The world has progressed from the industrial revolution to the age of information revolution.
While the former came about with the advent of rapid industrialization, the latter is distinguished by an economy based on digitalization, information, and computerization.
However, this digital era has opened a pandora’s box for a variety of concerns regarding data security.
There has been an exponential increase in the incidents of data thefts, cyberbullying, scams, eavesdropping and others where privacy of customer data is compromised.
The bulk of data
The world has now become a global market with an increased cross-border flow of data.
While this may be good for the overall productivity and growth of a country, it raises concerns for the protection of a country’s data and the cases of identify thefts, leakage of critical information, etc. are more prevalent now.
This is forcing the governments worldwide to take some strict policy and regulatory impediments to protect their and their citizens’ data.
One such action is to store a country’s data locally, which is better known as Data Localization.
What is Data Localization?
The concept of Data Localization stresses that the personal data of a country’s citizens should be processed and stored locally i.e. in the country only.
While some countries restrict the flow completely, others allow for data mirroring in which only a copy has to be stored in the country of origin.
The government of India also is on the lines to adopt some tighter data protection laws for the IT as well as e-commerce companies.
Last year only, companies around the world were working hard to meet a deadline mandated by RBI to store Indian users’ financial data locally i.e. in India.
This was followed by IT ministry urging e-commerce players like Amazon to set up data centers in India at the earliest.
A closer look at the issue
In terms of internet usage, India is the second-largest online market, ranked only behind China. Per Statista, by 2021, the count of internet users in India will be 635.8 million.
With the digital population growing with each passing day, there is a huge potential for the data center growth in the country.
Per another report, digital data in India can go upto 2.3 million petabytes by 2020. If India stores all this data, it can become the fifth largest data center market by 2050.
This was one side of the coin. To know the other side of the coin, take a look at the following statistics from Thales Data Threat Report India Edition:
“62% of Indian respondents’ report feeling ‘very’ or ‘extremely’ vulnerable to attacks on sensitive data (37% ‘extremely’ vulnerable).”
“Indian respondents are relatively unconcerned about storing sensitive data in cloud environments, with 92% of Indian respondents reporting that their organizations store sensitive data in some form of public cloud (either IaaS, PaaS or SaaS), well ahead of the global average of 74%.”
Looking at the incidents of breaches last year (2018), India tops the chart.
One of the major concerns regarding big data IT security was privacy violations from data that is originating in multiple countries.
Data breaches can create a million-dollar hole in Indian companies. Per a study conducted by IBM Security and Ponemon Institute, in 2017 alone, the average cost of a data breach in the country (India) rose to 8% YoY to $1.7 million.
Such an increasing number of cyber-attacks and the aftermath they cause call for a stricter data protection regime.
- The first step in building a secure IT network, less prone to vulnerabilities, is to protect the user data by making it compulsory for global players to set up local data centers, and the Indian government has already taken a step ahead in this direction.
- E-commerce companies are bound to generate data on a large scale, therefore, there should be elements of safety, security, and consent for any transborder migration of data.
However, this does not imply that foreign companies should not be allowed to do business in India. This simply is an effort to control the unbridled migration of data, without the consent of Indian citizens.
Global state of Data Localization
Data localization is not a new concept. We saw the implementation of the European Union’s GDPR (General Data Protection Regulation) framework that instead of complete data localization focused on restricting the flow of data to different countries with a strong data protection regime.
Russia has one of the most restrictive regulations for cross-border data flow with high penalties. China also mandates localization of all important data held by the critical agencies. Thus, any cross-border data flow undergoes strict scrutiny.
The United States has left the regulation up to different states and sectors. Last year only, the president signed the CLOUD (Clarifying Lawful Overseas Use of Data) Act which allows data sharing with defined countries.
In India, last year, a data protection draft law which was headed by retired Justice B N Srikrishna, recommended that personal data of an Indian citizen must have at least one copy in India. This means it should be stored and processed within the country.
Earlier, RBI also mandated financial data of Indians to be stored locally. The issue became more prevalent when Facebook’s Cambridge Analytica controversy affected the Indian users as well.
Who is in support of data localization?
Indian startups are especially in support of data localization. Homegrown companies like Paytm and PhonePe strongly endorse data localization as it will allow better data regulation.
Also Read: The 7 Rules of IT Disaster Recovery – Strengthen Disaster Preparedness
Reliance Jio also supported the data localization for a better and secure IT model.
Case for Data Localization
- Data, if stored locally, will give enforcement agencies better access to a large pool of data. If needed, it would be easier to access information within local jurisdiction as compared to waiting for a response from foreign entities in control of data.
- It will help avoid the vulnerabilities associated with transferring data on the internet and across borders.
- Critical data can be prevented to an extent from any foreign surveillance.
- It can help in making India become a center of data analytics with the huge data generated in the country.
Companies who are now bound by this mandate to set up data centers locally might have to look for data center service providers for setting up data centers locally in India.
ZNetLive provides a number of hosting services like cloud servers and dedicated servers on a data center located in India to help local business growth with the increased website speed, performance and reduced IT costs.
Read details in a report by IDC.
Services ZNetLive offers:
amazing post