In its bid to protect customer data of local citizens, the Government of India has asked the American e-commerce giant, Amazon to set up a server in India too. This comes after the government engaging with companies like Google, Whatsapp and Facebook in the past, on the same issue of data protection.
With a view to put a check on unrestricted export of data of Indian customers to foreign servers, Electronics and Information Technology Minister Ravi Shankar Prasad conveyed this message of setting up a server in India, to Amazon India Head Amit Agarwal.
Although India still does not have any law on data protection, the government has started taking firm steps on the basis of recommendations given by Justice B N Srikrishna Panel. Earlier, the draft national policy on e-commerce had also proposed mandatory localization of data. With data protection gaining a lot of buzz and significance after Cambridge Analytics and Facebook issue, the government has been keenly working on this issue. With the new data protection rules, which will rolled out very soon, many other sectors will also have to abide to such norms.
In his meeting with Agarwal, Minister Prasad said,” We are concerned about safety, security and the element of consent of Indians with regards to their data. Therefore, it is a must that you (Amazon) keep your server here in India, and this initiative must be taken on priority.” Prasad told Agarwal that they are undeniably welcome to do business in India, but the data generated through Indian operations must not be sent outside India, at any cost.
Speaking further on the matter, Prasad said,” Big corporate companies are definitely welcome to join their efforts in India. What worries me is the unrestrained migration of data, without the consent of Indians. Therefore, localization of servers in India and the element of consent of Indian citizens about their data become equally significant.”
However, there has not been any official response received from Amazon’s end on this issue. Although, a government official has indicated that Amazon is working keenly to protect the data of Indian users. Prasad further said that companies like Amazon have been empowered by small grocery shop owners in retail marketing, and it is the responsibility of the e-commerce companies to keep their interests protected.
The Indian e-commerce market has got the attention of the world with its sturdy growth and rising participation. Recently, we saw another American giant, Walmart, acquiring a 77% stake in Flipkart for a whopping USD 16 billion. With this, the Indian e-commerce industry is majorly dominated by two American players, while there are many other domestic and foreign players too.
With companies like PayTM and Snapdeal also having foreign shareholding, the government is keen on setting up tighter rules for data protection. Earlier in April, the RBI had given direction to all payment firms to store all data of Indian Customers, including any type of information collected and complete end to end transaction details, on local servers and in India only. A strict deadline for 6 months was also given for this.
With its efforts on data protection, the government seems to be leaving no stone unturned to stop any compromise with data of Indian users. An official from IT Ministry said that it is questionable why the US wants to know that what Indian’s eat and what are their fashion choices. Under the B N Srikrishna panel report, it has been strictly recommended that explicit customer consent must be taken while collecting and processing significant and sensitive data related to religion, sexual orientation and other such.
However, the government is not too restrictive above generic and non-sensitive data, and is even promoting the migration of such data. On this, Minister Prasad clarified,” Any constructive usage of the data is welcome. I am very keen that India becomes a centre for data analysis. The huge data generated by Indian customers makes India a big market for that.”
With the new data protection rules coming soon, some stricter and clearly defined norms can be expected for data protection. The draft data protection bill submitted by Justice B N Srikrishna panels recommends explicit consent for usage of sensitive data. Further, it recommends at least one copy of such data to be stored in India. The bill is currently open for public comments.