The Department for Promotion of Industry and Internal Trade released the draft National E-Commerce Policy (Policy) on Saturday, 23rd February 2019 with the Government seeking comments on the draft till 9th March 2019. The overall objective of the policy is to prepare and enable all stakeholders to fully benefit from opportunities that will arise from the digital economy. The Policy can be viewed here.

This update provides a brief synopsis of the Policy from the perspectives of:

  • Data Privacy
  • FDI/ E-Commerce Marketplaces
  • Key Competition Law issues

Data Privacy

Data being an integral element of the digital economy, the Policy has two primary aims- the first is to regulate the cross-border flow of data and second to utilise the anonymised community data for common public good.

  • The Policy introduces a concept that India and its citizens have a sovereign right to their data, however, this right cannot be extended to non-Indians. This is a clear departure from the Personal Data Protection Bill, 2018 (the "Bill") and the General Data Protection Regulation, both of which grant privacy rights based on the location of the individuals and not based on citizenship.
  • The Policy further states that even after data is anonymised, the interest of the individual cannot be completely separated from it. This also is a significant deviation from the Bill, as the Bill completely excludes anonymised personal data from its purview.
  • Another important point to note is that the Policy further seeks to impose restrictions on sensitive data that is collected or processed in India but stored abroad. Such data cannot be shared with other businesses, third parties, foreign governments etc., even when the customer has provided consent for such data transfer. However, Indian authorities need to have access to such data stored abroad. Surprisingly, technology and cloud computing services involving technology related data flows which have no personal or community implications are excluded from the above restrictions.

Our View: The Policy cannot be viewed in isolation- it must be viewed keeping in context the Bill, released by the committee under the Chairmanship of Justice B.N. Srikrishna which is substantially comprehensive in its scope and deals with all aspects of protection of personal data. The privacy aspects of digital economy sought to be covered under the Policy overlap with provisions covered under the Bill. It is, therefore, imperative that the Bill and the Policy are aligned.

Also, the policy surrounding Indian authorities' access to sensitive data stored abroad needs to meet the test of constitutionality.

FDI/ e-Commerce marketplaces

  • Definition of "e-commerce."

There is variance in the definition of e-commerce in the Policy and Press Note 2 of 2018 ("Press Note 2") issued by the erstwhile Department of Industrial Policy and Promotion that regulated foreign direct investments ("FDI") in the e-commerce sector. While Press Note 2 defines e-commerce to mean "buying and selling" of goods and services, the Policy defines e-commerce as including "buying, selling, marketing or distribution" of goods and services.

Our View: The definition of e-commerce in the Draft Policy should not become a “guiding light” for changes to other legislations (including Press Note 2) since it could inadvertently expand the restrictions on FDI to other players in the e-commerce ecosystem. 

  • Tracking of Imports and Payments It appears that considerable thought has gone into plugging some of the gaps in the regulatory framework of import of goods into India, as the Policy now requires:
    • Import of products to be made through the customs route 
    • India Post to conduct due diligence on shipping entities and addresses and set thresholds to eliminate misuse of the “gift” route 
    • All e-Commerce sites/apps available to Indian consumers (displaying prices in INR) to have MRPs on all packaged products, physical products and invoices
    • any payments to GST non- compliant sites/ apps through Indian banks and payment gateways to be barred.

Also, the Policy envisages the creation of electronic infrastructure that shall connect the customs authorities, Reserve Bank of India and India Post to better track imports. 

Our View: The requirement of all e-commerce sites/apps available for download in India: (i) to have a registered business entity in India; and (ii) specifying such entity to be the importer on record or the entity through which all sales in India are transacted, may be draconian and effectively lead to government micro-managing businesses.

  • Anti-counterfeiting measures

The following are some of the anti-counterfeiting measures that are envisaged in the Policy:

- The e-commerce platform is to provide an option to trademark owners (including licensees) to register themselves on the e-commerce platform ("Platform Registered TM Owners"), and whenever a trademarked product is uploaded for sale on the e-commerce platform, such ecommerce platforms shall notify such Platform Registered TM Owners.

- If required by any Platform Registered TM Owner, the e-commerce platforms shall not list/offer for sale, any of the Platform Registered TM Owner's products without its prior approval.

- A trademark owner may require that an e-commerce platform obtain its approval for listing any "high value (luxury) goods", cosmetics or "goods having an impact on public health".

- Complaint of fake/counterfeit goods is required to be conveyed to trademark owners within 12 hours.

Our View: Some of the proposed anti-counterfeiting measures may not only be difficult to implement, they may increase cost of doing business for e-commerce platforms in India and act as barriers to entry for start-ups in this nascent sector.

Key Competition Law issues

  • Access to Data and Network Effects

The Policy highlights the concerns surrounding free access to data by smaller businesses and control over data by dominant firms. It aims to make available the data in an equitable manner for providing a level playing field and promote fair competition in the Indian market and provide thrust to start-ups and MSMEs. Some of the key concerns and issues relating to access to data are discussed below:

- Entry Barriers: Bigger companies control a large part of Big Data and make it difficult for the new entrants to enter the market. Streamlining the access to data, while addressing the privacy concerns are intended to be achieved.

- Predatory pricing: Control over big data and network effects have made it possible for certain ecommerce companies to sustain in the market despite offering goods/services at a highly discounted value.

- Social Media and Search Engines: The Policy also discusses the issue of mining of data by social media and search engines to be then used to develop new services and products, such as translations and visual recognition.

- Access to e-commerce market place: Providing greater access to smaller and medium business enterprises to the e-commerce market place to increase competition and improve penetration to a larger consumer base.

  • Use of Artificial Intelligence

The Policy discusses the competition concerns relating to the use of artificial intelligence in developing algorithms that can be used for collusion to fix prices, etc.

  • Mergers & Acquisitions

The Policy addresses the issue of acquisitions by big e-commerce companies of potential competitors early in the life of such smaller companies leading to the elimination of competition in the market. The Policy acknowledges the importance of data as an asset.

  • Development of Technology Wings

It provides for the creation of new-age tools to help the regulatory agencies understand and analyse the transactions in the proper light.

  • The balance between Commercial Interests and Consumer protection

The Policy understands the importance of access to source codes and algorithms. This is crucial from the perspective of behavioural / conduct of firms using AI to support their businesses, e.g. search engines, airline ticketing, etc. to analyse if there are any anti-competitive behaviour by firms.

Our View: The issues covered under the Policy aim to regulate all the important aspects of competition in the market, including conduct of enterprises from abuse of dominance perspective, collusive practices using new age technology, and elimination of competition in the market through acquisitions. Indeed, the Competition Commission of India (CCI) plans to study the domestic e-commerce industry to learn how the use of artificial intelligence and algorithms can provide means to players in different sectors to collude on various aspects of competition. To give effect to this critical mandate, it is important for the Indian authorities to closely understand the competitive landscape of the e-commerce market place and adopt a more balanced approach that ensures access to smaller players on fair terms to present a level playing field, while also giving due regard to the investments of the existing players to avoid free riding by new entrants. Further, it is important to appreciate the changing landscape and requirements of innovation in technology sector so that the unnecessary regulatory interference is avoided, and genuine business interests and confidential business aspects are not prejudiced.