Data localization has become a hot-button topic for the companies, regulators, and government in India as well as globally. Some companies, especially startups are in favor of data localization while many (viz MNCs) are against it. In April this year, Reserve Bank of India (RBI) firmly stated that all the financial transactions’ data of Indian citizens must be stored locally (in India itself). The aim most probably is the security of Indian citizen’s data and to monitor the activities of the nation’s people, and secondly to hamstring foreign data companies by establishing a classic non-tariff barrier. Till the time India adopts or rejects data localization in every sector of data transactions; companies are trying to defend their position and hoping things work out in their favor. In this blog post, we will try to understand what data localization is, its effects, what is at stake, and other aspects of data localization concerning companies, government, and citizens.
What data localization is?
In simple terms, data localization is the storage of citizen’s data in the local data center of a country. For example – If “X” multi-national company requires the citizen’s data of “Y” country, X should build a data center for data storage in Y itself. The main purpose of data localization laws is usually concerned with the interests of the nation to secure the citizen’s information. The laws can be implemented on a variety of critical data like payment transactions, health records, service operations, etc, to shelter the privacy of the citizens. Where countries like Australia, South Korea, Brazil, and India are moving towards data localization to some extent; Russia has strictly implemented data localization laws and many global companies need to cross this barrier to gain a foothold in the Russian markets.
What is at stake?
There is an extremely huge amount of data being generated by connected internet users in India. According to a recent report by real estate & infrastructure consultancy Cushman and Wakefield, the size of digital data in India was around 40,000 petabytes in the year 2010; and it is likely to grow up to 2.3 million petabytes by the year 2020 – twice as fast as the global rate. It is forecasted that if India houses all this data, it will become the fifth largest data center market of the world and second largest data center investor by 2050.
This implies that the digital population in India presents a huge potential demand for data center infrastructure. The data center infrastructure spending could reach 4.5 billion by the end of 2018 and 7 billion by 2020, says the forecast report by Cushman and Wakefield
What is the take of companies on data localization?
Large companies, especially MNCs are unhappy with such restrictive laws of data localization and have slung heavy backlash. MNCs want to store, process, and analyze the data from multiple geographies. They are trying to put forth a global perspective of the data storage arguing that restricting the free flow of data can be counter-productive. Companies explain that data localization will not only be expensive for them, as they might need to mirror the data in India as well as in other countries, but it will be unfortunate for Indian citizens as well, because data localization will make digital payments expensive and inefficient to provide security, safety, and analytics to Indian banks and other merchants. Multi-national firms are basically supporting the idea of having a unanimously developed data regulatory & policies by the countries together, which will help obviate inconsistency and overlapping of data-related rules on a global basis.
On the contrary, Indian local companies and startups are up for data localization and are supporting it. Their push is from the data security angle and to protect India’s homegrown ventures. Startups are claiming that data localization will prevent data regulatory blunders and help fill business jurisdiction loopholes that some foreign companies have exploited since long to evade paying fair taxes in India.
Data localization and Citizens
The pointers companies are putting forth can be a boon for someone and a curse for the other. Anyway, data localization seems to be giving a tough task to many of the companies. However, there are many factors like data hacking that can cause a breach of privacy of the data, and data localization is just one baby step concerning data security and sovereignty.
Let’s look at it the other way around. As an individual or citizen of a country, have we ever bothered about where our data is going when we buy a smartphone using our credit card on an e-commerce portal, or what are the “terms & conditions” of an app that we are downloading, which asks us to allow certain permissions to get run? Ask yourself, when was the last time you read the terms and conditions when you signed up for one. Can’t remember, right! Almost all of us never check the terms & conditions before signing up on any website (say on social media portal like Facebook) or never bother about where our bank details are going before purchasing anything online. It can be a good practice for the citizens to check the terms and conditions of the website/apps they sign up to, and where their data is going (or rather getting saved) when they buy things online using their credit/debit cards. Data is the new oil and awareness is the key to develop a firewall.
Different countries have enforced different kinds of data localization laws keeping in mind their citizens’ benefits. As soon as data localization is implemented in India, it will be great to see how it is impacting the industries, companies, and eventually the citizens. Let us know your views in the comment section on what you think about data localization in India and how it can impact or effect different sectors in India.
Good one !
Very helpful insights.
Thanks, Ankit. I am glad you liked the blog post.