- At the 14th G20 summit, which was held in June 2019, India backed data localisation laws.
- In April 2018, Reserve Bank of India (RBI) had issued a circular which mandated payment system operators to store entire data related to financial data only in India. The deadline for making these changes was 15th October 2018. Approximately 80% of the payment system operators including Google, Paytm, Amazon complied with the rule. But several companies including Visa, Mastercard missed the deadline due to confusion over data localisation rules.
- In June 2019, RBI gave clarifications regarding the rules stating that in case the processing is done abroad, the data should be brought back to India in not later than 24 hours, and also the data should be deleted elsewhere. And in the case of cross-border transactions, a copy of data can be stored abroad.
What is Data Localisation:-
- Data Localisation means storing the data within the territorial boundaries of the country.
- Data is considered as a ‘new form of wealth’. Generally, companies use data to understand the requirements of consumers and also to influence their behaviour. New products can be developed by analysing the data to meet the needs of consumers. So the data has an economic value. In general, developed countries are utilising this opportunity with their well-developed infrastructure. There is also a probability that the data will be misused in favour of the countries that store data. Moreover, India is a big consumer market for many foreign companies. So, India and other developing countries are realizing the economic value of the data and the importance of data localisation. With data localisation, domestic companies and the country’s economy will be benefited. And we can also ensure the security of the data.
- While investigating crimes, there will be a need to access the payments data. If the data is stored abroad, it is very difficult to take the permission of that country for access to the data. This causes delays in solving crimes. If the data is stored here within our country, this problem will be avoided.
- Data localisation laws result in setting up of multiple data centres locally. This will create many jobs and will help the country’s economy immensely. It will also drive innovation in the field resulting in low-cost solutions.
- Data localisation is also important for data sovereignty, which means the data of the citizens should be owned by the respective governments and not by other countries.
- We can also ensure data privacy by localising the data.
- At present, India does not have the well-developed infrastructure to ensure the security of data. On the other hand, developed countries already have an efficient infrastructure. So, rushing towards data localisation may not be a wise step. Because without efficient infrastructure, the data is prone to cyber attacks. And the risk is severe here because it is financial data. But as the laws are made, it is a big challenge to develop efficient infrastructure at a faster pace.
- Storing data in India means higher operational costs for payment system operators. Because in other countries they have cheaper alternatives. And also for cross-border transactions, they have to store the data in two places, which increases costs. There is a probability that these extra costs may pass on to the consumers.
- And there is no guarantee that they will delete the data elsewhere. They may continue to store and analyse the data for their own advantage.
- We are in a globalised world. At present, the world is running on the free flow of people, goods, services and data. Data localisation laws seem to be a part of protectionist policies, which is a threat to the free flow of data.
- The base of the internet is the free flow of data. Data localisation is also a threat to the main essence of the internet.
- US is against to the data localisation laws. Recently at G20 summit, Donald Trump, the president of US spoke against data localisation. Its stance is natural because it increases the operational costs of US companies. India-US bilateral relations are important for both countries because we are intertwined in export and import of IT services, professionals and goods etc. So, imposing data localisation laws without threatening the Indo-US relations is another challenge.
- Innovation thrives when there is no much financial burden. And hence data localisation laws may threaten the innovation attempts in the digital payments industry.
- If the processing of the payment transactions is done in another country, that country may ask these companies to submit the data. So, asking them to delete the data in 24 hours may interfere with the laws of the country where the processing is done.
- Data localisation may result in government surveillance of its citizens.
- It is also against intellectual property rights because they use their intelligence to form systems that can benefit from the data it generates, but in the end, they are deprived of these benefits and someone else may use this data in their favour.
Steps that were taken worldwide:-
- Not just India, but other countries are also taking steps on data localisation. For example, Australia mandated companies to store certain health records locally. And Russia restricted companies to store personal data only within the country. At present, India implemented data localisation laws only for the payments data.
It is too early to judge data localisation laws of India because data localisation is relatively a new concept. In the starting, companies may face technical difficulties. With time, we will know the real consequences of these laws. However, taking steps towards ensuring the privacy and security of the citizens’ data is a very progressive step.
What are your thoughts on data localisation? Express your point of view through the comment section below. And subscribe to our blog to read answers to the trending GD topics.
Pic credits: Christina Morillo
Copyright @ Group Discussion Ideas.