Data Storage Rules Out Of Contentious E-commerce Policy

In a major change from the e-commerce policy draft, Commerce Minister Piyush Goyal has decided to keep data localisation norms out of the final policy, leaving the proposed data protection legislation to deal with the matter.

In a meeting with 25 major e-commerce players, including Amazon and Flipkart, on June 24, Goyal said data protection would now be handled by the nodal Ministry of Electronics and Information Technology (MeitY), which is working on a data protection bill, two industry representatives who attended the meeting said on condition of anonymity.

“This is a positive development. There were conflicting provisions in the draft e-commerce policy and the Personal Data Protection Bill. To have one point of reference for data-related issues is always welcome,” said one of the participants cited above.

Separately, Flipkart Group CEO Kalyan Krishnamurthy, who was one of the participants, said in a statement: “We appreciate the initiative of Commerce Minister Piyush Goyal to engage in a candid, positive and progressive discussion aimed at creating a vibrant e-commerce market and Digital India. We look forward to working with the ministry and many other stakeholders to realize this growth dream.”

A 10-member expert group headed by former Supreme Court judge BN Srikrishna, which submitted the draft Personal Data Protection Bill, 2018, to MeitY in July, recommended setting up a data protection authority and placing restrictions on cross-border data flows. The bill mandates storing one serving copy of all personal data within India. It empowers the central government to classify any sensitive personal data as critical personal data and mandates its storage and processing exclusively in India.

The bill is yet to be cleared by the Cabinet but is listed to be tabled in Parliament during the ongoing Budget session.

The government seems to be treading cautiously on the matter given US opposition to the proposed data localization norms. The contentious issue is expected to figure in the discussions between visiting US secretary of state Mike Pompeo and External Affairs Minister S Jaishankar on June 26.

The draft national e-commerce policy released in February this year also dealt with data protection. “In light of the increasing importance of data protection and privacy, the National E-commerce Policy aims to regulate cross-border data flow, while enabling sharing of anonymised community data (data collected by Internet of Things devices installed in public spaces like traffic signals or automated entry gates),” said the draft document.

The draft policy barred sharing of sensitive data with third-party entities, even with customer consent. “Violation of conditions of this Policy will be made accountable to prescribed consequences (as formulated by the Government of India),” it said.

However, the draft policy exempted certain categories of data from restrictions on cross-border data flow. “Data not collected in India, B2B data shared between business entities under a commercial contract, data flows through software and cloud computing services (having no personal or community implications), data (excluding data generated by users in India from sources like e-commerce platforms, social media activities, search engines) shared internally by multinational companies are exempted from restrictions on cross-border data flows.”

In a statement, the Commerce Ministry said that during the June 24th interaction, Goyal said the e-commerce policy is a work in progress and assured that enough time would be given to all stakeholders to adapt to any changes.

“More importantly, the changes will be prospective and nothing will be implemented with retrospective effect. He urged e-commerce companies to always honour the spirit as well as letter of the law,” it added.

Goyal said the government’s effort would be to bring convergence of interests of e-commerce platforms and small retailers.

In a separate meeting of brick-and-mortar retailers on June 25, industry secretary Ramesh Abhishek said a draft national retail policy would be released soon, seeking comments from the trading fraternity.

Praveen Khandelwal, Secretary General of the Confederation of All India Traders, said under the proposed retail policy, all laws, acts and rules governing domestic trade should be reviewed and redundant laws scrapped. “There should be one licence instead of more than 28 licences for conducting business and their yearly renewal should be abolished as it causes great harassment and corruption,” he added.―Money Control