Why India needs to leverage and not localise data

If one were to chart the arc of geopolitical competition over the past 100 years, one can identify four primary sources of contention – land, people, natural resources, and now, the commanding heights of new technologies. At the heart of the current competition lies data – the fuel that will power future innovation.

We generate data just by existing. Every telephone call we make, every social media share, a journey from home to work, financial transactions, and even the beat of your heart is data. This is valuable to corporations big and small looking to create new products and offer new solutions. The more data you have and the better quality data you have, the greater your chances of tailoring products, out-innovating competitors, and achieving scale.
It’s little wonder then that access to data has become a point of geopolitical contention. This was evident at the recent G20 summit in Osaka. India boycotted a move by the world’s leading economies to establish a new regime for global data governance. The Osaka Track, as it is called, is a plurilateral initiative to establish a framework for cross-border data sharing, essentially aimed at limiting a states’ ability to hoard data generated within its borders.
This goes against India’s stated policy. India boycotted the Osaka Track preferring the conversation to be held at the WTO. Foreign Secretary, Vijay Gokhale, also underscored the significance of data as “national wealth.” India’s approach has been that of data localisation. Localisation essentially means storing domestic data on domestic soil. India’s rationale for pursuing localisation comes from the notion of viewing data as a new form of wealth. Keeping this in mind, there is a strong sentiment across the government to internalise this wealth and use it for development. While the idea does seem to make sense on the surface, a deeper look shows that there are significant costs and benefits to it.
Perhaps the greatest benefits to localisation lie in security and ease of access. RBI emphasised the latter by being the first government entity to call for localisation. The BN Justice Shrikrishna Committee and E-commerce policy have also called for localisation, citing similar grounds. However, there are significant costs to localising data in India and incurring those costs might not make data more secure. Firstly, building and maintaining data centres is a capital intensive business. It requires a significant amount of water, electricity, and bandwidth. Electricity and water are both commodities that India does not have in abundance. As of 2017, an estimated 240 million (24 crore) people in India did not have access to electricity. NITI Aayog estimates that 600 million (60 crore) people face a severe water shortage in India, and the situation will only get worse with the water demand being twice the supply by 2030. The recent Chennai water crisis does a lot to place emphasis on this. It would just not be fair or ethical to allocate water reserves to cool down data centres when they should be diverted to Chennai.
Secondly, as far as benefits are concerned, having data centres in India is not likely to make data more secure. India currently ranks 23rd in the global cybersecurity index. There have also been multiple leaks on the Aadhar data India does store locally. So there is a historical precedent for data stored on Indian servers to not be adequately protected. Moreover, if the idea is that storing data here is likely to impose an Indian jurisdiction on it, it may not pan out that way. The physical location of data does not define who owns it or has access to it. If Facebook decided to store data in India, the data would still belong to Facebook.
Given this, it is important to shift the data policy conversation from a storage location to access. Moreover, in doing so, it is important to adopt a strategic outlook. From this perspective, data is a tool of leverage, along with the size of the Indian market. India ranks at the 57th position in the Global Innovation Index. Our technology and innovation ecosystem has a lot of catching up to do, in comparison to those in the US and China. Therefore, allowing foreign competitors free and easy access to Indian data could stymie the growth of future Indian enterprises.
It would instead be far more prudent to pursue a policy of conditional access. There are a number of potential benefits to this approach.
Conditional access could either take the form of requirements for localisation along with investments and collaborations with Indian enterprises. A similar approach was recently taken by the Ministry of Road Transport and Highways which shared vehicle and DL data with Indian companies for a fee of ₹3 Crore. The Vahan and Sarthi databases brought in a revenue of ₹65 crores in total and were made available to 87 domestic companies. Apart from expanding state revenues, such an approach with foreign firms could lead to greater capital investments in India along with the diffusion of technology and managerial and operational best practices. In the long run, this could aid India’s start-up and tech ecosystems.
However, going down this road requires clear domestic legislation and regulations. There are three broad areas regulation should be aimed at addressing. Firstly, defining domestic jurisdiction of data. There is a need to define laws on who owns data, the citizen or the state. Calling data national wealth sets a precedent in favour of state ownership of personal data. Once defined, procedures for judicial safeguards and parliamentary oversight should be put in place to determine who can access public data. That can be followed by discussions over the finer points on what kinds of data should be classified as sensitive and personal. The data protection bill addresses this to some extent. However, the bill is not law yet. Even if it were to become law, it is unclear what aspects of the bill will be changed.
Secondly, in case foreign players are to collaborate with the Indian ecosystem to use data, there needs to be a regulation providing for foreign access. This is likely to be a huge part of conditional localisation. Having a framework that facilitates domestic and foreign collaborations between companies as well as states could be helpful in leveraging data for Indian development. Thirdly, regulation needs to address standards in public data. If data collected by states is to be made accessible to private parties, there need to be national standards in how data is collected, sorted, and opened for access. This would help in processing data and deriving insights from it. Standards would also make it easier to maintain clean datasets.
Considering the above, making the argument for localisation might be a sound short-term negotiating strategy. But in order to strengthen one’s hand at the global table, in the long run, it’s important to focus on putting in place domestic rules and regulations and then negotiating conditional access.
The views expressed above are the authors' own. The article was first published in Deccan Herald.
Previous
Previous

What does China’s new defence strategy mean?

Next
Next

Does the arrival of AI mean the end of data privacy?