Data Localization
Data Localization is the process of storing data on any device that is actually located inside the boundaries of the nation where the data is generated. The majority of this data are currently kept on a cloud outside of India.
Localization requires businesses that gather sensitive information about consumers to keep and process that information within the nation’s boundaries.
Data localization has the following benefits:
- Data localization has the following benefits: As an example, Facebook shared user information with Cambridge Analytica to influence elections.
- Unrestricted access to data by supervisors will aid Indian law Enforcement in improving surveillance.
- Ensures National Security by making investigations easier for Indian law Enforcement Agencies, who at the moment are dependent on (M.L.A. Ts) Mutual Legal Assistance Treaties to obtain access to data.
- It will allow regional and municipal authorities the jurisdiction to request data as needed.
- The Data Localization, which will further increase employment in India, is anticipated to be beneficial for the Data Centre industries.
- Greater responsibility about the final use of data from Companies like Google, Facebook, etc.
- Minimizes delays in the administration of justice in the event of a data breach and conflicts of jurisdiction brought on by international data sharing.
Challenges
- Keeping up several local Data Centre’s could require expensive infrastructure investments and rising prices for Multinational Corporations.
- India lacks the infrastructure required for efficient data management and collecting.
- Splinternet or the “fractured internet,” where protectionist policies could cause other nations to follow suit.
- Even if the data is kept locally, National Agencies might not have access to the encryption keys.
- Forced data localization can reduce productivity for both consumers and organizations. Additionally, it may raise the price of and limit the accessibility of data-dependent services.
Important Considerations for a System Audit Report on Data Localization (SAR)
The following important criteria need to be covered as part of this audit in Accordance with the RBI and NPCI Guidelines.
- Network Diagram / Architecture
- Application Architecture
- Payment Data Elements
- Transaction / Data Flow
- Data Storage
- Transaction Processing
- Activities subsequent to Payment Processing
- Cross Border Transactions
- Database Storage and Maintenance
- Data Backup & Restoration
- Data Security
- Access Management
Blog By: Priyanka Rana