Washington – The Computer & Communications Industry Association submitted comments to the Indian government in response to a consultation on the draft Digital Personal Data Protection Rule.
The comments build on previous CCIA comments to India on this topic, detailing the risks that the rule might contribute to de-facto data localization requirements by granting the government broad authority to restrict data flows while potentially conflicting with India’s trade obligations.
In the comments, CCIA recommends that restrictions on cross-border data transfers be clearly defined, based on specific risks, and subject to a reasonable notice-and-comment period. Additionally, a framework for certifying that certain countries or companies have sufficient data protection safeguards would provide much-needed clarity, facilitate global business, and ensure privacy protections. By addressing these issues, India can both protect its citizens’ data and promote cross-border trade and innovation.
The following can be attributed to CCIA Vice President of Digital Trade Jonathan McHale:
“The growth and dynamism of India’s digital market, based on strong domestic suppliers and digitally-connected consumer base, make it a critical market for U.S. firms. But with Indian digital firms enjoying significant success in the U.S. market, a common-sense regulatory approach, that does not disadvantage U.S. firms, will be critical to supporting growth and enhancing the U.S.-India partnership. Accordingly, the government should ensure that any future rules do not unnecessarily restrict data flows or promote data localization policies, policies that undermine cybersecurity, economic competitiveness, and consumer welfare, and undermine international trade obligations.”
