
India proposes new e-commerce regulations with focus on data rules - petethomas
https://www.reuters.com/article/us-india-ecommerce/india-proposes-new-e-commerce-regulations-with-focus-on-data-rules-idUSKCN1QC0LO
======
r00fus
Interesting that Facebook is a left as an aside in the discussion. I think the
data-localization is likely to hit them the hardest.

How would data localization apply across specific parts of a data graph
without pulling in the entire graph?

------
thisisit
This is the 2nd data localisation law in past one year. The last one was for
finance related data. And this one seems to be for eCommerce related data. So,
I am confused on how do Google/Facebook figure in that discussion?

One of things I have noticed is that in India there is an increasing awareness
about data. Indian government, like most of other government, is now getting
over zealous with their data requests. But, if the data is not locally stored
having companies comply is proving difficult. So, having companies store data
locally is becoming increasingly necessary.

On the other hand, companies are stepping up their data collection measures. 7
out of 10 places ask for mobile numbers so that they can give you "free
offers". Lot of mobile wallet companies give you "cash-back" in exchange for
collecting data about your habits.

So, I doubt this is a net positive measure.

------
billfruit
Indian government and legal system isn't transparent enough in most of its
dealings, so I wouldn't term these measures as entirely positive, and it may
be driven by shady 'national security' concerns than any real concern about
privacy.

------
webmobdev
Before some of you take out your pitchforks against India's "socialist /
commies" out to screw western companies, please read this:

> An investigation by the Reserve Bank of India (RBI) has revealed that
> Microsoft has been passing user data that it gathers from Indian banks that
> are Office 365 customers to various U.S. intelligence agencies, upon demand
> ... Microsoft is bound to share customers’ data under US Foreign
> Intelligence Surveillance Act (FISA) and US national security letters as and
> when required by the US authorities.”

> ... In the Office 365 contract, the banks agreed to share such data only if
> it was sanctioned by the Government of India or an Indian court. The
> contract also made provisions for gag orders issued by the U.S. agencies,
> where Microsoft wouldn't be allowed to outwardly acknowledge the disclosure
> of the user data ...

Source: "Microsoft has been sharing Indian bank customers' data with U.S.
intelligence agencies" \- [https://www.neowin.net/news/microsoft-has-been-
sharing-india...](https://www.neowin.net/news/microsoft-has-been-sharing-
indian-bank-customers039-data-with-us-intelligence-agencies)

Again, this highlights one of the obvious dangers of using a "cloud service"
\- foreign governments and companies can access your data.

~~~
bubblethink
>this highlights one of the obvious dangers of using a "cloud service"

This is more a basic result of just not having control of the server side
stack. No amount of regulation is going to fix that. You have any number of
laws, which can be undermined with a change of a bool by the vendor, and you
can't do anything about it. If a government needs basic infrastructure like
email, just do it in house. It isn't that hard.

~~~
webmobdev
> This is more a basic result of just not having control of the server side
> stack.

That's software-as-a-service in a nutshell for you. Even if you opt to setup
your own server, and develop a custom solution, the US government has the
right to ask you to install black boxes on your network and or data centers
(read about Lavabit shutting down because of this), if you are on US soil (or
operating from the US?).

> No amount of regulation is going to fix that.

I disagree.

~~~
bubblethink
>if you are on US soil (or operating from the US?)

Exactly. Email and nextcloud exist. With a government or a bank's budget, it's
not that hard to set these things up locally (i.e., within your jurisdiction).
Look at France and Matrix for example. If someone tries to subvert your
security measures, that can be taken up as a criminal offence. At least you
are not relying on legalese and other agreements to safeguard your interests.

~~~
webmobdev
> At least you are not relying on legalese and other agreements to safeguard
> your interests.

In a democracy, our rights are protected by the legal system. So your argument
that it is all about "setting up your own system" is specious.

~~~
bubblethink
Protected, yes, enforceable, not really. You are talking about a reactive
stance where regulation will protect black box systems that you have no
control over. That's just not possible. You can, and should, have regulation
to protect the weaker classes, but hoping that it is really enough is naive.
The whole point of open and federated protocols like email is to avoid lock-
in. So if a large government or a bank cannot host email, that's a deficiency
that they should remedy first.

~~~
webmobdev
> Protected, yes, enforceable, not really.

Then you aren't aware about India. The Government of India aggressively even
revised a law, to get 2+ billion dollars of tax from Vodafone, after Vodafone
won the case for not paying it in the Supreme Court of India. [Source:
[https://thewire.in/business/vodafone-versus-india-bit-
intern...](https://thewire.in/business/vodafone-versus-india-bit-
international-arbitration) ].

Second, while your fears on abuse is valid, but this is how international laws
slowly come into being. Each country makes their own laws and when they
conflict with each other, they sit, talk and evolve mutually beneficial laws.
(Or they fight wars and the winner enforces their laws).

Note that while these laws may seem protectionist, it's goal is to provide
even foreign players a legal framework to do business in India.

------
wrong_variable
There might be deeper trade concerns underlying the change in Delhi's stance,
I do not think bureaucrats in the Indian government ever really created about
privacy - its a convenient Casus Belli.

India mostly allowed free access to US tech companies for a while.

In exchange tech companies created a lot of middle class jobs in many indian
cities.

But more importantly there seemed to an unwritten trade deal involving
immigration.

Ever since Trump made his hardline immigration stance actionable, Indian
consulting companies have taken a beating.

India's main dollar income source has been Indian working abroad.

It was an win win for US multi nationals, they got access to a large and
growing market and also had access to cheap skilled labour.

It was also an win win for the upper middle class ( who really control the
conversations ) in india, since they got access to US technology, better paid
domestic software jobs and send their kids to the US.

In my own reading on India. They will crush any foreign company that tries to
gain a monopoly market share - they did it with middle eastern telecom
operators, and they will do it with US tech companies when its convenient.
They rather their own billionaires have the monopoly.

There is nothing anybody else can do about it, since they have the numbers. So
its really risky to invest large amount of capital in India, even if the
average Indian is really thirty for capital and investment.

But I have noticed the average capitalist falls for India's trap time and
again. I think it has to do with returns, if India was offering 20% RoR and
companies were getting 2% RoR then as a CEO / manager I had to change my asset
allocation regardless of future political risks involved.

~~~
mallocfree
>India mostly allowed free access to US tech companies for a while.

Tech companies allowed it as well because they wanted to capture Indian
mindshare which would eventually become their largest customer base.

~~~
wrong_variable
The Brits used to (and still do) capture indian mindshare and had them as
their largest customer base - it didn't turn out well for indian national
interest though.

~~~
vinay427
Are you saying Indians chose to be "customers" of the British? I've heard a
lot of interesting characterizations of the colonization and subsequent
exploitation that was the bedrock of British India, but this one's new.

~~~
wrong_variable
> Are you saying Indians chose to be "customers" of the British?

No.

India has a large domestic demand but it would be awful to allow non rupee
denominated assets to supply that demand.

Imagine tomorrow India got rid of its strong tariff regime.

India's inflation is under control through making it punitive to buy foreign
goods which India has a strong demand for.

The idea ever since Gandhi is to use domestic capabilities to provide services
India demands. Domestic tariffs are also a form of coercion - but in this case
it serves India's national interest.

With the Brits the main source of oppression was through preferential trade
that tilted everything in their favour - either through hard power of soft (
like they still do today ).

