Draft Bill on information privacy may ask MNCs to store Indians’ data locally
A committee, which is likely to send a draft Bill on new data privacy laws to the government by the end of this month, may recommend that multinationals should store sensitive data of Indians within the country, The Economic Times reported, citing persons.
After the Cambridge Analytica data scam, a majority of the 10-member committee, led by former Supreme Court judge BN Srikrishna, is of the opinion that data of residents should remain local in the national interest, said the persons.
Disagreeing with the majority, some panel members said in order for India’s $135 billion software export industry to enjoy an edge, data should flow freely.
“Broadly, data has to be in the country. There are some areas where exemptions could be there but even from the country’s sovereignty point of view, vital data has to be stored locally,” a member of the committee told The Economic Times. He added that many Acts categorise such information as “sensitive personal data”.
“While sensitive personal data are already defined under many Acts, the committee will do the remaining job (of protecting it and of storing it within the country,” he added.
Localising data has interested a regulator as well.
In April, the Reserve Bank of India (RBI) had asked payment companies to store data of Indians within the country so that the regulator could gain access to the information as well. In a follow-up, RBI ordered for a fortnightly update from companies regarding their compliance with the directive, reported The Economic Times last week.
In May, Reuters, citing persons, reported that RBI is standing firm on a directive to compel global payment firms to store customer data in India, resisting calls from US companies to dilute an order they say would cost them millions of dollars.
The payment companies are worried India could set a precedent and nudge other major governments to implement similar rules at a time when there is heightened scrutiny on how companies globally handle their customers’ data.
The industry’s tussle with the RBI also comes as Prime Minister Narendra Modi aggressively pushes digital and cashless modes of payment that leave an electronic trail as part of a campaign to crack down on the black economy.
Its’ not just data that are under scanner. Cryptocurrencies have also come under regulatory glare. In April, RBI barred banks, non-bank lenders, digital wallets and any other entities it regulates from dealing with individuals or companies engaged in cryptocurrencies with immediate effect.
“Virtual currencies… raise concerns of consumer protection, market integrity and money laundering, among others,” the RBI said.
The RBI move is in line with the government’s stance that cryptocurrencies are not legal tender and is also in sync with greater regulatory scrutiny by central banks of several other countries including the US, Japan, China and South Korea.