wordpress blog stats
Connect with us

Hi, what are you looking for?

Finance Ministry wants data provisions out of E-commerce Policy; says data protection bill already in works


The Finance Ministry has suggested that provisions relating to data protection be excluded from the national e-commerce policy, on grounds that the issue is best handled by MeitY, reports Mint. The report cites a government official as saying that the draft data protection bill, drafted by MeitY, is not restricted to e-commerce companies but applies to every industry and sector. Moreover, according to the official, the policy should look at data from the point of view of ‘competition’ and should list provisions such that data is misused to influence prices and ensure the level playing field for all sellers.

Issues with the draft e-Commerce policy when it came to data protection

Among the goals of the e-commerce policy was to address the regulatory gaps from the Personal Data Protection Bill. It recognized data as a national asset and collective resource. It said that Indians have a sovereign right over their data and this right cannot be extended to non Indians.

Why data provisions were being introduced in the e-commerce policy when the Personal Data Protection Bill is already in the works is a question raised by participants at MediaNama’s discussion on the e-commerce policy as well. A number of other issues in the e-commerce policy such as cross-border flow of data, data localisation, and government control over data were also contested. Some issues raised during MediaNama’s discussions on the Draft National E-Commerce Policy:

1. Jurisdiction, why undermine a consultation process? : Devika Agarwal of NASSCOM said introducing data data provisions through an e commerce policy undermines an extensive consultation process which has already taken place. Second, “the provisions which have been proposed in the policy go beyond affecting e-commerce, therefore, the so far as they relate to personal data, they should be dealt with under the personal Data Protection Bill.”

2. Conflict between e-commerce policy and PDP Bill: Some provisions are in direct conflict with the provisions of the PDP. Agarwal explained that paragraph 1.2 says that the business entity collecting or processes any sensitive data in India and stores that abroad will be subject to certain conditions. “Sensitive data has not been defined — are we going to assume that sensitive data referred to in the in the Policy is the same as sensitive personal data defined in the PDP?”..”Second, the e-commerce policy says that even with customer consent, data stored abroad shall not be made available to business entities or third parties. Now, if the policy constantly says that consumers should be empowered, that citizens should have control over their data, here you are contradicting that very same premise.”

Advertisement. Scroll to continue reading.

3. Data localisation for creation of digital products in India: The ecommerce policy argues that India would be shutting the doors for creation of high-value digital products in the country and that we must retain control of data to ensure job creation in India. Nehaa Chaudhari of Ikigai Law argues that the harms of data localisation far, far outweigh any kind of potential benefits that you may have.” She explains that startups rely on cloud service providers for storing their data, and need their data centers located as close to its customer base / market as possible “my choice of data center is going to primarily depend on how close it is to my customer base or to my market. I’m going to want to keep my data as close to the market that I’m interested in primarily. The cost is another factor.”

Adnan Ansari of 9dot9 Insights, offered another objective, not made explicit in the Policy, of access to data. “Data localisation is eventually the means towards an end. This is the most obvious solution that at least the proponents of this policy see, because you are viewing data as a resource number one, and you want access, you want the government to have access to that particular data. So you want that data to be localised.”

4. Allowing movement of data for innovation: Coming to the practicalities involved in a requirement for data localisation, Chaudhari relays the concerns among startups. “Some startups that are trying to do cutting-edge stuff around R&D, or want to play around with certain services on data analytics services or AI/ML related stuff, then, in which data center around the world do you get that service? Because if I’m a cloud service provider it’s not necessary that I have rolled out a particular kind of service on mass and made it available around the world, especially if it’s a new service. Chances are that I’m going to test it out in a parent market and then subsequently roll it out wherever I think that there is maximum demand for that service. So if I’m a startup, and I want access to this cool new thing that’s come out, I should have at least temporarily if not permanently, the freedom to move my data overseas.”

5. Why does the government want to collect, localise and redistribute data? : Prasanto K Roy, weighs in with some context of regulatory objectives behind the nexus of data sharing and data localisation: “If you see, as far as payments is concerned, you have an enormous amount of stuff which happens on a global payment platform. The holy grail they believe in is that all that should be ultimately replicated here… So therefore, data is the resource which can be processed this IoT data we were talking about the belief is that you know, IoT data will become a very fundamental part of this tradable resource.”

Advertisement. Scroll to continue reading.
Written By

I cover health, policy issues such as intermediary liability, data governance, internet shutdowns, and more. Hit me up for tips.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



India's IT Rules mandate a GAC to address user 'grievances' , but is re-instatement of content removed by a platform a power it should...


There is a need for reconceptualizing personal, non-personal data and the concept of privacy itself for regulators to effectively protect data


Existing consumer protection regulations are not sufficient to cover the extent of protection that a crypto-investor would require.


The Delhi High Court should quash the government's order to block Tanul Thakur's website in light of the Shreya Singhal verdict by the Supreme...


Releasing the policy is akin to putting the proverbial 'cart before the horse'.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ