SUMMARY
Visa plans to locally process all transactions through its data centre in Bengaluru and backup centre in Mumbai
In 2018, the RBI asked all payment system operators in the country to store data pertaining to their customers within India
The Indian government recently introduced the Personal Data Protection Bill in the Lok Sabha
The global card payment network, Visa, will soon comply with India’s data localisation norms. The company plans to locally process all transactions through its data centre in Bengaluru and a backup centre in Mumbai.
In 2018, the RBI asked all payment system operators in the country to store data pertaining to their customers within India. The move was aimed at ensuring user details remain secure against privacy breaches.
“We work with over 200 jurisdictions across the world and in every one of these jurisdictions we need to — and always will — comply with the law of the land. We can tell you that we now have a data centre in Bengaluru and a backup centre in Mumbai. We’re going to locally process all transactions,” the global payment major’s group country head, India and South Asia, TR Ramachandran said in an interview with ET.
The Indian government recently introduced Personal Data Protection Bill in the Lok Sabha, Lower House of the Parliament. The Bill is now being sent to a Joint Parliamentary Committee for further examination. “We’ll go a step further in ensuring 100% compliance once the infrastructure is ready, which should be sooner than later,” he added. The Bill tabled in the Lower House has made some changes in the original draft prepared by Justice BN Srikrishna Committee in July 2018.
The Indian government has taken an uncompromising stand on the country’s data sovereignty till now. Prime Minister Narendra Modi, in fact, stressed on the importance of data while speaking at the ‘Howdy, Modi’ in the US recently by referring to data as the “new oil” and “new gold.”
The bill draft states that “every data fiduciary shall ensure the storage, on a server or data centre located in India, of at least one serving copy of personal data to which this Act applies”. This means that when it comes to personal data, the master version of the data abroad should have another copy in India.
The ecommerce and social media companies have been showing displeasure over the proposed bill. They had claimed that they might have to change their entire business model to adopt the new bill. The foreign portfolio investors (FPI) dealing in securities traded in the Bombay Stock Exchange also expressed their displeasure in the new bill recently, since it requires them to keep a copy of financially sensitive ownership-related data, including the details of ultimate beneficiaries and their offshore banking accounts locally.
Internet and Mobile Association Of India had also said it will impact the new-age startups in India that are building innovative technologies, products and services. The whole licensing and certification process will slow down the growth and innovation for startups.
Meanwhile, Ramachandran also spoke about the government’s decision to do away with merchant discount rates on card transactions at retailers with turnover over INR 50 Cr. “There’s been a fair amount of positive consultation with the government and industry on this issue because it’s a very nuanced one,” he said.
He also added that he hates to simplify it into terminology that says it’s either this side or that side. “There are plenty of arguments we made for both sides. And a lot of factors are to be considered,” he said.
Comparing India with China and other emerging markets, he said India needs to grow digital payments as the country is lagging in terms of the percentage of personal consumption expenditure done digitally. “I believe the number is between 11 and 12%. China, for example, is at 55%. Therefore, a set of inducements for players is needed to invest in the space. The same has been represented by the banks to the government and I’m sure a positive solution will emerge,” he said.
