DATA LOCALISATION

About:

• Data localisation is a concept that the personal data of a country’s residents should be processed and stored in that country.
  
  
• Some directives may restrict flow entirely, while others more leniently allow for conditional data sharing or data mirroring – in which only a copy has to be stored in the country.
  
  
• As of now, much of cross-border data transfer is governed by individual bilateral “mutual legal assistance treaties” (MLATs).
  
  
• Arguments for data localisation:
  • A common argument of government officials is that localisation will help Indian law enforcement access data.
    
    
  • This especially gained prominence earlier this year, when a spate of lynching’s across the country was linked to WhatsApp rumours. WhatsApp’s firm stance on encrypted content frustrated government officials.
    
    
  
  
  
• B N Srikrishna committee:
  • In late July, a data protection draft law by a committee headed by retired Justice B N Srikrishna recommended that all personal data of Indians have at least one copy in India.
    
    
  • A subset of that data, labelled critical personal data, must be stored and processed only in India.
    
    
  
  
  
• RBI Deadline:
  • In early April, the RBI issued a circular mandating that payment data be stored only in India by October 15. This covered everyone from Mastercard and Visa to WhatsApp Payments and PayTM.
    
    
  • Currently, the RBI has not instituted any fines for those who have missed the deadline but is seeking schedules of pending data transfers to India.