The RBI will examine concerns around its strict data localisation rules that require storing of customer data exclusively in India without creating mirror sites overseas, the government said Tuesday.
The Reserve Bank of India (RBI) in April last year asked payment firms to ensure their data are stored exclusively on local servers, setting a tight six-month deadline for compliance. That deadline was said to have been missed by some foreign firms including credit card giants Visa and Mastercard.
Commerce and Industry Minister Piyush Goyal on Monday held extensive consultations with the tech industry and e-commerce companies, a statement by his ministry said.
“All the companies who were represented in this meeting put forth their concerns related to RBI data storage requirements and processing related guidelines issued by the RBI. Deputy Governor of RBI, BP Kanungo, assured the industry representatives that the Reserve Bank of India will look into this,” it said.
The RBI in April 2018 put out a circular requiring that all “data relating to payment systems” are “stored in a system only in India” within six months.
International giants usually store data on global servers and the requirement to store data locally would require them to make an additional investment. But policymakers in India believe storing data locally would help monitor and conduct investigations if the need arises.
Mastercard CEO Ajay Banga joined the meeting via video conference, the statement said.
Besides the RBI rule, concern was also expressed at the meeting about a draft e-commerce policy that requires exclusive local storage and processing of data generated by users in India from various sources including e-commerce platforms, social media and search engines.
While domestic companies such as Reliance Jio have spoken up in support the government’s data localisation efforts, others like Facebook, Amazon, Microsoft, and Mastercard have led the way in opposing it. “The e-commerce industry representatives also put forth their concerns before the Commerce Minister about the e-commerce draft policy which they felt was not adequately consultative,” the statement said adding Goyal assured them that each and every concern of the industry will be addressed.
He asked e-commerce representatives to send their concerns in writing within 10 days.
On a draft data protection bill released in July 2018 that proposes a requirement for data localisation as a remedy to concerns about protection of personal data, industry representatives told the Minister that though the consultations on it were satisfactory, a lot of time had elapsed and they were not sure about the final shape of the Bill.
“Secretary Ministry of Electronics and Information Technology (MeitY), Ajay Prakash Sawhney, assured the e-commerce companies that the Bill will reflect all the consultations that had taken place with the industry during the formulation of the Bill,” the statement said.