The New Oil by Abhinav Singh
Data Sovereignty is the concept that digital data is subject to the laws of the country in which it is processed. This concept is closely linked with the data security, cloud computing and technological sovereignty. The rise of cloud computing has forced many countries to pass various laws for controlling and storing the data, this can be considered as the measure of data sovereignty.
Data Sovereignty has acquired the front seat in the current discourse post “Global Surveillance Disclosure” or what we say Snowden revelations in general. Leaking of PRISM program data by Edward Snowden was catalytic agent in global data sovereignty discussions. It revealed that US National Security Agency was collecting big data not only from American citizens but also from around the world. PRISM program was designed to receive mails, video clips, photos, social networking details, logins held by range of American tech giants like Google, Facebook, Twitter etc
Discussion of data sovereignty are currently underway for different countries like Bharat, China, Australia, Canada, NewZealand. The decolonisation of data is seen as the piece of self governance structures and important pillar of indigenous sovereignty.
Canada as a part of Canada’s IT Strategy 2016-2020 has enacted various data sovereignty measures, primarily on storage of Canadian data on Canadian servers.
In the same light European Union has enacted two laws i.e the General Data Protection Regulations (GDPR) and the Directive on Security of Network and Information Systems (NIS Directives) both are in effect since 2018. In case of breach of these laws, a regulatory fine up to €20 million or, 4% of global turnover can be initiated (whichever may be greater).
Every time we swipe a Visa Card or, Master Card for payment or uses Amazon’s service, our financial and personal information generated in the process is stored in servers outside India, primarily USA. Data Sovereignty is not only applicable on card payments services such as Master Card or, Visa but also on companies such as PayTm, which offers electronic or digital payments services in the country.
Based on the recommendations of Justice Shri Krishna Committee, Reserve Bank of India has made it mandatory for financial tech firms to store payment data of Indian citizens within the country. Under this rule put in the place by RBI, the data generated in India has to be stored and processed in India. RBI had set the deadline for compliance at 15th October 2018, but it didn’t had any clause of fine on those firms which had violated the deadline unlike the laws enacted by EU.
Why Bharat needs Data Sovereignty
With the registered 35% growth in internet users over the past years. Internet has penetrated up to the level of 251 millions individual users in rural India and is expected to reach the number of 290 millions by the end of 2019. Out of which 97% of the users access internet through smart phones. If we combine both rural as well as urban population the internet penetration will cross the mammoth 373 million users by the end of 2019.
With more and more Indian gaining access to smartphones and the internet, the country is set to produce the unparalleled amount of data. Every activity of this growing force of internet users will create digital traces. According to Cushman&Wakefield, digital data produced by India has grown twice as fast as in comparison with other countries from 40,000 petabytes produced in 2010 to 2.3 million petabytes by 2020.
Customer data is very essential for business outlet as it shows the general trend in consumer behaviour to predictive analytics. It can be potent weapons when applied to all aspect of business, but in vile hands it can also pose national security threat or, means unnecessary illegal surveillance.
The localisation of Indian payment data has wide range of benefits.
Justice Shri Krishna Committee pointed out that,”data localisation could also create domestic jobs and skills in data storage and analytics.”
Availability of data within the border gives government and courts the jurisdiction power to call for it when required. If data stored outside the country, access to this data will be restricted by local laws and regulations of the host country, which will result to our dependency on the whims of host country government for access.
The case of Huawei is to be considered here which has clear links with People Liberation Army (PLA).
In authoritarian countries, even private firms have to walk closely with the government and in many cases, functions as an arm of state. This become even more pathetic if the data being stored in countries that are hostile to India (China can be mentioned here). Hence the data stored with private players can not be considered safe if the host country in not indigenous.
It’s high time now to talk more about the Data Sovereignty of this nation because this would be the path of supremacy, 21st generation colonisation would be through data.
Please read the DISCLAIMER before using this site.
The New Oil by Abhinav Singh, The New Oil by Abhinav Singh