Data Swaraj for Secure Digital India
#306 2026

Data Swaraj for Secure Digital India

Deeptech

Most of our digital data both citizens and Govt are stored in virtual cloud which are largely serviced by Big Techs (single point of failure).

I happened to meet an enthusiastic IIT alumnus during the 75th year foundation day function in Delhi. Abhishek B. helped develop the Prime Ministers dashboard which seems to have helped consolidate tomes of data into an actionable dashboard screen. As a veteran of NISG (National Institute of Smart Governance) – he is no newbie to data or its governance.

https://lnkd.in/eZy5gJMT

I finally met up with Abhishek yesterday to understand his perspective on where we are as a country and what needs to be done. There were some interesting points that came up during the discussion.

First is the motherhood statement that India’s greatest asset is its data. Not its IT personnel. Not its solar power. Not its ai foundational models. Just its data. And the immediate challenge is to safeguard the data from being stolen. India’s engineers and tehnocrats have let the country down.

A virtual cloud is sold like a bank locker. You have one key and the bank has another. Both keys are required to open the locker. But that is not actually the case. The data centre operator has his key. Plus he has a master key so he can open the locker without your key. And that is where the virtual private cloud is not in our interest.

Digilocker is apparently hosted on Google. The govt procurement portal GEMs is hosted on aws. Most corporate emails are on azure by Microsoft.

America is stated to be a completely trust worthy, high governance, friendly country. But what if it were to lose the Iran war. May not happen unless it does. What if the data centre is bombed.

One country control has serious risks:-

1) Economic security: While for Big Techs India is the biggest digital market but none of them pay any taxes leading to economic drain;

2) National security: a) Data stored on cloud is encrypted, wherein the private key is owned by foreign entity so even if data resides in India we don’t own or control it b) The root IP Address of all Big Techs Cloud is American IP Address, c) They are subject to US Cloud/Patriot Act so it overrides our local laws, d) As visible from Iran conflict, with AI our data shall get repurposed for the benefit of foreign nations;

3) Legal: DPDP Act covers only personal information, whereas critical datasets (railways, airlines, IoT, financial, smart cities, etc.) remain outside its ambit; hence it’s urgent to declare data as National Asset, Extra-territorial laws like US Cloud Act

The only way out is to own the entire data centre stack. This is not the govts job.

We need an urgent overhaul to our regulations and policies. Cloud service providers have to be distinct from and independent of infrastructure owners.

Right now the game is rigged by BigTech.
It’s called regulatory capture.

In plain English it means make a mickey of the babu and plant tender conditions your competitors can’t meet.