Local storage requirements should be “tailored as closely as possible” to reduce its “weaknesses” and optimize for some very specific legal requirements, said Google’s top executive.
Google’s chief privacy commissioner Keith Enright said in a speech at a select media meeting on Wednesday that, in his experience, data localization requirements do not usually help some key areas aimed at serving, such as economic benefits, preventing access to data. by another government or bad actors and making information available to law enforcement.
Google does not seem to be the only one to have reservations about local storage requirements, which are a key part of India’s proposed data protection framework. Under the Indian Data Protection Act, which is still pending, large technology companies are authorized to store copies of certain sensitive personal data in India, and the export of undefined “critical” personal data from the country is prohibited. Last month, Facebook vice president Meta and deputy chief privacy officer Rob Sherman said the request could make it harder for the company to provide its services in the country.
🚨 Time-limited offer | Express Premium with ad-lite for only 2 Rs / day 👉🏽 Click here to subscribe 🚨
In response to a question from The Indian Express on data localization norms proposed in the state’s draft data protection law, Enright said governments are fighting for local storage requirements to protect data they consider sensitive, prevent access to others governments or bad actors, provide access for local law enforcement authorities and in the hope that such locally stored data will have some economic benefits. “None of these areas have actually made significant progress with data localization requirements. The vast parallel nature of the web, the way the cloud has evolved, has been optimized for security, availability and efficiency. Data localization deviates from any of these benefits and risks breaking the globally distributed cloud, ”Enright said.
“Many aspects of the Internet that people did not expect, enjoy and rely on require reliable operation of the data movement across international jurisdictional borders. We need to come together as a global privacy community to ensure that we can provide strong privacy protections and clear rules so that products and services can be managed as people expect, ”Enright said. “This is becoming increasingly challenging as we see privacy and data protection laws evolving and expanding around the world. Although there are certainly some common themes, given the speed and frequency of legislative activities related to data protection, we face a growing risk of different regulations that cannot be harmonized, which makes compliance extremely demanding for a global company.
In response to a second question from The Indian Express on a recent IT Department proposal to “encourage” large technology companies to share non-personal or anonymized data with a government-appointed commission for sharing with startups in the country, Enright called on governments around the world “Carefully” as the space continues to evolve.
“When we talk about the steps that need to be taken to offer start-ups in India the tools and resources to innovate, our interests could not be more coordinated. Google benefits from having more people using the internet. On the specific issue of making large anonymous datasets available to drive innovation, I think it is complicated by uncertainties and inconsistencies over time over understanding what persistently anonymous data is and how to make these datasets available in a secure way. and privately, “Enright said.” I urge caution before governments anywhere in the world issue broad powers requiring data to be shared in any particular form, simply because our understanding of the security and protection of the exchange of different types of data it develops in different ways. “
“Alcohol scholar. Hardcore tv junkie. Wannabe bacon enthusiast. Twitter fanatic. Subtly charming travel guru. Pop culture specialist.”