Author: Troy Han, RSIS
In India, data is being treated as a strategic resource that needs to be safeguarded from external exploitation and made available for domestic requirements. Prime Minister Narendra Modi even went so far as to say that ‘data is the new gold’.
Data is a new currency that flows across borders, enabling information exchange and facilitating transactions at record speeds. While its role in nation-building is unequivocal, its attendant risks to privacy and security have also amplified calls for states to protect the constitutional rights and welfare of its citizens. The Indian government has enacted data localisation measures — such as enforcing a data replica to be retained locally or restricting cross-border data flows — in various jurisdictions to hold big tech companies accountable for misappropriating sensitive data.
Chairman of Indian conglomerate Reliance Industries, Mukesh Ambani, has argued that ‘Indian data should be owned by Indians’, while India’s External Affairs Minister, Subrahmanyam Jaishankar, similarly observed that India has ‘to be a leading power in also harnessing data’. Many citizens and businesses in India have villainised foreign commercial firms for their part in data colonialism — a term synonymous with capitalist appropriation and often used to invoke a sense of economic injustice.
Despite a litany of references to the term ‘data sovereignty’ in mainstream media, there is no compelling narrative that encapsulates India’s official position, except an amalgamation of ‘statements made by government officials on sovereignty in the realm of data and new technologies’. Bharatiya Janata Party politician Vinit Goenka justified that ‘information which has been converted and stored in binary digital form is subject to the laws of the country in which it is located’.
India’s data sovereignty vision works to harness data for economic growth and development through regulatory oversight and develop national defence against geopolitical security challenges. It also seeks to engage in international diplomacy to ensure the equitable construction of digital trade rules.
India is a rapidly rising digital power, but leans on technological self-reliance through protectionist data measures in favour of domestic firms and encouraged indigenous technological innovation to boost its overall digital economy. India behaves like a techno-authoritarian state through its role as a custodian of its citizens’ data while seeking to become a global data centre hub. This is not without its trade-offs. While mandatory sharing of certain datasets is intended to keep a monopoly of power in check, it may stifle fair competition and innovation, especially when smaller businesses find these data regulations onerous.
Geopolitical issues such as foreign surveillance and information warfare intersecting with India’s core strategic interests have also recently intensified domestic debates on securitisation dynamics involving data. As a conservative state, India’s data policies are anything but laissez-faire. A 2018 report released by the Srikrishna Committee flagged that, without adequate safeguards on public databases and systems, critical data comprising health, infrastructure and government services could be compromised by foreign nationals or potential treasonous actors.
While India’s policy on data flows is not cut and dry, the government’s desire to influence the architecture of global data governance by becoming a kind of ‘model for the global world’ is evident. Given India’s sizeable population and increasing internet penetration rate, it has the potential to become a leading world model if its digital initiatives prove successful.
For instance, the India Stack, established as a nationwide digital infrastructure comprising interoperable grids, offers much inspiration for developing countries to emulate. This is contingent on whether the government has the political will to facilitate cross-border digital cooperation and share its techno-legal expertise with the world.
The nationalistic undertones of India’s data governance framework have been apparent in its foreign trade policies. India has consistently rejected negotiating e-commerce rules at the World Trade Organization (WTO), instead advocating for developing countries to impose taxes arising from electronic transactions to boost national revenue. Despite this, India has also demonstrated its willingness to recalibrate in accordance with its dynamic strategic calculus. For example, in November 2022, India relaxed its data localisation measures by releasing an updated draft data privacy bill, paving the way for more constructive discussions on cross-border data flows at subsequent WTO forums.
Socioeconomic and security risks to nation-building have shaped India’s data policymaking to a large extent, even as it tries to navigate a fragmented global digital order and strive for technological self-sufficiency. India’s diplomatic engagements have been characteristically passive, though the government has kept its doors open to economic cooperation amid ongoing geopolitical tensions. By choosing to stay at an arms-length from the ongoing US–China rivalry, India is in a sweet spot to partner with developing countries on digital industrialisation projects as part of its foreign policy ambitions.
As it hosts the G20 presidency, 2023 may be India’s year to burnish its reputation as a trusted broker for the Global South — an opportunity to take the lead in facilitating non-binding discussions about data governance. Engaging in digital diplomacy that is anchored on a principles-driven approach, as opposed to ideological interests, will help India reiterate its commitment to protecting human rights and promote a data governance regime where data dividends are distributed equitably to all stakeholders.