E-commerce policy stuck over data protection law
NEW DELHI: India’s long-pending e-commerce policy is stuck because the enabling personal data protection law is yet to be cleared by the cabinet and the government neither wants to upset foreign investors nor alienate the country’s 70 million domestic traders, a key constituency of the ruling BJP.
Changes in foreign direct investment policy for so-called emarketplaces that came into effect on February 1 have already caused disruptions for the two largest online retailers — Amazon India, the Indian unit of Amazon.com, and Flipkart, owned by Walmart Stores.
Drafts of both the e-commerce policy and the Personal Data Protection Bill, 2018 are ready and in their respective ministries, awaiting a political green light, three officials from three different ministries said on condition of anonymity.
The e-commerce policy is contingent upon the personal data protection policy, which will specify the nature of sensitive data that cannot be hosted in overseas servers, and lay down measures to protect personal details of customers, according to the officials.
Email queries sent to the ministry of commerce and industry, the ministry of law and the ministry of electronics and information technology (Meity) on Tuesday did not elicit any responses.
While MCI is responsible for the e-commerce regulations, Meity is responsible for the personal data protection legislation.
According to the officials cited above, the government is apprehensive of the timing as the policies cannot please both foreign investors and local traders. It is cautious and evaluating various options, one of the officials said.
Key reasons for putting a comprehensive e-commerce policy in place include regulation of access to data that is one of the main elements for success of an enterprise in digital economy; protection of consumers ; promotion of domestic manufacturers; to check the misuse of dominant position by local or global online retailers; and provision of a legal framework , the first official added.
The e-commerce policy should be aligned with the data protection law, particularly for personally identifiable data, said Arun Prabhu , a partner at law firm Cyril Amarchand Mangaldas. A draft policy gave a reference to data as the oil of the digital economy and, in 2018, proposed a requirement for hard localisation whereby all data generated by users from various sources including e-commerce platforms, social media and search engines had to be stored only in India, he said. A draft of the Data Protection Bill, 2018, however, proposed hard localisation only for critical personal information, he said.
To protect the interests of domestic retailers, the government recently restricted foreign e-commerce marketplaces from selling products of companies in which they had a stake and prohibited them from forging any exclusive arrangement with vendors.
DRAFTS OF BOTH,
THE POLICIES AND THE BILL, ARE READY AND WITH THEIR RESPECTIVE MINISTRIES, AWAITING A POLITICAL GREEN LIGHT, SAID OFFICIALS