Synopsis: Mastercard Asia has been ordered by RBI to refrain from taking on new customers as it failed to fulfil its obligations under the local data storage rules.
|Also Read: Mastercard can’t issue new cards from July 22: RBI|
- Impact on the payments market: India’s retail payments landscape has transitioned to contactless payments, and cards are slowly losing relevance. Cards have a 3% market share and Mastercard is estimated to account for around one-third of those transactions. Therefore, RBI’s move, especially since renewal of existing Mastercards are not affected, won’t be really market disruptive
- This data localisation requirement is also consistent with India’s Personal Data Protection Bill (PDP) that was introduced in Parliament 19 months ago. The bill was referred to a joint parliamentary committee and its report is still under preparation.
The original bill covered localisation and stated that some critical data shall be processed only in India. PDP cannot exist in isolation. India has globally competitive firms in data processing and PDP’s structure will have a ripple effect on them. A benchmark could be the EU’s GDPR which allows transfer of data to non-EU-based firms provided they follow the same standards.
|Also Read: Personal Data Protection Bill and issues around data localisation|