Bringing data localisation into force, the Indian government has told Amazon to “urgently” begin working on setting up local data servers in India.
The US-based retail giant which operates multiple product and service platforms in India has been asked to check unbridled cross-border migration of data without the consent of users.
This will force Amazon to store the data from millions of its subscribers within the country and will further increase its operating costs as well as hamper its data analytics abilities.
“What concerns us is the unbridled migration of data to overseas servers without the consent of Indians. Localisation of servers in India and having an element of consent of Indians is important for usage (analytics) of the data,” IT and communication minister Ravi Shankar Prasad said.
This all started with the Facebook-Cambridge Analytica fiasco wherein 562K people in India were ‘potentially affected’ by this global data leak crisis. In April, the Reserve Bank of India (RBI) had asked all payment system operators in the country to store data relating to their customers in India to ensure that user details remain secure in case of privacy breaches.
While the companies like Paytm, Microsoft and Google have come in favour of the data localisation, the upcoming UPI apps from WhatsApp and Amazon got stuck.
“Both WhatsApp Payments and Amazon Pay have not gone live due to similar reasons. Now, with the draft Personal Data Protection Bill also being put out for consultation, these players have to wait for the final decision,” Inc42 reported earlier.
Further, the industry had raised its concerns mainly over restricting data storage to India, a lack of clarity on the type of data that needed to be stored and the timeline to implement the rules.
As mentioned in a Reuters report, during the June meeting, representatives from US lobby group US-India Business Council (USIBC) said that storing the data only in India would be a security risk, as in the event of a natural disaster no-one would have access to it if it was all stored in one place.
Most recently, the Indian government, which is working on finalising the ecommerce policy framework, also sought inputs from the ecommerce task force to explore ways to prevent Indian data from being controlled or mined by entities outside the country.
In line with this, a white paper by the Srikrishna committee on data privacy and protection examined the data localisation mandate saying that it could help protect the rights of users and prevent foreign surveillance.
In its Draft Data Protection Bill tabled on July 27, the Srikrishna committee said critical personal data can only be stored in servers located within the country.
[The development was reported by ET.]