Data localization

Data Localization

When you swipe your Visa card or use Amazon’s services, ever wondered how your financial and personal information is carried, processed or stored? Well, most of the data tend to be either partly or completely stored outside India. Quite apart from worries about who has access to your data overseas, the Indian government and regulators have limited access to this data. This is what the RBI wants to change through its data localisation rules.

What is it?

Data localization or data residency law requires data about a nation’s citizens or residents to be collected, processed, and/or stored inside the country, often before being transferred internationally. Such data is usually transferred only after meeting local privacy or data protection laws, such as giving the user notice of how the information will be used and obtaining their consent

Why in News?

  • The RBI gave October 15 as the deadline for global financial technology companies to comply with its data localization norms in India and to store transaction data of Indian customers within
  • In a circular in April 2018, RBI had said that all system providers shall ensure that the entire data relating to payment systems operated by them are stored in a system only in

 

data

Srikrishna Committee Report

  • At least one copy of personal data will need to be stored on servers located within
  • Transfers outside the country will need to be subject to safeguards.
  • Critical personal data will only be stored and processed in India.

Data Protection Bill 2018

  • The right to privacy is a fundamental right that necessitates the protection of personal data as an essential facet of informational
  • Establishment of a Data Protection Authority to take steps to protect the interests of individuals, prevent misuse of personal data and lay down norms for cross-border transfer of personal
  • The Central Government shall notify categories of personal data as critical personal data that shall only be processed in a server or data centre located in

Why in News?

  • The RBI gave October 15 as the deadline for global financial technology companies to comply with its data localization norms in India and to store transaction data of Indian customers within
  • In a circular in April 2018, RBI had said that all system providers shall ensure that the entire data relating to payment systems operated by them are stored in a system only in

 

 

Srikrishna Committee Report

§  At least one copy of personal data will need to be stored on servers located within India.

  • Transfers outside the country will need to be subject to safeguards.
  • Critical personal data will only be stored and processed in India.

Data Protection Bill 2018

  • The right to privacy is a fundamental right that necessitates the protection of personal data as an essential facet of informational privacy.
  • Establishment of a Data Protection Authority to take steps to protect the interests of individuals, prevent misuse of personal data and lay down norms for cross-border transfer of personal
  • The Central Government shall notify categories of personal data as critical personal data that shall only be processed in a server or data centre located in

Advantages of Data Localisation

  • Secures citizen’s data and provides data privacy and data sovereignty from foreign surveillance. Example – Facebook shared user data with Cambridge Analytic to influence
  • Unfettered supervisory access to data will help Indian law enforcement ensure better
  • Ensures National Security by providing ease of investigation to Indian Law Enforcement agencies as

 

they currently need to rely on Mutual Legal Assistance Treaties (MLATs) to obtain access to data.

  • It will give local governments and regulators the jurisdiction to call for the data when
  • Data centre industries are expected to benefit due to the data localisation which will further create employment in India.
  • Greater accountability from firms like Google, Facebook etc. about the end use of
  • Minimises conflict of jurisdiction due to cross

border data sharing and delay in justice delivery in case of the data breach.

Challenges of Data Localisation

  • Maintaining multiple local data centres may lead to significant investments in infrastructure and higher costs for global
  • Infrastructure in India for efficient data collection and management is
  • Splinternet or ‘fractured internet’ where the domino effect of protectionist policy can lead to other countries following
  • Even if the data is stored in the country, the encryption keys may still remain out of the reach of national agencies.
  • Forced data localisation can create inefficiencies for both businesses and consumers. It can also increase the cost and reduce the availability of data-dependent services.

 

 

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top