NASSCOM has submitted comments on the draft policy released by the DPIIT, Ministry of Commerce on February 22, 2019 for public comments.
Our feedback focuses on the scope and objectives of the policy and three key themes – consumer protection, level playing field and data. Our specific comments highlight our feedback on each of the six sections of the proposed policy.
As consumers become increasingly accustomed to their new online lives, the macro challenges which India faces in e-commerce are:
- Limited access to internet and low speed beyond the big cities,
- Limitation of English based communication,
- Barriers pertaining to tech usability,
- Gaps in consumer protection,
- Underdeveloped logistics and
- Cumbersome regulatory procedures and compliance requirements.
Overall we have suggested that the e-commerce policy should help organise efforts to address the above challenges and unlock the potential of exponential growth in the next phase of e-commerce in India.
- The policy impacts a wide range of entities including e-commerce platforms, IoT, search engines, ISPs, OTT services providers, content ecosystem and the larger Indian IT industry which processes data on behalf of clients. We have suggested that DPIIT should avoid placing conflicting or significant views in the e-commerce policy on matters which are core to other ministries. These matters should be addressed through inter-departmental framework. Placing them in the policy causes anxiety for the industry as it generates avoidable uncertainty and projects a picture of un-coordinated action from the government’s end. The policy goes into core issues like personal data protection, information technology law, community data and competition which are the subject matter of different legislations. These are horizontal themes with scope much wider than e-commerce and should not be reviewed just from the perspective of this policy. An e-commerce policy should be developed on the basis of such legislations and not in parallel.
- We have submitted that the policy should limit its scope to e-commerce as defined in the FDI Policy, 2017 and as stated in Press Note 2, 2018. We believe that this will help provide regulatory clarity without affecting India’s participation in e-commerce discussions at the WTO. Further, in the context of WTO negotiations, it is not clear how seeking disclosure of source code will result in technology transfer. In fact, it can have the opposite effect as businesses may delay introduction of technology in India if such a policy is implemented.
- The legal framework around consumer protection is already being strengthened in the context of e-commerce. Therefore, the policy should avoid detailed prescriptions and instead lay down the principles of consumer protection that are especially relevant from an e-commerce perspective to guide subsequent legal frameworks. Overlap of the policy with existing laws risks creating ambiguity due to possible differences and varying interpretations.
Level playing field
- The linkages made between level playing field, access to data and innovation are not clear from the policy. The document presents an ambiguous picture and ignores many of the factors that lead to creation of high value digital products such as resources spent on R&D, the competitive landscape in the local economy, access to skilled talent, an enabling political environment, legal and regulatory framework which incentivises innovation and exposure to international markets. Therefore, the linkage made in the draft policy between the “almost nil” chance of creating high value digital products and inaccessibility to data, is weak.
- Instead of a ‘data lens’, as proposed in the policy, regulations focusing on level playing field should primarily be viewed through the lens of consumer protection and anti-competitive conduct. The policy should avoid prescribing specific measures to deal with competition concerns as they should be addressed under the Competition Act, 2002.
- The policy should focus on promoting start-ups and MSMEs through measures to encourage entrepreneurship, competition and employment so that there is a wider spread of economic activities.
- It is not clear from the policy how restrictions on cross border data flow will help MSMEs and start-ups develop a large number of innovative solutions. For the sake of legal certainty, the draft policy should refrain from making recommendations with respect to personal data. The Personal Data Protection Bill (PDP Bill) already deals with regulation of cross border flow of personal data and has already undergone extensive consultations. The PDP Bill deals with key privacy concepts in detail including consent, purpose limitation and privacy by design. Therefore, a data policy on e-commerce is likely to increase regulatory uncertainty and any differences between the policy and the final data protection law will present unintended challenges. In case the policy proposes any material departure from the PDP Bill, it is requested that these be highlighted clearly in the policy.
- The policy should clearly provide that it refers to community data collected through IoT devices installed by government or government agencies. It should take into account existing frameworks for sharing community data and work with the concerned nodal departments to improve their efficacy.
- The DPIIT should undertake a study of the start-up ecosystem to identify potential community data that might help start-ups and subsequently identify how the government can develop the ecosystem for creating useful community data sets for start-ups. NASSCOM shall be pleased to work with the government to carry out such a study.
- The policy appears to recommend that after three years there would be a mandatory requirement to store data within the country. This is an onerous requirement. Steps taken to develop capacity for data storage in India should not lead to this. Efficacy of domestic infrastructure and business efficiencies should encourage business decisions around data storage in India, but this should not be mandated.
- In addition to granting infrastructure status, the government should consider the recommendations given by the Cloud Working Group (WG) constituted by MeitY to evolve a framework for promotion and enablement of cloud services in the country.
- The policy seeks to develop domestic alternatives to cloud and email services and grant preferential treatment to digital products created within India. Instead of domestic alternatives, it may be useful to promote start-ups and MSMEs by relaxing procurement requirements (turnover, profitability, years in business etc.).
- The policy should be limited to involve buying and selling of goods and services over digital and electronic networks. The IT Act and the telecom regulations deal with internet and telecom related policies and laws. Extension of scope under this policy would simply increase the regulatory uncertainty as industry will need to track and reconcile what different laws and policies are saying on a topic.
- The policy fails to recognise the practical limitations of a rule requiring the registration of business entities in India by all e-commerce sites/apps available for download in India. “Available for download” is a very wide net. Today, possibly all apps across the world could be available for download. Does that mean they all would need to have a registered business entity in India? This requirement should be reviewed.
- The policy’s objective behind requiring e-commerce sites to display MRPs in INR on products is a positive step in ensuring that e-commerce sites do not inflate the list prices while claiming to give big discounts to consumers. This should be made applicable only to e-commerce sites/apps for whom the target audience is primarily India.
- The policy should suggest removal of differential treatment of offline and online businesses with respect to the GST registration of sellers on e-commerce and remove the requirement for tax collected at source (TCS).
- We support the policy to spell out the obligations on the sellers to take responsibility for the genuineness of the products and the strengthening of tools in the hands of the trademark owners to monitor the listing of their products on the e-commerce platforms. However, a trade mark owner should not be able to restrict the sellers from selling certain brands, over and above what might be an anti-competitive practice as per the Competition Act.
- Sellers cannot give an undertaking on behalf of the manufacturers. How can they be held responsible if a manufacturer does not honour its warranties? The manufacturer might have closed down the business or may have discontinued the product line or might just have poor business practices. The seller can only be obligated to inform the consumer if it comes to the seller’s knowledge that the promised warranties may not be honoured. While the intent of the policy is commendable, it needs further review as otherwise it would place the seller under unreasonable obligations. Further, it is not clear whether this provision disallows the sale of used products on e-commerce marketplaces.
- The policy requires the platforms to enter into agreement with each seller to obtain guarantee of authenticity and genuineness and that all warranties and guarantees of the brand owner are applicable and shall be honoured accordingly. The seller can only be obligated to inform the consumer if it comes to the seller’s knowledge that the promised warranties may not be honoured. While the intent of the policy is commendable, it needs further review as otherwise it would place the seller under unreasonable obligations. Further, it is not clear whether this provision disallows the sale of used products on e-commerce marketplaces.
- Strategies being proposed to curb piracy present many implementation challenges and appear to be in conflict with the IT intermediary guidelines and the judgment of the Supreme Court in Shreya Singhal v. Union of India on obligations of an intermediary. Therefore, there is a need to review the above proposal. We support the need for curbing online piracy. We also recognise the challenges in curbing the same in the context of user uploaded content as that makes the task of establishing claims very difficult. We believe that the Intermediaries have an important role in preventing online dissemination of pirated content. Therefore, it is important to find implementable solutions. MeitY is already considering an amendment to replace the intermediary guidelines rules and the consultations on the same are in place. This is expected to strengthen the regulatory framework. Outside of the IT Act, under Rule 75 of the Indian Copyright Rules, a copyright owner can complain to the internet intermediary about any pirated content and the intermediary has to take down content for 21 days and permanently if the intermediary furnishes a court order or a government order. This is similar to the ‘Notice and Takedown’ procedure under the US Digital Millennium Copyright Act (“DMCA”). We believe these are reasonable solution. In the Indian context, getting an order from court in 14 or 21 days is likely to be difficult. The policy should recognise these challenges and focus on solving them.
- The initiative taken by the draft policy to block websites which host pirated content is a positive one.
- The measures to strengthen consumer protection and are welcome. We suggest these be considered under the appropriate rules under the consumer protection law.
- The formation of the Standing Group of Secretaries is a welcome move as it provides a single entity to monitor, enforce and enable the e-commerce sector. In addition, a sub-group should be formed under the Secretary or the Additional Secretary to interact with the industry on an ongoing basis.
- We recommend that determination of advertising rates should be left to market forces irrespective of the medium of advertising. Intervention may be considered if there is evidence of anti-competitive practices.
- The government is already reviewing the Competition Act, 2002. We therefore recommend that the policy avoid making recommendations with respect to antitrust analysis.
- The circumstances where source code may be required is a subject of bilateral discussions and negotiations and is captured in contracts. It should not form part of policy.
- We suggest that the government adopts lesser intrusive methods (than disclosure of source code) to address concerns of mischief in algorithmic decision-making. It may be useful to build on the proposal of establishment of AI ethics committee which has been alluded to in the National Strategy paper by NITI Aayog for this purpose.
- The policy recommends that those who have access to data of Indians must nominate a local representative to be responsible for the affairs of the company in India. The specific requirements of local representatives, incorporating legal entities etc. may be determined by sectoral regulators and departments based on the nature, scale and significance of the activities. For example, MeitY is proposing changes through the Draft information Technology [Intermediary Guidelines (Amendment)] Rules, 2018. Similarly, RBI has different requirements for payment related entities. Another policy without appreciation of specific context is likely to be onerous and is unlikely to serve the intended purpose. The proposed draft casts a very wide net and is vague.
- On consumer protection, the DPIIT may study the recent work by the Government in the area of financial sector – the work on establishing an independent financial redress agency (FRA) to handle consumer complaints across the financial sector. Its design has focussed on enabling quick resolution through a combination of electronic communication and telephonic mediation. It recognises that most complaints involve low value amounts and need to be disposed speedily without court like procedures and the need for physical visits.
- Growing digital payments has direct bearing on the growth of e-commerce and this also aids the formalisation of the economy. This requires massive effort increase in the acceptance infrastructure, improving the proposition for its adoption by new consumers and finally usage i.e. repeat transactions. These challenges should be recognised in the policy.
- The policy should recognise the need to promote innovation by encouraging FinTech start-ups through an open banking strategy.
- The policy recommends that the government departments use AI tools and attempt a predictive approach to policy making. We suggest that the policy should address the barriers recognised by the NITI Aayog with respect to enabling usage of AI. Of these, the first two are the basic building blocks – (a) Lack of broad based expertise in research and application of AI and b) Absence of enabling data ecosystems – access to intelligent data.
- The policy emphasises the responsibility and liability of these platforms and social media to ensure genuineness of any information posted on their websites. This proposal should be deleted. The IT Intermediary guidelines provide for due diligence requirements on the platform. The proposed requirement in the policy to “ensure genuineness of any information posted” would impose a very high bar on the platforms and social media service providers and it is not possible to imagine how this might be made implementable. The proposal also risks violating the Supreme Court Judgment in Shreya Singhal v. Union of India as it imposes content takedown obligations which could violate freedom of speech.
Stimulating domestic economy and exports
- Single window approval system for providing licenses for e-commerce platforms to set up their business in a state should be promoted.
- Policy should focus on Indian participation and in shaping global standards.
- The policy should adopt ease of doing business as a principle in the policy and cover taxation and other compliance issues for active review in this.
- Steps to encourage new categories of exporters and new exports flows to benefit via e-commerce should be a policy strategy
- Breaking down informational barriers should be a policy strategy. Mechanisms such as support centers, online platforms, or demand and supply collaborative networks could be designed through public-private partnerships to address the market failure of information asymmetry, such that SMEs in emerging markets are able to access and benefit from information on the nature of demand, potential markets, competitors and their products’ competitive position, the regulatory framework, and availability of private and public financial resources and support programs.
- In India, DGFT, DGCS and RBI all separately collate data about Indian exports and there is no single source of the reliable data. There is need for one reliable single repository to see the current data and predict trends and conduct scientific analysis and research to understand both the opportunities and challenges and arrive at sustainable solutions. Additionally, there is no or little information by channels such as e-commerce led retail exports or B2B. There is urgent need to put a programme in place for a single unified repository which is accessible to the public at large, long term in depth studies undertaken by leading academic studies and work out result-oriented and actionable framework.
- Educating MSMEs on Cybersecurity should be a policy strategy. Public private partnerships to make MSMEs more aware of good digital security practices could yield enhanced e-commerce stickiness.
The draft policy is available here and NASSCOM’s detailed comments are attached below.