[ARTICLE] Digital sovereignty in India: policy agenda, discourse, power and capability

By Tamian Derivry

This year, the Chair has adopted a more international and less West-centric approach to digital sovereignty, reflecting attempts in the academic literature to map the ‘political geography’ of the concept around the world (Glasze et al, 2022). While previous work had focused on the European and American perspectives, this new approach led to the publication of various interviews on the Russian and Chinese perspectives.

India has received comparatively little scholarly attention. Existing studies focused on the notion of ‘data sovereignty’, primarily assessing data localisation policies, i.e., policies that prevent the free flow of data across borders (Basu et al, 2019; Kovacs & Ranganathan, 2020; Burman & Sharma, 2021). Others have investigated the ‘strategic position’ of India in
resisting ‘data colonialism’ (Gupta & Sony, 2021) as well as the ways in which its data sovereignty agenda contributes to the process of ‘data securitisation’ (Vila Seoane, 2021) and the expansion of the state’s ‘biopolitical’ control of its population (Prasad, 2022). Yet there is a lack of research on the more encompassing notion of digital sovereignty.

A better understanding of this broader political agenda is essential to position the country in global digital governance. As the largest democracy in the world, India represents a key strategic partner for the EU, especially in light of the more authoritarian models of digital governance developed in Russia or China. At the same time, there have been growing signs of illiberalism and democratic backsliding since the Bharatiya Janata Party (BJP) came to power in 2014 (Varshney, 2019, Ganguly, 2020), foreshadowing potentially fundamental incompatibilities between European and Indian approaches in the future.

After providing a brief contextual overview of the Indian digital sovereignty agenda, the article examines the discursive construction of the term by Indian policymakers. It goes on to address the ways in which the notion is used to justify the fight against foreign influence while legitimising more authoritarian forms of control. It concludes with some remarks on the capabilities and dependencies ultimately limiting Indian ambitions.

Digital sovereignty as a policy agenda: India within local and global trends

Attempts to regulate the digital sector in India are not new and largely follow global trends. The Information Technology Act, 2000 (IT Act) laid the legal foundation for the regulation of online content, cybercrime and e-commerce in the country (and still does to a large extent, even though it has been widely amended). The Act provides online intermediaries with limited liability for third-party content, broadly mirroring the approach taken by the EU at the
time, as set out in the so-called safe harbours of the 2000 E-Commerce Directive. Like in many countries around the world, Edward Snowden’s revelations in 2013 sparked strong criticism and concern over the protection of data and digital infrastructures in India, leading to the first National Cyber Security Policy aimed at better protecting the country against cyber-attacks. There was little mention of digital sovereignty yet, but the term gradually established itself as it became more widespread globally in the late 2010s (Thumfart, 2021).

The 2018 National Digital Communications Policy was the first major official document referring explicitly to the notion of digital sovereignty. Along with strategic goals for the development of the ICT sector, it contains a digital sovereignty part, which proposes to adopt data protection and cybersecurity measures. The policy was followed in 2019 by the draft National E-Commerce Policy and the Digital Personal Data Protection Bill, which respectively provided for rules on data localisation and data protection rights. Due to strong criticism from civil society and business actors, the e-Commerce Policy was eventually diluted in other regulations, mainly in the Consumer Protection (E-Commerce) Rules 2020, and the Personal Data Protection Bill was revised in a new draft released in 2022 (which is still being discussed). While India has been an early adopter of data localisation policies, it seems to be relatively lagging behind in the area of data protection, especially when compared to the EU’s 2016 General Data Protection Regulation or China’s 2021 Data Security Law.

Beyond data-related policies, India’s digital sovereignty agenda has extended to questions of information control or information sovereignty. In 2021, the Indian government released new Information Technology (Intermediary Guidelines) Rules, replacing the 2011 Intermediary Guidelines Rules with more stringent content moderation rules for online platforms, making numerous references to the protection of India’s sovereignty and integrity. Several provisions, such as the obligation to appoint an India-based compliance officer to facilitate enforcement or rules on grievance reporting mechanisms for users, mirror other recent attempts to regulate digital platforms around the world such as the Digital Services Act in the EU.

India’s digital sovereignty agenda has also increasingly included policies fostering the development of infrastructures and relocation of key digital industries on Indian territory such as the 2020 draft Data Centre Policy, which aims to make India “a Global Data Centre hub” through investment and a more innovation-friendly legal framework, and the 2021 Programme for Development of Semiconductors and Display Manufacturing Ecosystem, which plans to support the development of Indian electronics manufacturing with financial incentives up to USD 30 billion. This move towards technological sovereignty and the reduction of dependencies in strategic sectors equally reflects global trends. For example, the US and the EU are both adopting their own “Chips Acts” to boost their semiconductor industry.

Digital sovereignty as discourse: anti-colonial, techno-nationalist and liberal-democratic
rhetoric

The first characteristic of the Indian digital sovereignty discourse is the frequent use of references to India’s colonial past. For instance, Minister for Electronics and Information Technology Ravi Shankar Prasad said in a 2021 interview with India TV that the government would not allow foreign companies like Twitter “to work like the East India Company”. Similar references are present in academic circles, where parallels are drawn between the extraction of natural resources by the East India Company under British imperial rule and the current extraction of data by US tech companies (Gupta & Sony, 2021), as well as in business circles, where references to colonialism are used to denounce the economic dominance of US tech companies and their near-monopoly on the Indian market (Vila Seoane, 2021). For obvious historical reasons, the notion of digital or data colonialism resonates particularly well in India as it articulates analogies between data extraction practices and the colonial mechanism of resource exploitation (Couldry & Mejias, 2019), along with the historical experience of colonial domination and its neo-colonial continuity in economic dependencies (Kwet, 2019).

The second characteristic of the Indian digital sovereignty discourse is the use of a techno-nationalist rhetoric. Techno-nationalism broadly refers to an ideology that “links technological innovation and capabilities directly to a nation’s national security, economic prosperity and social stability”. As Prasad (2018) points out, this ideology has been central to the portrayal of India as a global and self-sufficient technology leader. Techno-nationalist imaginaries were most prominently expressed in opposition to the introduction of Facebook’s Free Basics programme in 2015. Free Basics was intended to improve connectivity in developing countries by providing cheap (zero-rated) Internet access to a limited number of apps (Toussaint, 2020). The programme has been widely criticised, notably for violating net neutrality principles by conferring an advantage on the selected apps. In India, net neutrality advocates echoed techno-nationalist narratives to argue that India was sufficiently advanced to build its own connectivity programmes without relying on foreign actors like Facebook (Prasad, 2018). This led to a ban on all zero-rating plans by the Telecom Regulatory Authority in 2016.

The third characteristic of the Indian digital sovereignty discourse is the use of a liberal-democratic rhetoric. This was particularly visible in the aforementioned interview with  Ravi Shankar Prasad, who stressed that digital sovereignty was essential to ensure the supremacy of the Indian constitution and the rule of law, but also in Prime Minister Narendra Modi’s keynote address at The Sydney Dialogue in November 2021, where he described India as a “digital leader” providing a roadmap for developing democracies and their growing digital sector. Historically, this is quite typical of India’s foreign policy, which relies on the country’s self-portrayal as a model and democratic leader in the Global South (Hall, 2022). The combination of techno-nationalist, anti-colonial and liberal-democratic rhetoric forms the basis of the Indian digital sovereignty discourse. It reflects India’s ambition to build its own model of digital governance beyond the models promoted by the US, China or the EU. It also plays an important role in national politics as discussed in the section below.

Digital sovereignty as instrument of power: Hindu-nationalism and platform governance

Digital platforms have had a mixed impact on the rise of the BJP, highlighting more generally the ambivalent relationship of these platforms with liberal democracy. Despite widespread beliefs in their democratising power, social media platforms have been used as a space for large-scale political propaganda and helped BJP supporters to spread the populist-nationalist discourse of the ruling elite (Bhatnagar, 2022). On the other hand, they have opened up a new space for political dissent beyond state control of traditional media. For instance, some studies have shown how Twitter and WhatsApp allowed dissidents and local populations to better voice their criticism of government action and served as effective tools of mobilisation in the Jammu and Kashmir region (Gabel et al, 2020; Nadaf, 2020).

Yet as a result, foreign platform companies are often accused of interference in domestic political affairs and criticised for their lack of cooperation with Indian authorities. WhatsApp was prominently accused of facilitating the spread of false information and incitement to violence against Muslims (Arun, 2019), which is almost ironic given the BJP’s Hindu-nationalist agenda. An interesting argument made by Arun (2019) is that anti-Muslim violence has been intentionally framed by the Indian government as a digital sovereignty issue in order to divert attention from the deeper roots of anti-Muslim hate, including how it derives from the BJP’s treatment of religious minorities. 

Digital sovereignty has also been increasingly invoked to legitimise more state control of the digital space. Since a 2009 amendment, section 69 of the IT Act already granted Central and State governments the power to “intercept, monitor, or decrypt” information “through any computer resource” to protect India’s “sovereignty” and “integrity” (for a more detailed legal analysis of platform regulation in India, see Agarwal, 2022). The Information Technology Rules, 2021 have since then further expanded the reach of state powers under the IT Act, especially with regards to “significant social media intermediaries” (with over 5 million users). The new rules have been widely criticised for endangering individual freedoms (Ashwini, 2021).

Recent judicial conflicts with WhatsApp and Twitter illustrate the power relations inherent to the question of digital sovereignty in India. The first case relates to the traceability requirement under section 4(2) of the Information Technology Rules, 2021, which enables a court or government agency to request that large messaging platforms share the identity of a message’s “first originator”. This would require platforms like WhatsApp to alter their end-to-end encryption architecture and therefore weaken the privacy of users. The second case relates to government-issued take-down orders to remove or block critical tweets and accounts, notably during the massive farmer protests of 2021 and in relation to the government’s handling of the pandemic. Take-down orders have been accused of disproportionately harming freedom of speech in the country. Both companies have referred their cases to Indian courts, whose decisions could have a significant impact on the state of platform regulation in the country.

US tech companies are not the only targets of restrictions implemented under the banner of India’s digital sovereignty. The Ministry of Electronics and Information Technology has banned dozens of Chinese apps in recent years, invoking section 69 of the IT Act and more specifically threats to national security over transfers of critical data to China. The social media giant TikTok was banned by Indian authorities as early as June 2020 following an incident with Chinese troops at a disputed border site. In this case, digital sovereignty claims clearly reflect more than fears of interference, but also heightened geopolitical tensions. In addition, the ban has fostered the development of Indian video-sharing platforms such as Josh, thereby supporting both the security and economic objectives of Indian techno-nationalism. The decision to ban TikTok is now often referred to in the EU and the US, where a similar ban is currently being considered. The two situations are nonetheless very different, not least because TikTok was banned in India at a relatively early stage, which contributed to the social acceptability of the decision, but also in a regulatory context which greatly facilitated such bans.

Digital sovereignty and limited economic or technological capability

States not only have different approaches to digital sovereignty, they also have different economic and technological capabilities, which affects their ability to implement their digital sovereignty agenda.

Economic capability is critical for digital sovereignty in that it can be used to impose norms and standards on both domestic and foreign actors. India’s significance in the digital economy should not be underestimated. Its ICT sector only accounts for 2.3% of the global ICT market in 2022, compared to 36% for the United States alone, but it is one of the fastest growing in the world, with growth rates above 15% in 2021-2022, contributing to about 7 to 8% of the Indian GDP, and rapidly expanding technological hubs such as Bangalore, also known as the “Silicon Valley of India”. At the same time, India’s digital sector remains mainly export-oriented and cannot take advantage of a huge consumer market like the EU. Exports can be leveraged, but mainly to the extent that they are linked to critical supply chains. Thus, a more
thorough analysis would be needed to assess both India’s dependencies and strategic position within global digital supply chains.

Despite India’s growing digital economy, the technological capabilities of the Indian state remain limited, especially when compared to the highly sophisticated means of online censorship and surveillance of Chinese authorities. Instead of systematic censorship, the Indian government has often resorted to Internet shutdowns in order to prevent the
dissemination of critical speech and political mobilisations perceived as a threat to national security. The Temporary Suspension of Telecom Services (Public Emergency or Public Safety) Rules, 2017 enable the state to compel internet service providers to shut down internet access in a designated geographical location in case of “public emergency or public safety”. As documented by Access Now, India is the largest perpetrator of internet shutdowns in the world (at least 106 times in 2021), with the vast majority of these shutdowns occurring in the Jammu and Kashmir region. Again, a more detailed infrastructure-based analysis could help assess the real technological capabilities of the Indian state.

This article has only begun to sketch out the complexities and key issues surrounding India’s digital sovereignty agenda. One of the key lessons is that digital sovereignty in India, as elsewhere, is embedded in both global and local power dynamics and can easily be instrumentalised to serve political interests. The Indian case is particularly interesting as it highlights the ambivalence of digital sovereignty as a term that cannot be easily categorised as either democratic or authoritarian, liberal or illiberal, and thus contributes to a better understanding of digital sovereignty claims in their historical and political context.

Tamian Derivry is a double master’s student in European Affairs and Political Science between Sciences Po  and the Freie Universität Berlin. He is also a research assistant at the Digital, Governance and Sovereignty Chair of Sciences Po.