecom—the telephone utility.1 For nearly two decades.5 his theory of supercomputing with dumb terminals.6 Because the Minitel was a “pay for use” cloud-based system.”3 This argument has been interpreted to mean that the natural technological evolution would lead to “supercomputing” as a norm and.12 However. Indeed.

because of these varying models and platforms. AOL. and it is not the way that email and other cloud-based services work. often integrating unique and novel combinations of IaaS. there are economies of scope that can apply to large email hosting companies. Still. users can sign up for multiple email accounts from any email service around the world. the term is still used because it is entrenched in the common of the technology. and regulators often think of cloud computing in a very narrow way. Computer programmers and entrepreneurs have turned the cloud into a vast offering of very real products. Platform as a Service (PaaS) and Software as a Service (SaaS) that make up the cannon of cloud computing offerings. Lycos Mail.J O U R N A L O F I N T E R N E T L AW October 2011 set of cloud-based regulations that accompanied that use. Rediff Mail. it is useful to provide a brief illustrative survey of cloud offerings in order to illustrate width and depth of the ecosystem in the discussions below. the cloud computing space is too dynamic to divide into three neat categories. SaaS along with other categories not yet defined. CLOUD EMAIL There are thousands—if not millions—of companies that provide separately branded cloudbased email services. or AOL. even if a large cloud-based email provider.”13 So.17 Similarly. and this is why several global providers are popular. Hotmail. that all the world’s cloud services store their data in any given country. Literature and papers on cloud often go to great lengths to describe. Gmail.16 offers project-management software. Most services that businesses and consumers use cut across all categories to some extent. and contrary to the common term. Therefore regulations (such as those in Europe) that require data be stored within certain geographical boundaries are not practically enforceable. it is worth exploring the various manifestations of offerings to show how widespread the adoption has been. 37Signals. were to comply by hosting some of its servers in a given country. PaaS. Getting Real and ReWork. there is simply no way to impose such a requirement on the thousands of other cloud-based email providers. that is not the way that the architecture of the Internet was developed. In other words.15 For example. contacts. and compartmentalize the three relatively abstract concepts of Infrastructure as a Service (IaaS). For purposes of elucidation.” and “access anywhere. such as Hotmail. As the Software & Information Industry Association has recently described in its White Paper for Policymakers (SIIA Cloud White Paper). users. while the concept of the “cloud” has been blurred with the Internet for some time (arguably long before the concept of the Internet even existed). Evernote is a service that allows users to “capture anything. there is no effective way to require. remember everything. CLOUD-BASED BUSINESS AND PERSONAL ORGANIZATIONAL TOOLS Thousands of cloud-based opportunities are available in order to help individuals and businesses aggregate their use of the Web. Yet.14 All a company needs to do is to purchase a simple Linux computer and an Internet connection—and that company is now a cloud-based email provider. unitary thing. etc. to make business plans. across-the-board. While it is of course still possible for companies and consumers to place their email on their laptops or desktops. cloud computing is not a single. which means that the core software to run an enterprise-class Web-mail server can be obtained for no cost. sharing. There is currently a very low 8 barrier-to-entry for this market because web-based email is now available as an open-source platform. There is no “the cloud. thus making these distinctions essentially irrelevant. and real-time collaboration tools for small businesses. “cloud computing” resists practical definition for common treatment by law and regulation. and such. For example. The methodology that 37Signals employs (espousing cloud-based tools to empower businesses) has lead to two best-selling business books. Simply stated. including Gmail. weddings. With so many offerings available. the small-business collaborative suite.”18 This service aggregates information from . to make vacation plans. today this is often done as a complement to the storage of the same email in the cloud. parties. segregate. T H E C L O U D I S E V E RY W H E R E Governments. While these concepts once served the purpose of providing a framework for thought.

and other materials.22 SOCIAL NETWORKING. for example. JungleDisk. and many others. notes.24 9 . for example. and to interact with any business and with each other bring tremendous value to businesses and individuals.October 2011 J O U R N A L O F I N T E R N E T L AW users and businesses. with virtual opportunities for file sharing.” Cloud-based banking products include Quicken. Almost all banks offer users the opportunity to complete online payment transfers. Expensr. These Web-based services can be securely accessed from any browser. Recent market valuations of the well-known site Facebook have cited the value of the upcoming IPO as high as $100 Billion. weddings. In addition to the value-added services. MoneyStrands. social gatherings of all kinds. user support) to artisans and Small and Medium Enterprises (SMEs) worldwide that includes catalogs managed by Google spreadsheets. allows people to plan parties. stock trades—all via the cloud. in a trend that has been called “Banking 2. all on Evernote’s servers. hosting. OFFICE SOFTWARE TOOLS Companies such as Google offer a broad base of business productivity tools and office-software replacements in the cloud. Snapfish and many other locations. images stored on Picasa Web Albums and payments by Google Checkout. Egnyte. pay bills. Google Sites (team site creation and publishing). Apples’ iCloud. and other activities. BANKING AND MONEY MANAGEMENT Most banking happens in the cloud. such that individuals and businesses can practically maintain all of their records—daily transactions.0. Products such as Google Apps have powered companies such as OpenEntry. including photos.19 One of the most popular travel/organization tools is Tripit. Google Calendar (shared calendaring). PHOTOS. stored on sites such as Picasa. work spaces and other collaborative tools. discussion boards. The most valuable family photos are no longer stored away in an album or shoe box. Additionally. it has completely replaced the need to either visit a physical bank branch or to keep paper-based transactions—in many countries. E-COMMERCE The cloud can enable businesses to set up a completely virtual business presence without the need for any infrastructure. and boasts more than 25. purchase and sell stocks. Amazon S3. advertising.20 Finally. users and businesses collaborate in the cloud to rate and share information on businesses. work on mobile devices such as BlackBerry and iPhone. and in many cases. search. taxes. Many of these suites either integrate data with or share data in some way with other cloud-based suites that can help with tax preparation and filing. Google Docs and Spreadsheets (online document hosting and collaboration).23 The rationale for this valuation is not just based on consumer usage it’s the vast amount of information contained within the Facebook cloud—and the value that businesses and users place on it. Evite. such as TurboTax. there simply isn’t a need to maintain paper banking records at all. and payment processing and delivery. Geezeo. One of the best known invitation-services. Apple Mail. AND STORAGE Social networking is big business. research. secure sharing of video content). they are in the cloud. financial planning. Xero. and Google Video (easy.000 invitations sent each hour. such as Huddle. there are several more excellent cloud-based collaboration suites that offer the opportunity for companies to share their most important data with each other and with customers. there are several suites of cloud-based services that help individuals and businesses manage their money. Flickr. and integrate with other popular email systems such as Microsoft Outlook. and more. Mint. In sum. Google Apps. the banking and financial ecosystem has completely moved to the cloud. plane tickets. Wesabe. is an enterprise-ready suite of applications that includes Gmail. there are a number of services that offer “hard-drive replacement” in the cloud.21 If it appears that the lines are blurred between cloud-based services as those described above and the Internet itself—that’s because there are no lines! The “Web 2.0” services that empower people to compute from any device. through services such as Yelp. anywhere. Dropbox. and others. which helps travelers organize and track travel. Additionally. which offers free e-commerce catalogs (software. Amazon and Ebay offer “virtual storefronts” that enable cloud-based presentation.

which allows anyone with a connection to communicate with anyone else on the network. and freedom from vendor lock-in. which seeks to set specific security and privacy measures. and matters of privacy. Cybersecurity Standards. In order to avoid these problems. or reducing the quality of their services. Measures that force Internet companies to choose between taking actions that harm the open web. specific legislation that purports to cover “the cloud. Governments should embrace a global approach to cybersecruity that seeks international consensus on standards and that recognize that data can be protected and safe regardless of where it is located. hurt users and risk creating multiple bifurcated Internets. Cloud computing services should make use of open standard protocols and formats such that users have unfettered access to their data and meta-data. legislation typically prescribes a type of technology (such as encryption) rather than a particular end (protection of data). and transparency mandates that would apply only to a cloud environment and not to other forms of computing. in other words. India seems to be at the forefront of most 10 . cloud legislation should have the following characteristics: • Technology Neutrality. market continued to grow and innovate. legislation should avoid: • Localization Requirements.S. Additionally. resulting in favoring proprietary standards. consumer protection. Legislation should not allow for the creation of private and/or isolated clouds where user data cannot be moved to another platform. One striking example is the • • • adoption of important eBusiness applications in the United States which was greatly hampered in the European Union due to their desire to introduce technology-specific mandates. the cloud ecosystem is a complex one that features many new players and opportunities for the market. The interoperability of the Internet itself has allowed for its growth and evolution to be global and ubiquitous and cloud computing is no different. these authors support the increasing consensus from industry that existing legislation should be leveraged rather than enacting new. interoperability. One example in the United States of potentially prescriptive legislation is the proposed Cloud Computing Act of 2011. definitions. Interoperability. ranging from desires to control the environment. is necessary for the development of unfettered competition between vendors and unrestricted choice for users. for example. The genius of the Internet has always been its open infrastructure. This can only be achieved through the development and implementation of open standards.27 Vendor lock-in quells competition and enables a system. Interoperability. as described previously. Ensuring that any legislation remains technology neutral is essential to ensure the continued development of any burgeoning technology space or market and there are many examples of situations where a counter approach actually quells the evolution of the technological space. which caused the eSignatures market in Europe to flat line for close to a decade. the ability to exchange and use information between cloud computing products and services. while the U. where government procurement contracts favor legacy software providers. However. and focuses efforts on developing or deploying at the standards level in order to disadvantage cloud services.”26 The problem with new legislation is that it tries to ascribe a one-size fits all approach to cloud and Internet regulation. Any legislation should treat cloud computing as any other form of computing and not specifically regulate it based on the premise that cloud computing is something new or threatening.28 I M P O RTA N C E O F T H E CLOUD FOR INDIA As one of the fastest growing economies in the world.J O U R N A L O F I N T E R N E T L AW October 2011 L E G I S L AT I V E A P P R OAC H Legislators and regulators have myriad concerns. Data Portability. It also provides for patent and copyright protections that disproportionately benefit software-based products. Governments should avoid requirements for in-country servers. often citing national security.25 For this reason. This often leads to vendor lockin for large companies. thus ensuring portability. which could impede competition in this area. Some companies have worked actively to develop principles that would single out cloud computing as a unique area within broader Internet legislation.

maintenance. this was accomplished when the school started using Microsoft’s Live@edu service. In addition. citing a Gartner study that states that cloud computing will account for 5 percent of the total investments in India by 2015. experts predict that the cloud computing market in India will grow at a compound annual growth rate of 40 percent by 2014. the spare infrastructure from the data centers in Madhya Pradesh was used. For this reason. and upgrades of business applications. birth/death certificates. Indian Enterprises have been faced with ebbs and flows in workflow for the past few years and this trend is expected to continue for the foreseeable future. the education system (such as schools and universities). The landscape is a competitive one and many companies are competing for the business. storage. it balances the ebbs and flows in the workflow without significant impacts to the company’s bottom line.33 The IYC plans to use this service to replace customized messaging solutions in its 300 locations across the country. Delhi Public School One of oldest schools in the country.29 The adoption rates of cloud computing technologies in India are fast. For these reasons. Going forward the organization will integrate its existing proprietary applications with Google Apps along with using it for routine reporting and communication. 11 .31 ADOPTION OF CLOUD BY THE INDIAN PUBLIC SECTOR One of the striking features about cloud computing is that it presents benefits to every aspect of India’s economy including but not limited to SMEs. There are a few notable adoptions of cloud systems from various entities that are worth mentioning. IYC opted to move its more than 28. the cloud allows an enterprise to focus on its core competencies by allowing the cloud provider to deal with all of the hassles involved with the development. Implementations such as the one in Jammu and Kashmir are indicative of adoptions in the future.36 In January. a major part of which was the iNotes cloud email service. Broadcasting Another example of the use of cloud computing in India is by UTV Software Communications. and the cost of deploying a school wide messaging solution seemed to be a distant goal.000 elected officials and volunteers to Google Apps for Business.35 However.October 2011 J O U R N A L O F I N T E R N E T L AW technological developments and cloud computing is no exception. and the Government of India.378 crore rupees allocated for state data center projects. After evaluating a number of solutions for email and collaboration. State of Jammu & Kashmir The State Government of Jammu & Kashmir has adopted cloud computing for its e-governance services. Although there has been very limited adoption of the cloud technology in the Indian public sector. and recruitment services for citizens. there were practically zero initial costs incurred. a broadcasting company in India that combines television and game content. 2010. Indian Youth Congress The Indian Youth Congress (IYC) is the official youth wing of the Indian National Congress and one of the largest youth organizations in the world. The use of this cloud computing model allowed the Government to actually implement these services in the extremely small time frame of just 60 days. cloud computing has a particular advantage for a growing economy like India. In order to roll out these services. Second. First. UTV signed a five year deal with IBM wherein IBM would provide various business transformation initiatives to UTV.34 The collaborative capabilities of Google Apps will help IYC deliver on its mission of transparent and democratic participation and empower its members to work for local development in India using technology.30 One recent article in Dataquest hailed cloud computing as one of the most significant and important areas for investment in India. The Government of India estimates that the use of the private cloud model by two or more states could result in savings of up to 50 percent in the 1. the Delhi Public School has over five thousand students and three hundred staff members. The use of this cloud service has not only enabled easier and faster intra-school communication but also improved parent teacher interaction. the trend is on the rise. and are based on much of the good work that the Telecom Regulatory Authority of India (TRAI) has completed by promoting strong broadband policies.32 These services include cloud based ration cards.

including several well-recognized names. According to the 2009 eBay census guide. and the handling of email. Sterlite is not an SME rather it is quite large and is one of three global manufacturers of power conductors and among the top five global manufacturers of optical fiber and cables. and fax queries using the same portal. and profitable way. no industry. 12 ADOPTION OF CLOUD BY LARGE COMPANIES Sterlite Technologies is a leading global provider of transmission solutions for the power and telecom industries. SMEs usually find it easier to outsource these functions to a cloud provider and focus on their core business.7 million persons over 26. For example.39 One of the chief reasons that SMEs look at e-commerce offerings through such portals is because of business convenience. and France.” These online platforms have allowed Indian SMEs to tap International customers in an extremely convenient. such as low personnel costs. thus offering the public sector opportunities to put proposals out for competitive bids in order to obtain the best value for taxpayers.43 Such a model provides numerous advantages.1 million enterprises. Sterilite moved more than 1000 employees to the Google cloud solution. However.41 Sterlite decided to move to a cloud service because manageability and cost value for an on premise messaging solution were a major concern. cloud computing and its applications such as VoIP have a key role to play in this market. governments. They had been using a non-cloud. Because of this. meaning that they are more flexible enhancing their ability to leverage emerging technologies more readily than larger enterprises. and Voice over Internet Protocol (VoIP) telephony. which was designed to shed light on the online selling and buying behavior in India. A brief review of three applications of cloud computing outside of the office/productivity context will give a better understanding of how the regulatory framework in India has previously worked for cloud computing. With the development of India as the call center hub for some of the biggest US and European companies. minimum risk. cost-effective.38 SMEs in India are now using online portals such as eBay and Amazon to sell their products domestically and abroad. To be clear. lower capital expenditure on hardware and software make cloud computing an extremely viable option for most SMEs. facilitation of teleworking for the local call center staff. Germany. SMEs contribute towards 45 percent of the manufacturing output and 40 percent of the total export of the country. These applications have become. ADOPTION OF CLOUD BY SMES SMEs play a very important role in developing the overall industrial economy of a country. and companies with multiple locations to use cloud based services as employees can then operate from the main office. Additionally. the ecosystem is both wide and deep: there are many different providers of cloud-based services.J O U R N A L O F I N T E R N E T L AW October 2011 A compelling explanation for why cloud based services are a boon for the public sector in India is that it is a “pay as you use” model. the cloud is not 100 percent safe. integral ways to do business and communicate in India. business. There are many other large companies that have moved to Google’s cloud. as noted above.40 SMEs IT requirements are oftentimes not as complicated and extensive as those of large enterprises. or even their homes. or person is completely safe from crime.42 The Indian call center market is another industry segment that has benefited from the use of cloudbased services. These are Automated Teller Machines (ATMs). The low barrier to entry. on-premise solution for the majority of their employees. the eBay platform enables “product availability to anywhere.37 It also is advantageous for organizations. SMEs are one of the most aggressive segments in India to adopt cloud computing. any remote offices. OTHER CLOUD EXAMPLES The cloud is ubiquitous and is not just limited to office-based applications or remote storage. craftsmen in Ludhiana regularly export golf clubs to international eBayers in the United States. instant messaging. Credit Cards. . or are in the process of becoming. The Fourth Census of the SME Sector indicates that this sector employs 59. A review of a few short cases in India in related contexts that involve cybercrime show that the investigative and judicial system has been quite effective at prosecuting criminals without the need for new laws.

Not surprisingly. and the convenience of user-friendly Skype and Gmail portals. “from the cloud”). One reason for VoIP’s astonishing uptake in India in the past decade is the affordable pricing.e. The following two cases of ATM theft indicate that no new regulations actually are needed for cloud computing crimes. The first case is that of an ATM robbery worth 7. Add to this the security of withdrawing money from accounts anytime and anywhere.3 lakh Indian Rupees in the state of Punjab.October 2011 J O U R N A L O F I N T E R N E T L AW Automated Teller Machines ATMs are an early version of cloud computing. VoIP has a hassle free process from setting up to actually using the service. the thieves were found guilty under Section 407 of the Indian Penal Code.4 million debit cards in the Indian market in 2009–2010. Thus.49 Credit cards rely on transnational data flows. Banks. It is an important way for Indians to keep in contact with loved ones in India and abroad. in turn can save on capital expenditure as they can just set up ATMs at convenient banking locations instead of opening new branches.47 was solved by the combined efforts of the Federal Bureau of Investigation (FBI) and the Central Bureau of Investigation (CBI). First.50 Because of these distinct benefits. setting values for QoS 13 . The use of cloud-based VoIP technology offers advantages of cost savings from avoiding long distance calls. and has generally enabled the Indian outsourcing economy. Anecdotally. the Ludhiana Police arrested the three after close evaluation of the images from a CCTV installed inside the ATM. These advantages are reflected in statistics that indicate there were 18. It also enables anytime. essentially. like cloud computing. and they enable people to withdraw money from banks without going to the bank (i. cloud computing in the form of ATMs has been part of the Indian economy.45 The three persons involved were the security guard and two of his friends. via the cloud. the Indian police were able to make their arrests based on very old laws of theft. there was no need for any particular cloud-based legislation in order to solve these crimes. The first ATM was launched in India in 1987 by HSBC Bank. ability to see each other. which has been dubbed as one of the first major “cybercrimes” in India. no new “ATM law” or “cloud” law was required..3 million credit cards and 181. Additionally. The TRAI is one of the key players in the regulation of VoIP services and in assuring quality for Indian consumers. in the data transfer and information-sharing business.44 ATMs make banking much more convenient as consumers are no longer forced to deal with banks that are close to them. the Indian financial sector has aggressively moved to the cloud. in another ATM theft in the state of Chennai. anywhere shopping and saves the consumer the hassles and security issues of carrying large amounts of cash. The Chennai police believed that his arrest was the first step in solving the cybercrime ATM racket in Chennai. The TRAI has taken two major steps in the regulation of VoIP services. loved ones can attest to the importance of using VoIP to keep in touch with their family while studying in foreign countries such as the United States and the United Kingdom. Voice over Internet Protocol Voice over Internet Protocol (VoIP) is basically telephony over the Internet and because of the processing and switching required. and credit-card companies are. and by leading financial institutions in India for their core services. MasterCard. and have played a key role in the online shopping boom seen in India in the last decade. Credit Cards Credit cards are another form of cloud computing. ATMs are miniature computers that connect to the cloud either by a dial-up connection or by a broadband connection.46 Similarly. and American Express have allowed for convenient business transactions within the Indian market. for more than two decades.48 Again. According to the Times of India. the cloud is used both for the exchange of information between databases to enable the credit-based economy.52 This is especially true in Indian regions where high speed Internet connections are available.51 Thus. credit cards have an increased importance in the present Indian economy. and instead. A Chennai based MBA graduate had used International contacts to develop 30 dummy cards that allowed him access to ATMs. Credit card companies such as Visa. Like many other applications of cloud computing. the TRAI issued a regulation on Quality of Service (QoS) for VOIP Based International Long Distance Service in 2002.

the existing regulatory framework does not offer complete protection from data breaches. Section 43 protects the consumer from damages to the computer or the computer system. 65. PRIVACY AND THE CLOUD IN INDIA Every country in the world individualizes privacy concepts to match history and culture. The sources are: 1. 2009. 1997. it issued a set of recommendations for regulation of VoIP services in August. Although there is no right specifically focused on personal data protection in India. It is applicable to intentional actions such as concealing. Four sections of the Information Technology Act specifically deal with penalties against breach and misuse of data in India. database theft. destroying.54 These recommendations included the development of a level playing field for Internet Service Providers (ISPs). The regulations are primarily aimed at discouraging people from being involved in such behavior.J O U R N A L O F I N T E R N E T L AW October 2011 parameters and a testing procedure. The Department of Telecommunications found these recommendations to be helpful but on February 20. 2. India has taken a sophisticated view toward privacy and has adopted regulations that are meant to protect a set of resources and to prevent its misuse. These are Sections 43. at least in the domain of computers and cybercrime. The Information Technology Act of 2000 is based on a resolution that was adopted by the United Nations on January 30. there are several primary sources of Indian legislation that refer to this right for Indian citizens. 66. and digital profiling. on the other hand. deals with computer hacking and protects data users from intentional alteration/misuse of data on their computers diminishing the value of the data in the process. imposes duties on credit information companies and credit institutions for any unauthorized sharing of an individual’s credit information with external sources. numbering scheme for ISPs providing Internet Telephony services. 2008. new regulations could pose definite and serious challenges for cloud 14 . 3. Section 65 protects consumers against the tampering of computer source documents. A majority of Indians believe that the concept of privacy is about their own personal space rather than information privacy or identity theft.55 Importantly. To be clear. and interoperability between providers. Article 21—Article 21 of the Indian Constitution is about the general Right to Privacy. It foresees civil liability for actions including but not limited to unauthorized copying. emergency numbers. Section 72 imposes a fine of one lakh rupees and an imprisonment term of up to two years for any breach of confidentiality and privacy of a person’s material. extraction. Intentional tampering with a computer system’s source code is punishable by up to three years imprisonment or a fine of up to two lakh rupees. governance of interconnection agreements between the ISPs and National Long Distance (NLD) carriers by the TRAI. however it is comprehensive enough to resolve a majority of the concerns in the Indian market. the Government delayed the decision on regulations for VoIP services in the country. or altering of computer source code and is punishable by either or combination of a fine of up to two lakh rupees and imprisonment of up to three years. quoted in India as a data protection provision. On the other hand. Section 66. a person gaining access to or downloading/changing information from a computer system without prior permission from the owner is subject to civil liability.53 Secondly.56 This right covers the first generation of rights for Indian Citizens. the regulations that were adopted by TRAI took vital steps to facilitate and promote the technology and its adoption rather than to impede it. For instance. The Credit Information Act of 2005. Indian Contract Act—The Indian Contract Act basically deals with requiring Indian importers to pay a duty if they are unable to protect data coming in from other countries. The introduction of new regulations does not show any distinct benefits. Information Technology Act of 2000—The Information Technology Act of 2000 has explicitly stated penalties for the breach of data and privacy. The same penalty is applicable to anyone who is involved with hacking a computer system to cause wrongful loss of property. and 72. This act is focused on e-commerce and cybercrime in general. The penalty is the same as that for Section 65.

and money to be spent by companies when offshoring to India. and market-based mechanisms like those promoted by the SIIA Cloud White Paper for policymakers. from breach of contract. to facilitate competition between service providers. For these reasons. These laws make Internet Intermediaries responsible for harmful content on the Internet. THE NEW INDIAN PRIVACY LAW The most recent development by the Indian Government with respect to data privacy came in June.15 However. Sharma mentioned that there was definitely concern over sections of content present on the Internet and these would be carefully studied over the next few months.” One of the most important things that TRAI can do is to leverage the unique perspective that TRAI has on infrastructure. It will not only slow down the adoption rate for cloud computing and prolong the time to gain its benefits but also give rise to a feeling of confusion and panic in the Indian economy. it is telecom infrastructure that “powers” the cloud. It recommends further clarification of existing regulation and its extension to cloud computing in a subtle way rather than developing an untested set of new regulations. the actual nature of these rules does not completely solve the original purpose. and to resolve disputes between ISP’s or between an ISP and a customer. 2011. educational institutions. and ultimately. and from misuse of data. Research indicates that there are many laws and regulations in India that sufficiently protect consumers from breach of data. At the CII Content Summit.61 R E C O M M E N DAT I O N S TO T H E T E L E C O M R E G U L ATO RY AU T H O R I T Y O F I N D I A The TRAI was created by the Telecom Regulatory Authority of India Act of 1997. and the government. broadcasting and cable services in a manner and at a pace which will enable India to play a leading role in the emerging global information society. and develop 15 . revoking of licenses to ISPs.59 The intention of the Indian Government is to enhance the data security and privacy in the country and it feels that this is a crucial step to promote offshoring in India. we suggest a three-pronged approach: (1) clarify the nature and scope of existing data protection rules.60 The extensive requirements of the new rules are likely to increase the overhead of time. monitoring. it will be important for its interpretation and enforcement to be measured so as to allay the fears that have already been expressed by many multinational businesses.63 The role of the TRAI is centered on ISPs and their customers.October 2011 J O U R N A L O F I N T E R N E T L AW computing and the functioning of the Internet itself. quality of equipment used in the network and make appropriate recommendations. to monitor quality of service provided. It also respects the sentiment of the Indian Government of having some sort of regulatory oversight over cloud computing applications. Such an untested set of regulations would slow down the momentum of future cloud-services adoption.57 and (3) extend the smallest possible subset of these rules to the world of cloud computing and to utilize regulatory restraint so that the market may still develop. Indeed. A key component of these rules was that any organization processing personal information in India requires written consent before undertaking certain activities and must implement reasonable security policies and procedures. when it passed the 2011 Information Technology Rules (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information). The new privacy law is very new. This article endorses the general opinion that cloud computing is very important for multiple sectors of the Indian economy including SMEs. Per the Telecom Regulatory Authority of India Act of 1997. S. energy. granting. data portability. It also enforces a disclosure obligation for privacy policies wherein an organization must clearly explain the purposes of processing the involved personal information.58 These rules apply to organizations operating in India and are independent of whether the data originates in India or if it pertains to Indian citizens. forming the conditions of. raise legal concerns over past decisions. and the continued growth of cloud services depends on ongoing investment in infrastructure so that the growth can continue. (2) promulgate rules that promote open standards. TRAI chief J.62 Its mission is “To ensure that the interests of consumers are protected and at the same time to nurture conditions for growth of telecommunications. some of its core functions include recommending the need and timing of a new ISP.

which helped foster the eSignatures market. 21. Ryan. See Jack Kessler. stating that “a rule that makes sense when applied in a business-to consumer context might be inappropriate when applied in a business-to-business See e. In contrast to the static web pages of the 1990s.. gl/gyO6. 2011. “Guide to Cloud Computing for Policymakers. It also is seen as a competitor to Microsoft Office 365 and to Google Apps. 195 (2002). the Mark I was 55 feet long and eight feet high. 2010) 18. et. “Comments on Grosch’s Law Re-Visited: CPU Power and the Cost of Computation. took a more technology-neutral. 2010. See “Microsoft Office 365 Launch: Zimbra Scores Surprise PR Win..” Id. policymaker concerns about specific issues can and are being addressed through industry-led voluntary action. 2006 (describing the interactive Web as follows: “But what is Web 2. that makes web pages look like dynamic software applications that traditionally run only on personal computers.” D-Lib Magazine. 26. The technical problem was quickly solved. stated in the 1940s. “The French Minitel. 4. at S16 (describing Moore’s law and indicating that it has so far proven to be correct). 14. available at http://goo.” 240 J. 1997. Jason Fried & David Heinemeier Hansson. on Telecomm. 2011). Adams’ work was part of an early movement that ultimately led to the so-called “repeal” of Grosch’s law. The Directive applies to all 27 member states of the European Economic Area (EEA). Solomon. 2011. available at: http://goo. June 2011 at 5. available at http://goo. In addition. George Simpson. Ken Pottinger. “Le Minitel Still France’s Preferred ‘Internet. 7.”) 23. February 3. & High Tech. available at http://goo. 11.evite. 27. L. 12. Halstead.” 35 Cornell Int’l L. 2002). the Electronic Signatures in Global and National Commerce Act did not provide any guidance with regard to specific technology primarily because the PKI market was at that point in its infancy. a rule that might apply to a public cloud offering might not work as applied to a private cloud offering. appears to be prophetic”). Several sources have noted that the Directive has significant weaknesses and that many aspects of it are ineffective. See www. (Crown.dlib. 136 (2001).com. . at 247.huddle. heavy traffic generated by these sex lines caused what remains the system’s only large-scale crash.” The Economist. “Standards of Liability for Internet Service Providers. the second wave of websites would use software . Grosch’s law was still highly regarded by scientists and policy (last accessed June 20. Built by IBM and Harvard professor Howard Aiken. the first large-scale automatic digital computer began operation.. “Free e-commerce catalogs managed with Google Docs.” RAND Europe Technical Report (2009). 2011. 19. 16. The United States. Young M.. and respected papers continued to espouse his centralized computing “law. See www. ACM 94 (1972) (“In addition to increases in the level of technology.. In 1995. “The Persistence of the Dirigiste Model: Wireless Spectrum Allocation in Europe. available at http://www. Getting Real (2009). March 27. “France’s Precursor to the Internet Lives On. Oldehoft & M. for example. Hans Graux.J. “A Billion Here and a Billion There. “Wireless Communications and Computing at a Crossroads: New Paradigms and Their Impact on Theories Governing the Public’s Right to Spectrum 16 . May 11. á la Française. 3. public private partnerships and best practices enforced through contracts and existing legislation. In the United States. at “The enzyme that won. 2003.” The VAR Guy. Terminals available for sale by France Telecom today can be viewed at http://goo. but the public retained the impression that the Minitel was mostly about sex. Matthel See “Caught in the Net. January 9. See www. 17. “Grosch’s Law Repealed. a return to scale approximated by Grosch’s Law”). June 28. it forced the adoption of a specific technology standard (a PKI-focused provision) into the regulatory . See Selignan. yet wonderful technology. “Maximum Computing Power and Cost Factors in the Centralization Problem.J. See www. al. and it is most often expressed in terms of “Moore’s law. ACM 435 (1966) (concluding that larger computers offer the greatest economies of scale and indicating that “Grosch’s Law. Adams.37signals. Jason Fried. supra n. 9. holds that the microprocessor’s performance will double every 18 months. Lock-in occurs when a customer is uniquely dependent on a vendor for products and services. 129.tripit. In the second largest democracy in the world. many businesses resisted PKI adoption because it was deemed more expensive and difficult to use and instead adopted alternative solutions. the scientific community on the whole still had great faith in them. Although announcements claim that the Minitel terminals finally will be discontinued on September. unable to use another vendor without 2. one can expect for any given level.10 (describing the phenomenon as follows: “in 1985.evernote. the European Parliament and Council adopted Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data. . cited supra n. David Heinemeier Hansson. 24.J O U R N A L O F I N T E R N E T L AW October 2011 a negative sentiment in the minds of the Indian people towards this new. drawing the attention of the national news media. available at http://goo. .13.” Software & Information Industry Association White Paper. December N OT E S 1. 25. Jr.” 29 Comm. See Neil Robinson. A. July 1. at 13.g. 6. H. 5. supra n.” Washington Post. however. “Economies of Scale and the IBM System/360.” The Economist. See Russel Carlberg. 22.” 54 Federal Communications. See SIIA Cloud White Paper.). Kang et al. available at market-driven approach. See Amadei. VMWare’s Zimbra. 10.”) 13.” Online Media See Xavier Amadei. Miniaturization is most often associated with the growth of personal computers that took place from the 1970s through the 1980s.” 8 Datamation 38 (1962) (Adams suggests that Grosch’s law may not be accurate.” 9 Comm.” 15 Comm. Known in the European Union as the Electronic Signatures Directive. See Maite Selignan. See Dan Salcedo. it is imperative that the free flow of information be preserved. 189.6. But see Charles W. In 1944. 20. “Review of the European Data Protection Directive. 8. ReWork. Patrick S. . 3. The World Almanac and Book of Facts (Ken Park ed. Martin B. September 25. 2011. developed by Intel founder Gordon Moore in the 1970s.” While some challenged his theories. We highly recommend future research in this regard but strongly believe that minimum regulation is the primary factor to preserve the growth and innovation of cloud computing in India. As the eSignatures market developed post legislation. E.’” French News Online.” Google Docs Blog.. See www.” Moore’s law. html. is an open-source product that has been widely adopted by enterprises. ACM 779 (1986) In the 1960s and 1970s.0? It began with a specific and useful definition.

gl/VyChL. May 31. Compro Technologies. Microsoft Case Studies. available at http://goo.” Outsource Portfolio. Source: interview. and other instruments.” SmallEnterpriseIndia. 32. BSE: 532636. but that are also still needed. available at http:// “Unwanted Plastic?. Bloomberg: IIFL) and its subsidiaries. available at http://goo. 2011.” Google Enterprise Blog. Ministry of Micro. 2011. 38. Telecom Regulatory Authority of India. Indiamart. 48. available at http://goo.October 2011 J O U R N A L O F I N T E R N E T L AW substantial switching costs. 62. 44. For example.” Indiaforensic.” Proactive 2011 available at http://goo. Javed Anwer. Recommendations on Issues related to Internet Telephony. June 10 2011. Russell Smith. Interview with CIO Sankarson Banerjee. 57. one of India’s leading online destinations for personal finance. 61. gl/Qm1et. A few companies that have “gone Google” (meaning that they have moved to the Google cloud) include: Saurashtra Cements (Mehta Group). “India’s New Data Privacy Rules: Will They Help or Hurt Legal Outsourcing?. available at http://goo. or to switch telephone providers in areas where the market is limited or where barriers to entry are high.000 IIFL owns and manages June 7 2010. University of Namur. January 2010. 43. May 23 2011. wharfinger or warehouse. cited supra n. 46. and shall also be liable to fine. available at available at http://goo. available at http://goo. How can VoIP reduce call center costs.”) 29. The Mexican Secretary of Economy published a report that analyzed transnational data flows and identified India as one of the most significant locations for outsourcing of various services. 1860: “Criminal breach of trust by carrier.” Dataquest. available at http://goo. See India Infoline’s Google Journey. 58. See CRID India Privacy Paper. 2006. North American Leaders Summit. May 8. supra 52. (Noting that Indian “offices and individuals are switching to Web-based suites that are not only cheaper—because they do away with software costs—but are also accessible from any place with a decent internet connection”). available at http://goo. companies. Information Rules (HBS Press 1999). June 1.48.” IndiaFacts.” The Times of India. See Rama Lakshmi. “A private Neelkamal and many others. Haier Mobile. “First Analysis of the Data Protection Law in India. “Going Google in India: Indian Youth Congress & Punjilloyd move to Google Apps for Business. June 20. Team Computers. 35. 2011. in respect of such property. Rustomjee (part of Keystone Group). Flipkart. 2010.keeper. 2011. TRAI issues Regulation on Quality of Service for VOIP Based International Long Distance 60. 34. HSBC Website: The Worlds Local Bank. India in the Cloud Computing Arena. About Us. gl/2cvAZ. See Wikipedia entry. Section 407 in The Indian Penal Code. IIFL has moved to the Google cloud and has almost 18. Downloaded Cloud Computing. “India data privacy rules may be too strict for some 39.” Cloud Computing. 2009. Telecom Regulatory Authority of India. August 18 2009. gl/zGY5l. infra n. “ATM theft: Security gl/v5eKn.” Microsoft Contributory Articles. See Carl Shapiro and Hal Varian. Also see “Credit Card and Debit Card Users in India. Cosmo Films. See Report on the Trilateral Committee on Transborder Data Flows. “Another giant leap. 28. May 21. 2010.indiainfoline. “Google Sidesteps Edict. Also see Alan Cullison. India Infoline Ltd (NSE: INDIAINFO. comprising the holding company. Delhi Public School. June 51. October 20. 50. 31. stock markets. Faiz (describing the many improvements that have happened. “India’s First ATM Card Fraud.wikipedia. available at “IBM inks five year business transformation deal with India’s UTV Software Communication. available at http://goo. 56. “No tariff cut now as VOIP gets delayed. Credit Card Service in India. the IIFL group.” Information Week. available at http://goo. available at http://goo. easiptionBPO. being entrusted with property as a carrier. Mani Malarvannan. available at http://goo. “eBay: The E-way of Doing Business. Basant Singh. 2002.13. 30. June 7. Small and Medium Enterprises (Government of India).” Law Without Borders. Shipla Shanbag. Celebrating 150 years in India. 33. available at http://goo.” The Economist. May Technologies. at 34. “Emerging from the Shadows. and thus vitally important to a liberalized regime for transnational data flows. “4+1 Reasons Companies are Moving to Cloud. available on YouTube at 17 . available at http://goo. 54.—Whoever. Also see (describing the requirement from Kazakhstan for local servers and Google’s withdrawal from the market as a result. Powers and Functions of the Authority. available at http://goo. available at http://goo.” The Official Google Blog. 45. “New Privacy Laws To Impact Outsourcing to India. Which VoIP. commits criminal breach of trust. quoting Eric Schmidt‘s statement the doing so makes him “very concerned that we will end up with an Internet per country.” CRID. commodities. “Cloud Computing: The Next Big Wave in SME See Pradeep Agarwal. available at http://goo. Karan Bajwa. November available at at http://en. June 10 2010. 18 August 2008. available at http:// goo.” Outlook Money. “Changes to the open Internet in Kazakhstan. Shalini Singh. Forbes Marshall. two others arrested. Examples of lock-in include the difficulty in switching from one office-based provider to another.” 47. economy and business.56. available at http://goo. (hereinafter. 2011 at 22. gl/Y39qW. is one of the leading players in the Indian financial services space. India 2011. January 14 2010. March 31 2011.” The Wall Street Journal.” Washington Post. Pheji Phalghunan. 37. available at http://goo. shall be punished with imprisonment of either description for a term which may extend to seven years.” VarIndia.” The Times of India.000 members to Google Apps. available at http://goo. June 16 2011.S. 40. available at http://goo. available at http://goo. February 20. available at http://goo.” The Times of India. 41. See SIIA Cloud White Paper. TRAI Act 1997. See Bill Coughan. “Indian Youth Congress moves 28. 59. gl/fTkrx. 49. IIFL offers advice and execution platform for the entire range of financial services covering products ranging from equities and derivatives. available at http://goo. “CRID India Privacy Paper”). August 12 2010. 55. to Indian infrastructure for the benefit of the IT sector). Mayur Sharad Joshi. 63.” “Black Cards 42. “Office in the Cloud.