Earlier in April this year, the RBI passed a directive that all payment providers operating in India have to store payments related data in India. The regulator gave a hard 6-month deadline for the companies to comply and store all payments-related data locally. The Draft Personal Data Protection Bill, 2018, was released in July, with its own requirements for data localisation, compounding the confusion. MediaNama held a round-table discussion on localisation of fintech data on 23rd November in Mumbai. What follows are the main arguments made around issues surrounding the policy. The discussion was held under the Chatham House Rule, therefore, quotes have not been attributed to persons, and their affiliations or organisations have been withheld. This is the first part of the discussion. Read the second part here. Quotes are not verbatim, have been edited for clarity and brevity, emphasis has been added. Each point was made by a different person. The origin of localisation Localisation has been around since 3-10 years, it began with the creation of the NPCI, on the premise that India should have its own local schemes for data being generated in the country. Companies like Visa and Mastercard were providing service for Indians using data analytics on this data. With the formation of the NPCI, came in the idea that payment data should reside locally in India. People in the RBI will tell you that the purpose of forming NPCI was access to data, this was at a time when data was going to…
