ECONOMY/ GOVERNANCE/ SECURITY
- GS-3: RBI & Monetary Policy
- GS-2: Government policies and interventions for development in various sectors and issues arising out of their design and implementation.
RBI Ban on Mastercard
Context: Reserve Bank of India (RBI) has recently banned Mastercard from issuing new debit and credit cards to customers in India with effect from July 22.
- Reason for Ban: Mastercard which is U.S. card-issuer has failed to comply with the local data storage rules announced by RBI in 2018.
What is the RBI’s data localisation policy?
- In 2018, RBI had issued a circular ordering card companies such as Visa, Mastercard, and American Express to store all Indian customer data locally so that the regulator could have “unfettered supervisory access”.
- This meant that foreign card companies had to store complete information about transactions made by Indian customers in servers located within India.
- Companies were initially required to comply with these rules within six months.
- The reason offered by the RBI to back up its data localisation rule was that local storage of consumer data is necessary to protect the privacy of Indian users and also to address national security concerns.
- Since the order, Mastercard, Visa and other foreign card companies have lobbied to dilute the rules. But the RBI has remained strict that companies must comply with its data localisation rules
- Consequently, Mastercard deleted Indian customer data from its foreign servers and promised to invest in building local servers in India to store local customer data.
- The RBI, however, has not been impressed. Therefore, it has banned Mastercard from issuing new cards to customers from July 22.
What is the need for local data storage?
- Experts believe that customer privacy and national security are genuine concerns that need to be taken seriously.
- Governments may also believe that mandating foreign companies to set up local infrastructure can boost their local economies.
- Governments mandate data localisation in order to favour local companies to foreign ones.
- China, for example, has used its cyber-security laws to discriminate against foreign companies. A similar trend may be playing out in India with the Centre’s emphasis on economic self-sufficiency.
- However, many also believe that data localisation rules are too stringent and they could simply be used by governments as tools of economic protectionism.
What are the objections raised by these companies?
- Corporates also argue that formal international laws to govern the storage of digital information across borders may be sufficient to deal with these concerns.
- In 2018, Mastercard had launched a complaint with the U.S. government that PM Modi was actively promoting Indian cards like RuPay and that it was affecting the business of foreign card companies
What lies ahead?
- Business Impacted: Indian banks that are currently enrolled in the Mastercard network are expected to make alternative arrangements with other card companies. The process is expected to take a few months, and their card business is expected to take a significant hit meanwhile.
- Benefits Domestic Card Companies: The RBI’s data localisation policy, as it burdens foreign card companies, may end up favouring domestic card issuers like RuPay. The ban on American Express and Diners Club earlier this year benefited the Indian card network RuPay.
- Benefits Competitors: Mastercard owns about one-third of the market share in India, and the RBI’s ban is likely to significantly benefit its competitors.
- Impacts other foreign companies: Visa, a foreign company which dominates card payments in India, may come under regulatory pressure in the near future.
- Hurts Competition in Long Term: Thus, the card payments sector may end up being restricted to a few domestic companies, which in turn can lead to reduced competition. This could mean higher costs and lower quality services for customers.
- Continued Ambiguity on Data Ownership: Additionally, Information about spending patterns and other customer data can be monetised by companies in a variety of ways. With no clear rules on who owns customer data and to what extent, conflicts over data ownership are likely to continue for some time.
Connecting the dots :