.svg?rev=a492cc1069df46bdab38f8cb66573f1c&hash=2617C9FE8A7B0BD1C43269B5D5ED9AE2)
The following question was published in the Financial Times on 15th October and answered by John Enstone, a partner in the London office of Faegre & Benson LLP.
I run a small data inputting business in London which turns mobile phone voicemail messages into texts for customers. I would like to outsource some of the software development and processing to India – or another cheaper destination – but I am unsure about the legal ramifications of doing so. Could the data be compromised as a result and would my contracts be governed by UK laws?
Data are valuable assets which the EU closely controls and which many people endeavour to steal. Developing software in India is a well-trodden path. Protecting your intellectual property (IP) will be one of several points of paramount importance, so structure your development arrangement and the agreement carefully. Make sure that you use all the practical means at your disposal to protect them.
Developing and embedding this "self-help" or "fireproofing" approach in your commercial arrangements and agreement is a little complicated but well worth the effort.
You can only export personal data if, among other things, you have consent from all the people involved or mentioned in the voicemail. It is unlikely you would be able to obtain everyone's consent. This is probably a fatal problem, regardless of where the data are processed.
It may be necessary for a user to put a message on his voicemail telling the caller that the words will be transcribed by a third party and sent by text, but, in the current environment, do not put money on it.
The agreement can certainly be governed by English law, provided your Indian developer agrees. Remember that you have the upper hand in the negotiations. The bigger question is how best to enforce your rights especially in connection with IP and data, which frequently call for injunctions and other direct local action in order to deal with breaches.