Data localization, the act of storing data within the borders of a specific country where the data was generated, reflects the growing challenge for countries to adapt pre-digital modes of national sovereignty and economic competition to a digital industry that thrives on borderless and seamless exchange of information. The initial draft of India’s 2018 Personal Data Protection Bill can be viewed as a first attempt to find a policy framework that enables countries to benefit from their own information and data “assets,” while encouraging the continued development and growth of the digital industry.
The arguments for such “data sovereignty” merit respect and consideration. However, data localization possesses the potential to create a host of unintended consequences that would weaken economic growth and democratic rule of law.
This paper suggests that countries such as India and their major global trading partners such as the U.S. would do better to find alternative methods to balance approaches that encourage continued data-driven economic growth, entrepreneurship, and innovation. At the same time, industry, government, and civil society stakeholders should seek provisions to ensure that data is treated safely, securely, and valued appropriately.