At the G20 trade ministers meeting in Japan, Commerce and Industry Minister Piyush Goyal argued against using free trade to justify the free flow of data. Instead, he asserted that countries must have the sovereign right to use data they generate for the welfare and development of their people, reported the Economic Times.
The minister referred to Digital India, StartUp India, and Aadhaar, all which generate huge amount of data, and said, “This includes personal, community and public data and countries must have the sovereign right, to use their data, for the welfare and development of its people”. He also said that issues of privacy and security should be given due consideration in the debate on Data Free Flow with Trust (DFFT) before global rules are made on e-commerce. India registered its opposition to DFFT, but the Ministerial Statement on Trade and Digital Economy supported the principle of DFFT while recognising that “the free flow of data raises certain challenges”.
This came up as the 77 members were negotiating a joint initiative on e-commerce by looking at global rules on digital trade. India refused to support this initiative on e-commerce because, as Goyal said, “Developing countries need time and policy space to build deepest understanding of the subject and formulate their own legal and regulatory framework before meaningfully engaging in e-commerce negotiations.”
What is Data Free Flow with Trust?
Proposed by Japanese Prime Minister Shinzo Abe at the World Economic Forum earlier this year, DFFT aims to eliminate restrictions on cross-border transfer of information by electronic means, including personal information, and storing data in foreign servers. This is in direct conflict with India’s draft e-commerce policy (read a summary here) that has proposed strict regulation on cross-border data flows, locating computational facilities within India to ensure job creation, and setting up a “data authority” for issues related to sharing of community data.
By contesting DFFT, Goyal brought global attention to India’s favourite digital issue — data localisation. It is important to note that Goyal underscored the necessity of data security and privacy even as Aadhaar data has been breached numerous times (see here and here). Furthermore, by asserting a sovereign right over data, Goyal reiterated the current government’s assumption, reflected in India’s approach to internet policy, that data is a national asset as opposed to an individual right. In addition, the government has adopted a “rights, but” approach to policy-making, in which growth and security objectives have primacy over human rights.
India’s draft e-commerce policy on data sovereignty and localisation
Data availability, data sharing and data sovereignty
The policy states that arguments that data held by large corporations should be available to other companies through ‘compulsory licensing’ or FRAND terms forgets that these companies do not own the data which they have processed and monetised.
- “The data of a country, therefore, is best thought of a collective resource, a national asset, that the government holds in trust, but rights to which can be permitted.”
- “India and its citizens have a sovereign right to their data. This right cannot be extended to non-Indians (the same way that non-Indians do not have any prima-facie right or claim to, say, an Indian coal mine).”
- “This understanding flows from the acknowledgement that data about an Indian, is his/her own.”
- “Even after anonymisation, the interests of the individual cannot be completely separated from the derivatives that may be obtained by analysing and drawing inferences from a certain set of data.”
Data can, therefore, best be likened to a societal ‘commons’.
- “National data of various forms is a national resource that should be equitably accessed by all Indians.”
- “The same way that non-Indians do not have access to the national resources on the same footing as Indians, non-Indians do not have equal rights to access Indian data. However, access to it can be negotiated, in national Interest.”
Why is cross-border data flow a problem?
- “At this juncture there is no legal framework that would permit the government to impose restrictions on cross-border flow of data. Without having access to the huge trove of data that would be generated within India, the possibility of Indian business entities creating high value digital products would be almost nil. Domestic technology companies would be merely processing outsourced data work.”
- “Further, by not imposing restrictions on cross-border data flow, India would itself be shutting the doors for creation of high-value digital products in the country.”
- “Location of the computing facilities like data centres and server farms within the country will not only give a fillip to computing in India but will also lead to local job creation.”
- “In the future, economic activity is likely to follow data. It is hence vital that we retain control of data to ensure job creation within India. Cloud computing should become an economic activity in India. Data analytics in the era of industry 4.0 should become a major job creator.”