DPIIT to meet e-commerce, IT companies over data flow, localisation issues in draft e-commerce policy

DPIIT is looking into the Personal Data Protection Bill approved by the Cabinet in December 2019.

Issues around data regulation such as whether free data flow across the border should be allowed by India or should it be regulated or inhibited in some ways and whether localisation of data is needed are required to be considered as they have “a lot of pros and cons,” said sources according to a PTI report, as the Department for Promotion of Industry and Internal Trade (DPIIT) will meet industry representatives on January 14. The meeting will focus on discussing the merits and demerits of data storage provisions in the draft e-commerce policy.

Members from IT and e-commerce including representatives from Accenture, Adobe, Facebook, Genpact, Google, HCL, Infosys, Intel, Microsoft and TCS are likely to be part of the meeting along with officials from Nasscom, E-commerce Council of India, Informational Technology Industry Council, CII and FICCI even as a DPIIT’s additional secretary-level officer will chair the meeting.

Also read: SoftBank denies exiting renewable energy JV with Bharti Enterprises, Foxconn

The meeting has been scheduled ahead of the expected release of the e-commerce policy in the current financial year following draft launched by the government in February last year that proposed a legal and technological framework to restrict cross-border data flow and with respect to collecting or processing of sensitive data locally and storing it abroad. However, many foreign e-commerce companies have raised doubts about a few points in the draft related to data provisions.

DPIIT is looking into the Personal Data Protection Bill, which was approved by the Cabinet in December 2019, given multiple provisions with respect to the data are part of the draft e-commerce policy. The Personal Data Protection Bill, which was introduced in the Lok Sabha on December 11, read, “The sensitive personal data may only be transferred outside India for the purpose of processing when explicit consent is given by the data principal for such transfer.” However, it exempted the government from “all or any of the provisions of this Act shall not apply to any agency of the Government in respect of the processing of such personal data.”