Why India's data localisation Policy an Issue to US tech giants ?
Digitization and urbanisation brings change in the life of a common citizen and definitely it impacts the lifestyles of the netizens. It is also fact that technology teaches everyone to have better user experience, it resulted growing demand amongst Indians for Privacy and protection of the Information they share, specifically on digital platforms.
There has been an alarming rise in cybercrimes on a global scale. With India also moving towards a digital economy with the adoption of Aadhaar and an ever-increasing dependency on information, the concerns over cyber security, data protection and privacy are the most talkative agenda.
To address the growing concerns, the Government of India had set up a Committee of Experts, headed by Justice B. N. Srikrishna, to study the challenges surrounding data protection in India and provide their valuable suggestions and principles on which to base the data privacy legislative framework. The objective is to ‘ensure growth of the digital economy while keeping personal data of citizens secured and protected’, we can say as the is the first step in India's Data Privacy journey. The Supreme Court of India also holding 'Right to privacy' as a fundamental right lays the corner stone for a strong data privacy regime in India. The data protection framework, proposed by the Committee of Experts under the chairmanship of former Supreme Court judge Shri B N Srikrishna, is the first step in India's Data Privacy journey.
It is important to strike the right balance between the digital economy and privacy protection which is the key objective of the Data Privacy Framework. Justice Krishna has given a wonderful draft on how to protect the privacy, but it pinches the working style of American MNCs. Now, the question is why?
The policy states, under data localisation, entities are required to store and process personal data on servers physically present within their national boundaries. Although this approach helps address concerns over data privacy, security, surveillance and law enforcement. MNCs, says that, it will increase the burden on businesses by way of increased cost of compliance, and may also impact the building blocks of the economy, which rely on data exchange. However, it is good for India.
Secondly, the cross-border transfer Organisations will have to ensure that either: 1. The data is transferred to countries which offer an adequate level of data protection; or 2. Data subjects are offered a level of protection comparable to that they would have received had the data stayed within India
We can’t deny the fact that, before an Organization can make decision on the technical measures it should adopt for data protection, it needs to understand the data protection risk posed by its data processing activities and the wider environment in which it operates. Organizations should evaluate existing/ new technologies w.r.t to data leakage detection/ prevention, audit logging/ monitoring etc., in order to analyse how personal data is being accessed and used, by whom, and how value can be derived from it.
Now, the concern is , US technology giants plan to intensify lobbying efforts against stringent Indian data localisation requirements, which they say will undermine their growth ambitions in India.
U.S trade groups, representing companies such as Amazon, American Express and Microsoft, have opposed India's push to store data locally. That push comes amid rising global efforts to protect user data but is one that could hit planned investments by the firms in the Indian market, where the companies currently have limited data storage. The question comes why the MNCs will not abide by the law of land, when they want to do business to do profit.
Indian policy makers are now aware of the value of Data and privacy, if there any breach, which is quiet obvious on regular basics, the corpoartes will have to give huge fine as penalty. The time is no far India could role the world with Law, economy, Data and knowledge transformation/articulation. The fact is, data localisation was a global phenomena and India wasn't an outlier.
Technology executives and trade groups have discussed approaching PMO ( Prime Ministers Office) to appraise him of their worries. Separately, the industry is considering pitching the issue as a trade concern, including at the India-US talks in September in New Delhi, let’s see what relaxation they could get from the Prime Minister Modi.
Data localisation is not just a business concern, it potentially makes government surveillance easier, which is the biggest concern with the MNCs. Which is also the right of the Government to protect the netizens of the country.
This will help India get easier access to data when conducting investigations, but critics say it could lead to increased government demands for data access.
Technology firms worry the mandate would hurt their planned investments by raising costs related to setting up new local data centres. However, it is good for India, the question comes when you are earning then why don’t you invest in the same country in a significant way. This development comes with the rising number of data breaches have pushed New Delhi to develop strong data protection rules.
The industry also discussed approaching media and internet groups to explain why data localisation would be bad for India's booming IT, e-commerce and payments landscape, the sources said. It won’t solve the efforts seems. The bill is just waiting for the approval from the Parliament.
With the recent visit of Nisha Biswal to Delhi,the lobby group's president said, India's draft privacy law was of "great importance," and that the group would share its concerns with the government directly.