[By Antara Deshpande] 

The author is a student at National Law University, Odisha.

In the last few years, India has attracted many global e-commerce giants like Amazon, Alibaba, Google, etc., with a growth rate of 17% in the financial year 2018-19. The rapid demand and progress in the e-commerce market have gradually increased the government’s inclination to regulate and maintain fair competition. With various ongoing government programs floated to digitalize Indian commerce, the need to regulate the sector was felt even more after Walmart Inc. acquired a 77% stake in the Indian e-commerce company Flipkart.

The Indian Government, in February 2019 released the Draft National E-Commerce Policy (“Draft Policy”) prepared by the Ministry of Commerce and Department for Promotion of Industry & Internal Trade (“DPIIT”), and consumers with the aim of forming a regulatory framework, to check dominant e-commerce giants and ensure fair competition. It covers broad issues of the e-commerce space separated by i) Data ii) Infrastructure development iii) E-Commerce marketplaces iv) Regulatory issues v) Stimulating domestic digital economy and v) Export promotion.

The move is directed towards developing a strong ecosystem for Indian apps, however, it has also raised concerns for established entities in the field. The overall narrative of the Draft Policy revolves around personal data privacy, consumer protection, and creating a level playing field between domestic and international players, however, the strategies through which the proposed policy aims to reach these objectives seem to blur the ultimate purpose. The Draft Policy which was supposed to be enacted in 2020, has been put on hold in view of COVID-19. While the policy is focused on personal data, a separate committee has been created to study issues related to non-personal data.

Key Particulars of the Draft Policy:

  1. Data security or processes sensitive data shall not make it available for entities outside India or any other third party, even if the customer consents to it.
  2. Infrastructure development– An appropriate authority will take steps to develop the capacity for data storage in India. E-commerce entities will require to localize or mirror certain data as per the required guidelines, which shall be invigilated over periodic audits. A time frame will be provided to e-commerce companies to adjust to the data storage requirements.
  • Disclosure & monitoring– The government will reserve the right to seek disclosure of source code and algorithms on demand, with the view of striking a balance between commercial interests and consumer protection issues. The proposed policy will allow the government to review, investigate, and take any action as a security measure.
  1. Business registration requirement – All e-commerce websites or apps that are available for download in India to have a registered business entity in India as the importer on record.
  2. Export promotion– The policy will aim to streamline logistics and strengthen India’s post. It shall also reduce administrative restrictions to promote exports. A specialized cell and support policy will be created to encourage MSME export activities, along with the creation of E-commerce Export Zones (EEZ), for storage, certification, customs clearance, etc.
  3. Consumer protection– A clear representation of the country of origin on imported products shall be made. All seller details shall be made available on the marketplace website.
  • Creation of a rogue e-commerce entities list – A list of ‘Rogue E-commerce Entities’ will be created, which will include websites or apps that sell pirated content. After verification, such websites will face stringing actions like disabled access to their website, prohibition by payment gateways, etc. under the ‘Infringing Website’s List’.

Grey Areas:

Definition of E-commerce

The Draft Policy uses the terms ‘e-commerce’, ‘electronic commerce’, and ‘digital economy’ interchangeably. It has defined e-commerce as buying, selling, marketing, or distribution of (i) goods, including digital products and (ii) services; through an electronic network. It has, therefore, expanded the generally accepted definition given under the Foreign Direct Investment Policy (“FDI Policy”) and Consumer Protection Act, 2019, which have restricted the definition of buying and selling goods and services, over digital and electronic networks. The expanded definition could potentially qualify all web services like e-commerce, even the websites providing information services, email services, or file storage services. Considering the broad definition and the requirement for every downloadable app or website to establish a registered business entity in India, many existing global services could step back from providing their services due to the increased compliance burden. This would ultimately affect the availability of choice and quality to consumers. Hence, the current ambiguity calls for the streamlining of the definition which is in sync with the other applicable laws.

Cross-border data flow

The Draft Policy has emphasized time and again on its intention to restrict cross-border data flow from India to any other nation. Such a step will unnecessarily disturb the existing mode of operation and can increase the expense of established multinational companies that transfer and process data in their jurisdiction. Additionally, it will also hurt Indian startups, which extensively require data analytics services amongst many other services that global distributors deliver at affordable prices. Presuming that domestic market entrants develop a data processing infrastructure, the additional cost of data storage will consequently affect the final price of the service or product, making it more expensive for the consumers and failing the purpose of the policy. The Committee of Experts report under the chairmanship of Justice B.N. Srikrishna extensively discussed the free transfer of personal data across borders and recommended against unjustifiable prevention of international transfer of data. Moreover, a complete prohibition on cross-border data flow, seemingly avoids the provisions of the proposed Personal Data Protection Bill2019, that prescribes for monitoring of cross-border transfer of personal data under section 49, and allows the authority to discontinue such transfer, only after a proper inquiry is made on reasonable grounds, under section 54. Therefore, rather than an absolute ban on international data flow along with the requirement of data localization, a sector-specific restriction of sensitive data will be a beneficial option.

Foreign Direct Investment.

The Draft Policy has laid down the extant FDI norms for e-commerce entities and has explicitly portrayed its intention to invite foreign investment in the marketplace model only. Currently, the permitted FDI norms allow 100% foreign investment in the marketplace model and not the inventory-based model, which means foreign entities do not need special government approval for investing in the marketplace based model. This step was taken through the Press Note 2 (2018 Series) in December 2018, which prohibited foreign ownership or control over the inventory. Such barriers have been recognized by countries like the USA, which has affected the trade relations between the two countries. Additionally, with the effect of the Draft Policy, established e-commerce players will face stringent compliance rules along with FDI restrictions, which will give an unfair advantage to large Indian companies instead.

Ease of Doing Business.

In the past few years, the Indian Government has taken active steps to digitalize and localize the economy by initiating various programs like Make In India, Startup India, and AtmaNirbhar Bharat (Self- Reliant India) App Innovation Challenge. India is currently one of the world’s ecosystems and has attracted more than $33.4 billion through foreign investments. While the government is trying to attract foreign investment through the Startup India initiative, it also clouds its intentions by introducing a rigid e-commerce policy. Recently, India also banned fifty-nine Chinese apps and notified Press Note 3 (2020 Series), which amended the FDI Policy restricting the neighboring countries to invest in India even more. With the enactment of the Draft Policy, without relaxing certain rules, India’s position in ease of doing business is likely to take a hit. Even presently, various startups have preferred to register in Singapore due to its highly mature startup-friendly international funding system and regulatory transparency. As India gears up for its self-reliant economy dream, it should evaluate the cost of imposing forced compliance requirements that will not only threaten the current unicorn companies of India but also affect the employment sector.


India is indisputably one of the target destinations for global e-commerce players, given its potential for growth and consumer demand. However, the Draft Policy could be a major reason for their resistance to enter the Indian marketplace. The extensive compulsion of the government to control data and over-emphasis on data protection can cause unintended consequences and derail the policymakers from focusing on infrastructural issues faced by the e-commerce sector. The proposed policy carries a genuine aim to protect consumer data and uplift domestic small e-commerce, however, it persistently creates a divide between foreign and domestic players, offers impractical solutions, and creates innovation barriers. The Draft Policy certainly requires a relook and a necessity to clarify its mode of operation.


Leave a Reply

Your email address will not be published. Required fields are marked *

Contact Us

Kerwa Dam Road., 
National Law Institute University, Bhopal
Madhya Pradesh, India. 462044​.

write to us at –