ForumIAS announcing GS Foundation Program for UPSC CSE 2025-26 from 10th August. Click Here for more information.
Source: The post is based on the article “Data embassies may only be allowed to store non-personal information” published in Business Standard on 15th February 2023.
What is the News?
The Government of India is likely to allow only non-personal datasets to be stored in data embassies.
Note: Non-personal data refers to any dataset that does not contain information that can be used to identify an individual. These datasets could be consumer shopping trends, vehicle registration figures, tax collection information, etc.
What is a Data Embassy?
A data embassy refers to server resources owned and maintained by a nation-state outside its territorial boundaries, according to its own laws.
The idea is to ensure the normal functioning of a state and its digital services in case of situations like a cyberattack or a natural disaster.
Data embassies enjoy diplomatic immunity. Vienna Convention on Diplomatic Relations, 1961, grants diplomatic agents safe passage and freedom of travel in a foreign land and protection from local lawsuits and prosecution. Such benefits largely depend on the principle of reciprocity of the privileges.
Significance: Data embassies will be safe zones to store data for friendly nations without any interference from local laws. This will be beneficial for countries wanting to diversify the locations of their data storage without losing jurisdictional control over it.
Which countries have implemented the data embassies concept?
Estonia was the first country to set up a data embassy outside its territory — in Luxembourg in 2017 — because of its “high-quality technical capacity”, as well as its openness to work with this new concept.
Bahrain introduced a law in 2018 that says the data on the cloud should be subject to the exclusive jurisdiction of the data principal’s domicile country.
Note: Experts believe many other such countries could be storing their critical national data outside their territories, which is not known in the public domain due to security reasons.
