India’s e-commerce policy needs to define new baselines and move past the disproportionate focus on data

Regulatory Corner

By Adnan Ansari

The Department of Promotion of Industry and Internal Trade released the Draft National E-commerce Policy (DNEP) for comments and inputs on February 23, 2019. The last date for comments was set as March 29, 2019. Since the General Elections are now over and the policy is set for a final revision, it presents an opportunity for the DPIIT to thoroughly examine the critique and revisit some of the fundamentals of a policy that is expected to have a significant impact on the Indian economy.


Disproportionate focus on data – a case of WTO compulsions casting an overtly large shadow on the domestic e-commerce policy

In the draft version of the policy released for consultation, DPIIT makes its priorities clear in the cover itself with the subheading “India’s Data for India’s Development”. The notion that data is the most important consideration for India’s e-commerce ambitions and objectives is a residue from an earlier version of the Draft E-commerce Policy leaked last year in July 2018. The Department of Commerce (DoC), which was leading the formulation of the policy at that time was weighed down by India’s position at the WTO. At the WTO, a lobby comprising of both developed and developing nations (called Friends of E-commerce for Development) wanted India to join the discussions on e-commerce at the WTO. This lobby supported a free and open internet, prohibition of digital custom duties, enabling cross border data flows, and restrictions on mandatory data localization norms being mulled over by some nations at that time.

However, India did not budge from its stand and refused to allow the discussions on e-commerce to be a part of the WTO negotiations. In the aftermath of the WTO push, it became imperative for India to define its position on e-commerce and hence, Department of Commerce was given the responsibility to draft a national e-commerce policy. Beyond boosting e-commerce in India, the primary aim of this policy was to develop a negotiating instrument for India at the WTO forum. As a result, the consultation conducted by the DoC left out several large e-commerce and Internet companies, ignoring the fact that they formed the largest part of India’s e-commerce and digital economy. The resulting draft which was never formally released but was leaked on July 30, 2018, was heavily criticized due to its protectionist tone and tenor. This draft also laid an overt emphasis on data and deviated from the Justice Sri Krishna Committee recommendations on data protection and privacy. The draft was eventually shelved and the onus of drafting the e-commerce policy was passed on to the Department of Industrial Policy and Promotion (DIPP) – the earlier avatar of DPIIT.


The DPIIT Draft National E-commerce Policy – is it a step forward from the 2018 version?

The 2019 Draft National e-commerce Policy addresses six broad issues of the e-commerce ecosystem viz. (i) data; (ii) infrastructure development;(iii) e-commerce marketplaces; (iv) regulatory issues; (v) stimulating domestic digital economy; and (vi) export promotion through e-commerce. This draft is definitely an evolution from the version leaked last year from a policy formulation perspective. While it was relatively difficult to decipher the thinking behind some of the clauses in the 2018 draft, the DPIIT draft makes a genuine attempt to explain the government’s thinking. Secondly, the government has recommended several progressive measures particularly on promotion of exports and boosting the digital economy.

However, a closer reading of the policy demonstrates that it is still suffering from the hangover of last year’s draft with several contentious clauses from the version finding a place in the new iteration of the policy. Some of these are described in the table below:

Issue Clause: DPIIT Draft DNEP 2019 Clause: Draft DNEP (leaked in 2018)
Restrictions on cross border data flow beyond e-commerce, i.e. on IoT devices, search engines, social media companies

Criticism: Regulatory arbitrage; inconsistent with the Draft Data Protection Bill

1.1 A legal and technological framework to be created that can provide the basis for imposing restrictions on cross-border data flow from the following specified sources:

a) Data collected by IoT devices installed in public space; and

  • b) Data generated by users in India by various sources, including e-commerce platforms, social media, search engines etc.

The legal and technological framework would also provide basis for sharing the data collected by IoT devices under (a) above with domestic entities for use in research and development for public policy purposes.

2.3 However, the following categories of data would be required to be stored exclusively in India and suitable framework developed for sharing the data within the country (this would be guided by ongoing exercises, including the forthcoming Report of the Justice Srikrishna Committee):  

  • Community data collected by IoT devices in public space; and
  • Data generated by users in India from various sources including e-commerce platforms, social media, search engines etc. The creation of innovative digital products within India would be promoted, including by fast tracking work on National Encryption Policy
Mandatory sharing of data with start-ups

Criticism: Anti-competitive; conflicting with the Draft Data Protection Bill and Justice Srikrishna Committee recommendations

1.4 Suitable framework will be developed for sharing of community data that serves larger public interest (subject to addressing privacy-related issues) with start-ups and firms. The larger public interest or public good is an evolving concept. The implementation of this shall be undertaken by a ‘data authority’ to be established for this purpose. 2.3 The development of cutting-edge and innovative technologies in India would be promoted by ensuring access to data through the following:

  • The Government would have access to data stored in India for national security and public policy objectives subject to rules related to privacy, consent etc.
  • Data stored in India should be shared with start-ups meeting the stipulated criteria (turnover of Rs.50 crore etc.)  
  • At the request of the consumer, data generated by her in India through various channels, including e-commerce platforms, social media, search engines etc., would be allowed to be portable amongst platforms in India.  
Right to seek disclosure of source code

Criticism: Anti-competitive, will stifle innovation

4.10 In continuation, it is also important for the Government to reserve its right to seek disclosure of source code and algorithms…. 4.9The grounds for seeking disclosure of source code to government would be expanded to include situations of unfair trade practice, fraud and compliance with domestic regulatory requirements

4.10 The policy space to seek disclosure of source code would be retained, by not taking any commitments on this issue in international trade negotiations.

Indicative mandatory data localization

Criticism: increased cost of operation for start-ups; conflicting with the Draft Data Protection Bill

2.2 …A time-frame would be put in place for the transition to data storage within the country. A period of three years would be given to allow industry to adjust to the data storage requirement… 2.1 ….There could be, say a 2-year, sunset period for industry to adjust before localization becomes mandatory…


This clearly demonstrates that the draft of the e-commerce policy formulated by the Department of Commerce last year continues to cast a long shadow on this new draft released by DPIIT. Therefore, it is worth asking, whether a negotiating instrument for India’s position at the WTO define the policy for a sector like e-commerce. Furthermore, many issues described above, particularly relating to cross-border data flow and sharing have already been discussed by the Justice Sri Krishna Committee under the Draft Data Protection Bill. The consultation process adopted by the committee for the bill has been underway for the past two years and is extremely transparent with the committee report clearly outlining the rationale for the provisions of the bill. Understandably, it is confusing why the DPIIT is redefining some of these provisions and being inconsistent with the committee’s recommendations on some aspects.


The need for a new paradigm

With the elections on the horizon, the consultation on the policy is unlikely to reach a conclusion in the next three months. However, it is imperative that the DPIIT utilizes this downtime to engage on a wider debate and consultation to define India’s objectives for e-commerce.

At the outset, any sound public policy addresses the most basic question – who should be at the center of the policy or what should be the prime objective of the policy. Quite often, a government finds itself juggling multiple objectives – which are sometimes even conflicting in nature – to answer this basic question. A good policy will find a way to manage these conflicting interests, while still focusing on the growth of the sector.

Applying the above principle on the e-commerce sector, it is worth asking who or what should be at the center of India’s e-commerce policy. E-commerce is not just a sector but an ecosystem and keeping data sovereignty at the centre of the policy could be counterproductive to the growth of the sector. While it is essential for the government to have an international position on e-commerce, the domestic policy on e-commerce should not be solely governed by these considerations. Instead, policymakers should look to define new baselines and strive to balance the interests of consumers, suppliers, online vendors, e-commerce companies, and other players in the value chain, while ensuring that the policy serve the economic interest of the country such as boosting domestic manufacturing, creating jobs, and ensuring equitable reach of digital services in the country. Defining this vision at the outset – and not as an afterthought – would be key to realizing the true potential of India’s e-commerce sector.


About the author

Adnan Ansari is an Associate Principal at the 9.9 Group. 

Disclaimer: The views/ideas expressed herein are solely those of the concerned person/s and ICICI Bank does not endorse or accept any responsibility for the same. Nothing contained herein shall constitute or be deemed to constitute an advice, invitation or solicitation to purchase any products/ services of ICICI Bank/third party. “ICICI Bank” and “I-man” logos are trademark and property of ICICI Bank Ltd. Misuse of any intellectual property, or any other content displayed herein is strictly prohibited.

Leave a Comment

Your email address and phone number will not be published. Required fields are marked *