Things are heating up with the Data Localisation mandate set by the government and Reserve Bank of India. Local players PhonePe and Paytm have now confirmed that they are fully in compliance with the data localisation mandate to ensure payments data of Indian users is stored within the country. Foreign player Google which offers payment services via Google Pay in India is yet to reveal its full compliance with the government. The RBI, in April, had issued a circular instructing all payments system providers in the country to ensure that data relating to systems operated by them is stored only in India and had set a deadline of October 15.
Paytm and PhonePe Have Been Supportive for Data Localisation
The central bank's data localisation policy had elicited a mixed response from the payment services industry. While some of the prominent domestic payment companies like Paytm and PhonePe have been supportive of the dictum, global players like Google (that offers Google Pay) had argued for free movement of data. Some international players have appealed for more time for compliance and also asked that they are allowed to mirror the data. For the unaware, earlier today, we reported that RBI and government are not willing the deadline extension for data localisation reports PTI.
A government official said it would not relent under pressure from the global payment firms and also does not see data mirroring as an option. Data localisation refers to the process of storing data within the borders of a particular country where the data was generated.
"We have already notified RBI that all our data systems are fully localised. Our data processing was always localised. In addition to that, now 100% of our storage is also localised," PhonePe told PTI in response to an emailed query. It added that the localisation effort was "done well within the time-frame prescribed to us".
Paytm, which had vociferously supported data localisation, said critical data must not be allowed to go out of the country, not even for processing. "We have complied to this mandate since day one and have welcomed this initiative right from the beginning. It is important that we do not become mere internet colonies for global companies, and make every organisation accountable towards the security and privacy of data of our fellow countrymen," a Paytm spokesperson said.
WhatsApp Already Established a Local System to Store Data
US-based messaging platform WhatsApp has already said it has developed a system to store payments-related data in India. An Amazon spokesperson said "compliance with local laws and regulation is a top priority for us in all the countries we operate in. We continue to work closely with the regulators towards this".
Google is learnt to have agreed to follow the RBI's local data storage norm for payment services but has asked for time until December to ensure compliance, a government source had indicated recently. Critics of data localisation argue that the move would have negative effects on the ability of companies to do business in India.
Finance Minister Arun Jaitley recently held a meeting with RBI Deputy Governor BP Kanungo and others to discuss the data localisation norm for global financial technology companies. IT industry body Nasscom said access to information could be ensured irrespective of the location of the data.
"Access can be provided even if the data is stored outside India. It is not clear how this (data localisation mandate) ties in with the overall objective of ensuring enforcement," Nasscom Senior Director and Head Public Policy Ashish Aggarwal said. Moreover, the instances of problems being faced in accessing data need to be seen in the larger perspective of a total number of transactions.
Nasscom has favoured free flow of data, Aggarwal said adding that imposition of conditions that are "onerous and unnecessary" may trigger retaliatory measures from other countries.