Dissenting the Centre’s move to push through new IT rules in the country, global tech major Google advocated free flow of information for global internet and digital economy, while cautioning against creation of ‘damaging or harmful impediments’ on cross-border data transfers.
According to Google’s Global Chief Privacy Officer, Keith Enright the internet, by its very nature and functiality, reflects the ability to move data freely across jurisdictional boundaries, such as sending email, video conferencing, and various other features, all of which requires “free flow of data across borders.”
The comments assume significance as India is putting in place a data protection framework that contains rules related to cross-border flow of information, and data localisation obligations. In the past, US tech companies and advocacy groups have raised concerns over strict data localisation norms and proposed restrictions on cross-border data transfers.
Enright, at a virtual briefing, noted that global internet and digital economy rely on free flow of information. “We are concerned when we see legal requirements that could create impediments to the way that the internet operates in that regard. So we try to engage collaboratively with legislators and regulators to ensure that we can continue providing our services everywhere in the world in a way that people have come to expect,” Enright said.
Asked whether India’s proposed data protection legislation would be a limiting factor for big tech firms and their operations in India, Enright said that Google’s local teams in India and global public policy teams continue to engage with policymakers locally and around the world, on such issues.
The company is frequently involved in conversations about aspects like data localisation or data sovereignty. “Generally, when we have a conversation about this, we try to understand what are the underlying policy objectives that are trying to be advanced in that legislation. And how can we meet those policy objectives without creating damaging or harmful impediments on cross border data transfers, which are necessary for the internet to operate…” he said.
To another question on India’s new cybersecurity directives, Enright refused to be drawn into discussion on individual legal requirements. “Our committment is that we will comply with applicable legal requirements, in jurisdictions where our products and services are offered. But we will do so in the manner that is most protective of our users. We will continue innovating to provide the strongest privacy and security protections, irrespective of where user sits,” he said.