New Draft E-Commerce Policy Set to be Introduced by the Centre; Emphasizes Data Security

The Department for promotion of Industry and Internal Trade (DPITT), introduced India’s latest 15-page E-commerce policy draft. The proposed draft seeks to subject industry tech giants to periodic audits. With access to a number of companies’ codes and algorithms, the government could ensure surveillance of “explainable AI“.

Characteristics of the Draft

According to the draft, the government would appoint an e-commerce regulator. Thus, this shall gauge the competitiveness in the industry along with widespread access to information resources. Subsequently, the affairs of fair competition and national security can be provided prime sustenance. Therefore, in other terms, this would help prevent “digitally induced biases”.

Meanwhile, citing the tendency among some leading companies to exercise control over most of the information repository; the draft proposed rules that mandate government access to online companies’ codes and algorithms. Hence, the companies shall be liable to make available any data within 72 hours or pay penalty.

According to a source, the new draft softens its stance on mandatory local data storage proposed in an earlier draft e-commerce policy announced in February 2019. The DPIIT’s new draft policy has suggested a comprehensive, periodic audit of the storage locations of players like Amazon, Flipkart, and those that store Indian users’ data abroad.

“For those categories of data which can be stored/ mirrored abroad, companies would have to ensure that adequate safeguards are in place at the specified data storage location through a comprehensive periodic audit,” says the proposed policy.

Implications of the new E-Commerce Policy

While it could improve transparency in shopping and prevent abuse, it would also ask companies to provide key parts of their strategy and risk exposing it to leaks. 

Many experts point to the compliance problem that future legislation may face. Terming it to be a far-fetched approach, they believe that India may be a prospective market but its stringent policy may come off as a let down; especially to giants like Amazon, Walmart, etc. Unease over its rigid data storage norms may very well lead to non-compliance or ignorance by the industry. Moreover, the following result would be eradication of competition; a situation wherein, the customer loses.

Moreover, hosting data overseas has been a sticking point in previous drafts. It sparked criticism for being heavy-handed in helping local startups at the expense of others. Similarly, on the issue of where data is stored; the draft leaves open the question of which e-commerce platforms would have to keep information locally.

Conclusion

The new draft policy covers similar points on data localization and promoting exports, as the first draft policy released by the government last February. Since then, the government has held multiple discussions with the industry and is now set to make a final draft public for further industry feedback.