Data protection norms key to ensure retail, ecomm not hit by big tech's data collection practices: CAIT
The Confederation of All India Traders (CAIT) has emphasised that data protection rules are critical to ensure that retail and ecommerce sectors are not negatively impacted by data collection and processing activities of big tech companies.
CAIT said it is important to put restrictions on cross-border data flows to make sure "user data is not misused, especially from the endless and unchecked processing of personal data by big tech companies..."
"Limitations on cross-border data flows are essential for developing nations like India to ensure that citizen data is used properly, and also to prevent economic harm resulting from the unchecked processing of personal data by global big tech companies," CAIT said in a written submission to IT Minister Ashwini Vaishnaw on draft data protection norms.
The trade body claimed that supporters of unrestricted cross-border data flow like the big tech companies erroneously argue that free flowing cross-border personal data benefits countries.
"There is no evidence to indicate that the unrestricted transfer of the personal data, even if it is anonymised, to foreign jurisdictions benefits anyone other than these global players," CAIT said.
Unrestricted cross-border flows also introduce and accelerate inefficiencies in digital markets.
In its submission to the government on the draft Digital Personal Data Protection Bill, CAIT said, the proposed legislation should also clarify that in the event of conflicts with sectoral rules and regulations, such as in the case of the RBI data localisation mandate, the proposed personal data protection legislation is to be read in addition to the sectoral rules and is not to be construed in derogation of existing rules and frameworks established by sectoral regulators.
The revised bill has also removed the previous classification of personal data into critical and sensitive personal data in favour of an umbrella definition that covers all types of personal data, CAIT said, adding, "this change ignores the disproportionate potential of harm that accompanies misuse and breach of sensitive information".
According to CAIT, mandating large global tech companies to store and process the data of Indian citizens within the territorial boundaries of India will improve compliance with the provisions of the intended rules, enhance the ability of local law enforcement and deliver effective recourse in the event of misuse or breach of personal data.
It would also prevent the economic harm associated with big tech's unchecked and unrestricted processing and consequential misuse of the personal data of Indian citizens.
The Confederation of All India Traders (CAIT) is a representative body of over 8 crore small and medium traders.
Edited by Megha Reddy