Legislations such as India’s upcoming data protection Bill, which seeks restrictions on cross-border data flows and storage of data outside the country, ‘could create impediments to the way the Internet operates’ and are ‘concerning’, Google’s Chief Privacy Officer Keith Enright said.
While interacting with journalists from the APAC region, including a few from India, Enright said: “We are concerned when we see legal requirements that could create impediments to the way the Internet operates in that regard.”
Enright said that Google’s India team has been engaging with policymakers with regards to issues such as restrictions on cross-border data flows and data storage outside the country. Google’s public policy teams in other countries, too, have been engaging with policymakers on similar issues, he added.
Data protection Bill
India’s data protection Bill is still under consideration and it mandates Big Tech to store a copy of sensitive personal data within India. It also prohibits transfer of undefined “critical” personal data from the country.
“We frequently find ourselves in conversations about things like data localisation, or data sovereignty,” he said.
“When we have a conversation about this, we try to understand the underlying policy objectives that are trying to be advanced in that legislation,” he said.
“And how can we meet those policy objectives without creating damaging or harmful impediments on cross-border data transfers which are necessary for the Internet to operate in the way that users have come to expect?” he added.
Keith said that the Internet presumes the ability to move data freely across jurisdictional boundaries. “..doing things like sending email and video-conferencing, much of the functionality that we've all just come to expect, requires the free flow of data across borders,” he added.
Global Cross Border Privacy Rules
Google is a partner in the Global Cross Border Privacy Rules (CBPR), a privacy certification that will allow companies to demonstrate their compliance with government-approved requirements for data protection, backed by a review of those protections by a third-party.
A few days back, Enright, in a blog, said that initiatives such as CBPR were necessary at a time when governments are coming up with new rules governing data transferred abroad. There is an unprecedented need for global, interoperable solutions,” the blog said.
On July 21, on being asked how CBPR would work alongside existing mutual legal assistance treaties or upcoming data protection laws like India’s, Enright said: “The CBPR does not replace any existing legal obligation, or any bilateral treaties that are in effect.”
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
