From February 1st, India will ban e-commerce companies, such as Amazon, Alibaba, and Walmart-owned Flipkart, from selling products of companies in which they have an equity stake. This follows previous draft regulation that requires foreign retailers to store Indian consumer data locally, use the government-backed Jan Dhan accounts for handling online payments and have their source code audited by independent agencies. Likewise, since October, new regulations have made life harder for global payment and fintech companies, such as Visa, Mastercard and Alibaba, as they need to ensure that transaction data remain locally stored in India. Furthermore, the Modi administration is working to draft new regulation to keep cloud computing data in the country.
What does this mean?
India is not alone in doing this, as data localization measures are on the rise globally. Although there are legitimate reasons for implementing these measures (e.g. cybersecurity risk or privacy), all the Indian regulations have come after lobbying by local and smaller Indian businesses to protect India’s digital economy against the power of global and foreign big tech companies. This will probably increase operation costs for foreign companies (e.g. higher infrastructure and compliance costs) as well as for the general economy (e.g. creating more uncertainties and liabilities, and possibly hurting FDI). The measures by India are further moves towards breaking the digital sphere into a series of data regimes, a phenomenon known as the “splinternet”, in which different data governance models are emerging.
In the U.S., private companies compete with each other in relatively free markets, in which a winner emerges from bottom-up that owns the user data. In contrast, Europe has strict regulation to protect users’ privacy and curb companies’ market power, as they must balance all kinds of stakeholders in this decentralized model. China has a centralized model, in which the government sets the market conditions in which large companies emerge, which then are obliged to share data and intelligence with governmental agencies. Lastly, India’s model is now emerging, in which supervisory and administrative tasks are done by independent agencies (e.g. the Reserve Bank of India), but in the interest of local, Indian companies. This strategy fits India’s history of implementing hazardous regulation to curb foreign companies and influence (India only “opened up” after its 1991 economic crisis), which nonetheless failed to create a competitive and efficient Indian industry. Although India’s data governance model may render new “Indian data champions” to compete with its Chinese and American counterparts, most of the incurred opportunity costs will probably be passed on to Indian consumers.