In a digital society, data sovereignty is a vital concept. There are issues of data ownership, data protection and data control. It has added significance in this age of global surveillance practices.
The US government under the new laws can transfer foreign users’ communication data to the government without a warrant for national security purposes. This affects data on the cloud platforms — Azure, Google Cloud and AWS. Clouds are extensively used by Indian business.
This calls for data governance. Data sovereignty safeguards our privacy.
Data sovereignty means that a country’s data should be subject to its own laws. And it should be stored within its territorial boundaries.
Robust data sovereignty can prevent data breaches and can secure sensitive government and military operations. However, just localization of data would not achieve this purpose. There should strong protection measures. There should be clear ownership rights. India should be guided by EU’s General Data Protection Regulation (GDPR). Another relevant model is the UK-US Data Access Agreement. India can have bilateral and multilateral agreements.
Apart from regulation, there should be domestic infrastructure creation — data centers, cloud storage and data processing capabilities. There should be control over the physical pipelines through which data flows. India should invest in undersea cable network. India should nurture domestic digital platforms and eco-systems.