Last week, the Bombai Exhibition Centre in Mumbai was home to this year`s edition of India Ecommerce Expo (15 – 18 May).

Taking place under “The India Opportunity” tagline, the 4-day event discussions, roundtables and presentations focused on various services sectors including eCommerce, privacy, the financial industry, retail, software and SMB businesses. Amid the interesting display of tech solutions ranging from AI, VR/AR, Internet of Things (IoT), blockchain and the informative updates and debates, here are our key takeaways.

Foreign investment flows & Government initiatives spur eCommerce growth

Initiatives and programs like Digital India and increasing Foreign Direct Investment (FDI) inflows are constantly helping the growth of eCommerce and attracting new industry players. The services sector is not only the dominant one in India’s GDP but has also attracted significant foreign investment.

The segment contributed over 66% of its Gross Value-Added growth in 2015 – 16, thereby becoming the most attractive one for FDI inflows.

The context:

The Digital India program is an initiative launched by the local Government to enable technology access to every citizen of the country with a vision to transform India into a digitally empowered society. Providing a Digital Infrastructure as a Utility to Every Citizen is one of the key vision areas. This implies:

  • availability of high speed internet for delivery of services to citizens
  • digital identity that is unique, online and authenticable to every citizen
  • mobile phone and bank account enabling citizen participation in digital and financial space
  • safe and secure cyber-space

How is India preparing for GDPR?

Among the GDPR-related aspects covered during the event, the following are worth mentioning:

  • in general, awareness related to this regulation and its implications is rising. However, just like in the EU, full realization is not achieved yet.
  • Indian businesses handling EU user data and involved in cross-border business will have to take a closer look at the way they collect and use data.
  • the regulation is seen as a security generator and the Indian market is currently paying close attention to EU developments in order to assess how to act further.

The context:

GDPR applies to all businesses established in the EU, regardless of whether the data processing takes place in the EU or not. Even non-EU established organizations will be subject to GDPR. If a business offers goods or services to citizens in the EU, then it is subject to GDPR.

Fines of up to EUR 20 million or 4% of global annual turnover (whichever is higher) are outlined in the legislation for organizations that fail to adhere to GDPR or that suffer a data breach. More about this regulation can be found here.

Information Technology Act 2000 – the local GDPR version?

The relevant Indian law governing online data protection is the Information Technology Act 2000 (the IT Act). Actually, it is the primary law in India dealing with cybercrime and electronic commerce,  providing a legal framework for electronic governance by giving recognition to electronic records and digital signatures.

“On the face of it, the Information Technology Act 2000 and associated rules address data protection standards. However, as GDPR has a very high benchmark of data protection, the Indian laws on data protection will have to be worked out accordingly. Data protection procedures like breach notification; excessive documentation and appointment of data protection officer may have to be incorporated in the Indian laws as well”, according to GDPR and India whitepaper, released by The Centre for Internet and Society.

Towards a growing culture of compliance and privacy?

In the Indian context, in which the concept of privacy itself is very different from the West, various factors have stifled the need for the protection of information. Although awareness of online privacy is still not there, India shares the same concerns regarding data ownership.

Broad-based data security framework is what India corporates are asking for, because many countries already have their own data privacy regulations. In addition, urbanization and digitization have resulted in a growing demand for privacy and data protection , specifically on digital platforms.

The Indian society needs to re-evaluate the way it addresses these key aspects, along with data-related risks. The future of business will depend on it.

Interested in learning more about Indian eCommerce opportunities and current trends? Check out the Spotlight on India blog post or stay tuned for our weekly industry news updates.

Maik Bodden, Marketing Manager @ G2A PAY