It proposes conditions for data storage abroad
The government on Saturday released the draft national e-commerce policy proposing setting up a legal and technological framework for restrictions on cross-border data flow and also laid out conditions for businesses regarding collection or processing of sensitive data locally and storing it abroad.
The draft policy said the framework would be created to provide the basis for imposing restrictions on cross-border data flow from specified sources including data collected by IoT devices installed in public space, and data generated by users in India by various sources, including e-commerce platforms, social media, search engines.
The 42-page draft addresses six broad issues of the e-commerce ecosystem — data, infrastructure development, e-commerce marketplaces, regulatory issues, stimulating domestic digital economy and export promotion through e-commerce.
“It is almost a cliche today that data is the new oil. Unlike in the case of oil, data flows freely across borders. It can be stored or processed abroad and the processor can appropriate all the value. Therefore, India’s data should be used for the country’s development and Indian citizens and companies should get the economic benefits from the monetisation of data,” the draft ‘National e-Commerce Policy – India’s Data for India’s Development’ said.
A business entity that collects or processes any sensitive data in India and stores it abroad, shall be required to adhere to the certain conditions, according to the policy draft. The conditions state that all such data stored abroad shall not be made available to other business entities outside India, for any purpose, even with the customer consent. Further, the data shall also not be made available to a third party for any purpose and it would also not be shared with a foreign government, without the prior permission of Indian authorities, the draft said.
“Suitable framework will be developed for sharing of community data that serves larger public interest (subject to addressing privacy-related issues) with start-ups and firms. The larger public interest or public good is an evolving concept. The implementation of this shall be undertaken by a ‘data authority’ to be established for this purpose,” it added.
The policy laid out strategies to protect misuse of data while maintaining the spirit of existing regulations, it said adding that e-commerce warrants a framework which extends across segments, due to the cross-cutting nature of issues. On e-commerce marketplace businesses, it said the policy aims to invite and encourage foreign direct investment (FDI) in the marketplace model “alone”, which is being carried out by companies like Flipkart and Amazon.
“An e-commerce platform, in which foreign investment has been made, therefore, cannot exercise ownership or control over the inventory sold on its platform. In this manner, foreign investment is not seen as a threat by small offline retailers of multi-branded products,” it said. Online marketplaces should not adopt business models or strategies which are discriminatory and which favour one or few sellers/traders operating on their platforms over others, the draft clarifies. It enlists certain steps which has to be followed by all e-commerce websites/applications. Besides, all e-commerce sites/apps available for download in India must have a registered business entity in India as the importer on record or as the entity through which all sales in India are transacted.
Safety and security
“This is important for ensuring compliance with extant laws and regulations for preventing deceptive and fraudulent practices, protection of privacy, safety and security,” the draft, which has been floated for seeking public views, said. It has also suggested measure to contain sale of counterfeit products, prohibited items and pirated content. This is the second draft being prepared by the department for promotion of industry and internal (DPIIT) as several concerns were raised over the first draft of the department of commerce. On the regulatory regime of the sector, it said the governments are finding existing regulations and structures inadequate to deal with issues thrown up by the digital economy.
Existing statutes and laws, the draft said, need to evolve to take into account the changing ways of doing business and changing business models. On taxation related issues in the sector, the draft policy said the current practice of not imposing custom duties on electronic transmissions must be reviewed in the light of the changing digital economy and the increased role that additive manufacturing is expected to take. On export promotion through e-commerce, it said there is a need to incentivise and reduce administrative requirements for outbound shipments through this medium.
“The existing limit of Rs 25,000 shall be increased to make Indian e-commerce exports attractive even for high-value shipments through courier mode,” the draft said. It also stressed on developing physical infrastructure for a robust digital economy and suggested steps for developing capacity for data storage in India.
“An assessment needs to be done regarding how data-storage-ready the available infrastructure in the country. Creation of infrastructure for storage would take some time. A time-frame would be put in place for the transition to data storage within the country. A period of three years would be given to allow industry to adjust to the data storage requirement,” it said.