Bringing data under the rule of law

Bringing data under the rule of law

Article

1. Parminder Jeet Singh initiates a debate that legal and democratic requirements for data localization need to be balanced with the values of global digital integration.

What is data localization?

2. Data localization means that the personal data of individuals in a particular country should be processed and stored in that country. Its consequence is that the transfer of data across borders should be restricted.

Important Analysis

3. As the Internet continues to grow, data regulation gains the prominence in many countries.
4. Digital society necessitates that data need to be subject under rule of law as it affects all spheres of social, economic and political life.
5. It is the state’s responsibility to protect personal data of citizens as privacy is a right  guaranteed under Article 21 of Indian Constitution.
6. There are dangers to privacy of individuals from

• State agencies
• e-commerce companies
• social media companies

7.  The writer advocated that the new data protection authority (proposed by Srikrishna Committee) to be a constitutional authority.
8. India’s cloud computing policy and draft national e-commerce policy would likely recommend that data generated in the country must be stored locally.

Data as a resource

9. Data has become one of the most vital resources of the century.
10.  Countries like European Union, France and U.K. and India are proposing national data-sharing regimes and data infrastructures especially for data that are generated by users on digital platforms (also known as ‘community data’).

• Data with companies like Uber is an example of community data.

11.   These regimes necessitated the law to have access to shareable data.
12.   Also, data is required for

• Policymaking
• Governance
• Smart traffic planning

13.   The proposed law cannot achieve its purpose if data can easily cross borders.
14.   Therefore regulations are needed for storage, processing and cross-border flow of data.

Need for data localization

15.   The Srikrishna Committee wants to localise data for

• law enforcement agencies to have easy access to data
• to prevent foreign surveillance
• to build an artificial intelligence ecosystem in India
• Prevent undersea cables through which data transfers take place from attacks

16. Recently, the Reserve Bank of India imposed a hard data localisation mandate on payment systems providers to store payment systems data only in India.
17. The writer suggests that free flow should be allowed for general information and knowledge.
18. Data between consenting jurisdictions can be regulated through mutual treaties as EU has done with its digital single market.

Data flow needs to be checked

19. Allowing unchecked free flow of data would mean withdrawal of the state from key social and economic roles.
20. In pursuance of this, all major countries like U.S., Germany, Indonesia, South Korea, Russia, China and EU have some kind of proposals for data localization.

Way Forward

21.  A balance needs to achieved between the interest of these companies and the interests of those whose livelihoods are attached to these economies.
22. Also, fears of state surveillance need to be balanced with the imperatives of a strong enough state that can protect people’s interest.