India wants data localisation in RCEP for security interests

14 Oct 2019

India has proposed localisation of data by locating computing facilities inside the country as a means of protecting security and other national interests as part of the proposed Regional Comprehensive Economic Partnership (RCEP) trade agreement.

New Delhi also wants participating countries to prevent cross-border transfer of information by electronic means, including personal information, unless it is “necessary to achieve a legitimate public policy objective” or “necessary, in the country's opinion, for the protection of its essential security interests or national interests”.
However, 14 members of the 16-country RCEP, excluding China, are opposed to the data localisation that India proposed in its alternate to the Asean Package for the e-commerce chapter. China was not a proponent.
However, in talks held in Vietnam in late September, India is learnt to have agreed to financial data transfer in the financial services chapter of the agreement. It is believed to have agreed that financial services companies will be allowed to move and store data of Indians abroad.
The proposal, however, is opposed to the Reserve Bank of India’s (RBI) April 2018 notification, which mandated “all system providers shall ensure that the entire data relating to payment systems operated by them are stored in a system only in India”. 
Later, however, RBI has made a climb-back saying that a copy of domestic data can be stored abroad in the case of cross-border transactions. The financial services agreement (FSA) will partly nullify that position.
Interestingly, although the FSA was negotiated by the RBI, the contact point for the FSA is the commerce ministry and not the central bank.
On Friday, India said “no party shall have recourse to dispute settlement for any matter relating to electronic commerce arising under any of the chapters/ any provision in this agreement”.
However, even as the RCEP talks reach their final stages before being concluded next month, no data related issue has been finalised, officials said.
“Asean has moved a compromise proposal that is being discussed. No issue has been settled, including on data transfers,” said an official.
The ministry of electronics and information technology has approved the proposal, sources said.
While the commerce and industry ministry had called for strict data localisation norms in its draft e-commerce policy, the electronics and information technology ministry, which is the nodal agency for all data-related matters, is working on the Personal Data Protection Bill that would form the basis of all related legislation.