/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsGlobal tech companies have geared up to oppose the new legislation in India that would require companies like Facebook, Paypal etc to store and process user’s personal data in the country itself.
This new legislation was passed in July 2018 stating that all "critical personal data" should be processed in India, and presented a draft bill that could affect how global firms store customer data
The organisations are however opposing the bill as it will have a huge impact on investment and the business models of foreign and domestic firms. Besides this, it will also increase their compliance and infrastructure costs, and affect planned investments.
What will be the next step?
The concerns of the organisations are to be taken up by lobby groups planning a joint effort to pressure New Delhi to reconsider.
A letter will be passed to India's information technology minister stating the impacts that the new legislation will have on the business models of several Indian as well as global companies
The letter, to be delivered by Sept. 30, is supported by the U.S.-India Strategic Partnership Forum, the Washington-based Information Technology Industry Council (ITI), London-based techUK, and India's NASSCOM.
Besides the data law, government panels are drafting policies to regulate data stored by cloud computing, e-commerce and payment companies
Comments from Ankush Johar, Director at Infosec Ventures - an organisation that provides complete infrastructure security solutions for commercial and government clients of all sizes
Changing the location of data is a massive step and is nowhere close to something that could easily be implemented. Data centers of such global techs are not the standard server farms most medium-large scale businesses use in India. Instead, there are a huge number of factors that define the efficiency of storage and transfer of data at this enormous scale.
Temperature, altitude, power stability, connectivity with offshore servers and protection from physical actors such as climate and calamities are some of the most basic points, to begin with, and hence most data centre ls are placed according to these circumstances rather than taking governmental ease of access into account. Although if this done, it would be a game changer to the amounts of power available to the government over the personal data of citizens and would revolutionize investigations and audits on this data.
Both parties must sit and deduce a way to achieve something that fits everyone's plate and come up with a mutual solution else it would be the people who will grind between the battle.