Calls for data localisation are not new. It has been a mainstay of Indian policymakers’ demands from foreign technology companies. The Justice Srikrishna Committee in its report accompanying the draft Personal Data Protection Bill released on July 27 notes that eight of the top 10 most accessed websites in India are owned by U.S. entities.
Onus on Parliament
In other words, the Committee has sought to localise data for law enforcement but categorically refused to afford this data any procedural protection. The Committee has instead placed the onus on Parliament to enact another comprehensive legislation for surveillance reform. With the highest number of users of American technology offerings and a high number of user data requests, second only to the U.S., India is a clear contender for a partnership under the CLOUD Act. If New Delhi recognises this opportunity and reforms laws around government access to data, both the Indian user and law enforcement will be better served in the long run.