Data Protection Bill to Enable Easier Cross-Border Data Transfer, Act as an Enabler for Startups

The Digital Personal Data Protection Bill 2023 will enable easier cross-border data transfers and optimise the storage infrastructure, driving investments in India, according to industry experts.

The government is acting as an enabler, rather than a controller for startups, according to ONDC managing director and chief executive officer, T Koshy, who emphasised that startups should be nudged for stricter norms as they scale.

The government tabled the bill in Lok Sabha on Thursday.

“It shows the proactive mindset of the government in terms of being an enabler, not a controller…If you really look at anytime the government brings out a policy looking at the larger interest – early entrants will need certain kind of exemptions. But as the scale improves, they should be nudged towards stricter norms,” he said.

He said there are much more startups available today because the government is enabling people to experiment without affecting society.

“There are 100,000 startups today as compared to 1,000 in the last decade because they are trying to make it possible for people to experiment and make small mistakes without hitting on the whole society,” Koshy said.

Chief technology officer and co-founder of logistics software solution provider Shipsy, Himanshu Gupta, said, “Even though more clarity is required, the bill liberalises cross-border data transfers, which can drive lucrative investment and partnership opportunities for Indian SaaS providers. The bill will help businesses optimize storage infrastructure costs by excluding data localization requirements.”

Gupta said hefty fines imposed for privacy breaches will drive startups to create robust processes.

“The bill introduces hefty fines in case of privacy breaches. Startups will have to create robust processes that will ensure consent, prevent unauthorized access, and ensure individuals and customers can easily access their data, rectify it if needed and request deletion,” he said.

Cofounder and chief executive officer of Shiprocket, Saahil Goel said poor governance around data in other economies sets an example for data governance.

“We have seen what poor governance around data has done in other economies, there are other examples outside of India. And I do think it’s for the right reason, ultimately consumers have to win, feel safe when shopping, transacting or consuming online,” he said.

He said there is a general feeling of the government’s pro-development and pro-growth support, which comes with a certain set of responsibilities.

Co-founder and chief technology officer of mFilterIt, Dhiraj Gupta said, “This appears as a sensible decision as startups are not fully equipped with the required potential to maintain compliance as they have limited resources. Unlike large corporations which can invest in certain requirements to protect their customer’s data and comply with the rules and regulations of data privacy.”