The world is moving to clouds. But aside from a loose data protection law, India still doesn’t have a robust cloud computing policy. To fix this, the government created a panel to look into this matter, which is headed by the co-founder of Infosys Kris Gopalakrishnan.
While the panel is still to submit the report to the government, it, as well as the government, on multiple occasions, have suggested that they want to localize the data center in India. Meaning, they want the data of every Indian to be stored in an infrastructure that is located within the country. This means that companies like Facebook, Microsoft, Google and more, who usually store the user data in their own vicinity, outside India, would have to set up infrastructure in our country and have to store all the data of Indian users locally, inside the country.
(Courtesy: CloudOYE)
Now, why the government wants local cloud servers? The primary reason is that of security. Post Cambridge Analytica scandal, the government and other agencies in India have been pretty much hands down to data security in the country. Localization of data storage falls in the same line. The general belief is that when stored locally, the data will be much secure from foreign intrusion. And also, when the need arises, the government agencies can easily access the database without relying on the companies’ assistance to look into its outside-the-country data center.
On first glance, this may seem like a good idea. Localization of data storage simply means what India’s remains in India. However, there are a handful of problems and issues that are needed to be addressed before finalizing on any measure.
For instance, for companies like Google and Facebook, it would be an extremely costly affair to set-up data centers in India. Aside from the financial issue, there’s also red-tapping and political motives in the country that can hinder them many problems. And if that happens, it’s not difficult to assume that these companies will eventually pass on the cost that they have consumed to the end-users, which can hurt India’s digital growth and its start-ecosystem.
In fact, concerning this, CEO of Google Sundar Pichai has already written a letter to the Indian government, saying “free flow of data across borders - with a focus on user privacy and security - will encourage startups to innovate and expand globally and encourage global companies to contribute to India's digital economy.”
The letter is in response to the recommendation of another high-level panel, headed by Justice BN Srikrishna, on data protection in India. In its draft, the panel asks the companies like Google and
Facebook to have at least one serving copy of personal data of the Indians in a data center located in India.
I personally think that while it commendable that government and different groups are working proactively to effectively regulate the data protection and data storage policy, it’s also worrying that localization of data storage would hand the people in power an exceptional amount of control on the citizens.
In the Cobra Post expose, we have seen how easy it is for companies like
PayTM to share the personal data of its users to the government agencies in the garb of “national security”. If companies like Google and Facebook start storing data of its Indian users in the country, those in power can easily exploit it for their benefits. Plus, talking about data protection, it makes very less sense that the companies have to store one copy of the database in the India-based data center and they can have as many copies in the data center located outside the country (a recommendation by the Srikrishna panel). If anything, this only jeopardizes the privacy of users with multiple copies of their data.
(Courtesy: Asia Times)
Instead of going for a diktat like localization of data storage, the government must aim to effectively regulate the data protection and cloud storage with certain checks and measures. Given the political environment we’re living in right now that’s inching closer to totalitarianism in the disguise of ‘democracy’, having large user database stored in the country is monumentally risky. PayTM is already leaking its user data to the government. If the data center of Google and Facebook and other global companies are located in India, imagine how easy it would be for those in power to twist their arms and spill private data!
Please regulate data protection and cloud storage. But the idea of localization is a bad one. Perhaps it may interest the entrepreneurs and cloud computing companies in India who can make a profit from it. But for the rest, it certainly is the wrong move.
Here’s a video of Cobra Post expose on PayTM: