Kieth Enright, Google’s Chief Privacy Officer, on Wednesday said it is hard to innovate strong privacy protection technologies in light of fragmented regulations around data protection proliferation worldwide. Enright’s statements come just as India is deliberating its own comprehensive data protection policy, which is expected to be implemented soon.

In a select media round-table, in which BusinessLine participated, Enright said that while the company is innovating privacy protections, “this is getting increasingly challenging because we are seeing privacy and data protection laws across the world. We are facing growing risk of divergent regulations that cannot be rendered consistent,” he said.

Enright called India’s data localisation proposals an outlier, while further stating that some of the fragmentation in global regulation around data protection can have unintentional policy consequences, “including things like eroding our ability to protect and secure data, eroding individual privacy if there are requirements to share data that do not allow for appropriate protections to be in place.” 

Indian data protection bill

India has been deliberating on the contours of the data protection bill for the past five years. Enright urges policy makers to be careful as the country deliberates on various proposals including data localisation requirements or sharing of anonymised datasets. 

India’s draft data protection policy is said to have some of the most stringent data protection mandates across the world. Enright warns that such data localisation requirements could, in fact, outweigh the benefits of the globally-distributed cloud. Enright says that in the past 10 years, he has not seen the touted security and economic benefits of data localisation norms materialise globally. “As a general matter, I would encourage policymakers to look closely at their motivations, and be very clear eyed about whether data localisation is, in fact, the most efficient way to advance public policy objectives that they are after.”

In February, the Government of India came out with a draft data sharing policy proposing certain data sets to be collected by government agencies with start-ups, enterprises, researchers and government departments. Commenting on this proposal, Enright said, “If you look at the history of this issue, for anonymous data sets shared by governments or others for research purposes, there has been a consistent trend, that anonymity of these datasets has eroded.” Enright urges Indian policy makers to be “extremely circumspect as they deliberate about proceeding in that direction.”

comment COMMENT NOW