After expressing its support for data regulation, homegrown decacorn Paytm has now proclaimed that India requires stricter data privacy laws to prevent free movement of user details across the border, especially by global companies that have entered the country’s digital payments space in recent times.

In response to the news of Facebook’s biggest data breaches perpetrated by British big data analytics startup Cambridge Analytica that surfaced last month, Kiran Vasireddy, Chief Operating Officer at Paytm said, “What is important at present is that we as a country do not allow these entities to hijack our data, to be sold and misused for their own gain. It is quite clear that their business model lies around selling of the data in the light of the revelations by Facebook’s founder at the Congressional testimony.”

Calling for more stringent data privacy laws in India, Vasireddy added, “We are not a third world country with respect to digital issues, we do not need western companies to come in with superior technology per say and solve payments for us. These players are into payments not because they want to solve the payments problem in India. They are here because (for them payments) data is the missing point in the puzzle right now.”

Earlier, Paytm founder Vijay Shekhar Sharma had said, “Data or apps need to be regulated to the extent that individuals have privacy, control, and ownership of their data and can control who can or cannot use their data. Right now, there’s neither a privacy law in the country, nor restrictions to corporates who are using that data.”

Sharma and Kiran’s statements come less than two weeks after the RBI asked all payment system operators in the country to store data – pertaining to their customers – within India. The move, it is believed, is geared towards ensuring that user details remain secure against privacy breaches.

As per reports, the payment system companies have been given six months to comply with the newly-released norms.

On the latest guidelines, the central bank said in a statement, “Ensuring the safety and security of payment systems data by adoption of the best global standards and their continuous monitoring and surveillance is essential to reduce the risks from data breaches while maintaining a healthy pace of growth in digital payments.”

According to the RBI, currently, only a certain percentage of payment system operators and their outsourcing partners store the user data within the country, either partially or completely.

The decision has come at a time when digital payments in the country have been showing no signs of slowing down. According to the RBI, in January 2018, transactions worth $2 Tn (INR 131.95 Tn) were carried out on mobile wallets. This is in sharp contrast to the $1.9 Tn (INR 125.51 Tn) clocked in December 2017.

As per the latest data, UPI-enabled app BHIM recorded 1 Bn transactions in FY 2017-18, crossing the value worth $15.36 Bn (INR 1 Tn).

The digital payments sector is projected to reach $500 Bn by 2020, contributing 15% of India’s GDP, as per a recent report by Google and Boston Consulting Group. A report by Credit Suisse predicts that the market, which is currently worth around $200 Bn, is expected to grow five-fold to reach $1 Tn by 2023.

With the new RBI norms mandating payment system operators to store data within the country, and established players like Paytm voicing their support for stricter data privacy laws, the country’ digital payments sector could undergo massive changes in the coming months.

(The development was reported by ET)