I have a brief comment to follow up on Volker’s comments, the spirit of which I completely support. I recognize that my comments may be unpopular. I have kept a low profile in these discussions and I fear that despite heroic work and dedication on the part of all, there is a serious risk of this turning into a train wreck in practice.
Frankly, as a provider that is handing over private details of my customer I do not care about anything less than the maximum required protection in any jurisdiction that may be applicable. So what if the states have lower privacy protection requirements than Europe and India has none? The only acceptable result in my eyes is an accomodation of the most extensive privacy protection level that may be required.
If we start looking at the countries which do not care about the privacy of their citizens, then we will get nowhere. Only be adhering to a maximum standard can we ensure that the result is workable for all providers and their customers.
Volker