wordpress blog stats
Connect with us

Hi, what are you looking for?

India’s digital policy agendas are gradually resembling that of other BRICS nations

Key highlights of a study on BRICS countries show that India is not alone in its efforts to regulate social media and personal data.

In the 2021 Declaration of the 13th BRICS Summit which took place a few weeks ago, countries called for an intergovernmental agreement on cybersecurity. New research published in the DirectionsBlog.eu points out that although it is easier said than done, the current political scenario in each BRICS country and similar domestic priorities make it an apt time to come to such an agreement.

In a report titled ‘Cybersecurity Convergence in the BRICS Countries’, Luca Belli a professor at FGB Law School points out that the idea of an intergovernmental agreement on cybersecurity can easily be complicated by intra-BRICS frictions, “such as the recent China-India skirmishes and India’s subsequent ban of 200-plus Chinese apps.” Belli also pointed out that, “Cybercrime, for example, is a particularly sensitive issue, considering that what constitutes a crime is the quintessence of domestic legal culture and national idiosyncrasies.

However, the BRICS’ enhanced cooperation on cybersecurity is already ongoing. The current political conjuncture – including the BRICS’ increasingly similar domestic priorities; the consensus found within the UN Group of Governmental Experts (GGE), saluted by the 2021 BRICS Declaration; and the mandate to elaborate international and intra-BRICS responses – may make this an easier time than ever to come to such an international agreement —Cybersecurity Convergence in the BRICS Countries

To support his analysis, Belli provided a lowdown of cybersecurity and information technology policies coupled with his observations and (in some cases) criticisms of each BRICS country.

But first, what does the 2021 BRICS Declaration say? Essentially, the declaration urged stakeholders to cooperate in the security domain by implementing the BRICS’ policies pertaining to the usage of Information Communication Technologies (ICTs). It also underscored the importance of establishing legal frameworks of cooperation among the BRICS nations on this matter.

Major cybersecurity breaches such as one that was revealed by Edward Snowden, shed light on the need for inter-governmental cooperation when it comes to cybersecurity. This might soon be possible as the report states that the BRICS nations’ policy agendas in areas such as data protection are aligned.

Advertisement. Scroll to continue reading.


What it has done: The report said that in 2020, Brazil enacted a new Data Protection Law and introduced regulations on social media content in the form of the “Fake News Bill”. Over the past two months, Brazil has also created a new cyber-incidents response network, the report added.

Observation made in the report

  • Brazil’s Cybersecurity Strategy has been criticised for lacking defined objectives, budgets, responsibilities, and deadlines.
  • The Data Protection Law (LGPD), strongly inspired by the European Union’s GDPR, needs to be implemented.
  • Despite the creation of a new Data Protection Agency, Brazil lacks a “data protection culture”.
  • Proposed social media regulation has been criticised for introducing traceability requirements that weaken encryption.


What it has done: The report said, Russia enacted its Internet Sovereignty Law, and recently amended its Data Protection Law and the Law on Information, IT and Protection of Information. The Information Law amendments require social networks to monitor content and “restrict access immediately” for users who share information about sensitive matters, it stated. The report also said that the Internet Sovereignty Law allows for disconnection of the Russian segment of the Internet, the “Runet”, from the global Internet. “While the extent to which Russia can implement effective infrastructure-embedded control over Runet remains unclear, its aim is overtly to be able to cut off its Internet from the rest of the world,” the report said.

Observation made in the report

  • The amendments to the Information Law “do not seem to carefully consider” the objections raised by the European Court of Human Rights in June 2020.


What it has done: India notified its Information Technology Intermediary Guidelines and Digital Media Ethics Code Rules, 2021 (IT Rules) and is expected to introduce the latest version of its Personal Data Protection (PDP) Bill at the upcoming parliamentary session.

Observation made in the report

  • PDP Bill when enacted will help provide legal certainty on a variety of issues.


What it has done: In January, China enacted its new Civil Code creating new legal rights to privacy and protection of personal information. In August, the Chinese National People’s Congress adopted the new Personal Information Protection Law (PIPL) and the Cyberspace Administration of China has released a draft Regulation on Automobile Data Security for comments. Beijing has also adopted its new Data Security Law (DSL), defining more stringent requirements for processing “important data” etc.

Observations made in the report

 The Chinese emphasis on data-related policies follows from Beijing’s realisation of the benefits brought by data protection and data security and consideration of (personal) data as an increasingly essential asset – of which China is the largest producer globally – from both an economic and strategic perspective — The report

South Africa

What it has done: In July 2021, the one-year grace period of the Protection of Personal Information Act (POPIA), ended, thus making the legislation fully enforceable, the report said. In June 2021, President Ramaphosa signed the new Cybercrimes Act of South Africa, bringing the country up to date with international best practices. “The Cybercrimes Act creates new crimes of unlawful access and interception of data, unlawful acts in respect to software or hardware tools and unlawful interference with data or computer programmes,” the report said.

Advertisement. Scroll to continue reading.

Observations made in the report

  • There are several points of intersection between POPIA and the Cybercrimes Act.
  • South Africa is a signatory to the Budapest convention (the first international treaty seeking to address internet and computer crime), despite not being a member of the Council of Europe.

Also read

Have something to add? Post your comment and gift someone a MediaNama subscription.

Written By

Among other subjects, I cover the increasing usage of emerging technologies, especially for surveillance in India

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ