EU law in particular restricts businesses transferring data to countries with weak privacy protection, and with the Ministry apparently expecting growth rates in business process outsourcing to Pakistan to be over 100% for the next few years, the state is keen to eliminate reasons for potential customers to outsource elsewhere.
The difficulty so far as European firms are concerned relates to the Data Protection Directive of 1995, which restricts the data that can be transferred or stored in countries without equivalent rules and enforcement procedures. At present, Pakistan has no such regulations, and relies on individual contracts negotiated between the main company and the Pakistani outsourcing contractor to address the data protection issues.
"With increasing competition in the global Business Process Outsourcing (BPO) marketplace, the lack of legal cover for the protection of data within the country is an impediment to growth in this sector," said Federal Minister for Information Technology Awais Ahmad Khan Leghari, according to Islamabad News.
The Ministry has therefore published a draft of the proposed "Foreign Data Security and Protection Act 2004", which is designed to deal only with foreign data from outside Pakistan, and will not set out a national regime of privacy or data protection.
The bill still has to undergo a consultation period, before it is sent to the Cabinet and National Assembly for approval.
