India has a long history of drafting laws to protect its companies. In the process, Indians themselves often suffer. That\u2019s precisely what will happen if the government proceeds with plans to force companies doing business in India to store all customer data locally. The first salvo in this campaign was fired in April, when the Reserve Bank of India ordered companies to store the \u201cthe entire data relating to payment systems operated by them \u2026 in a system only in India.\u201d The central bank claimed this was necessary to ensure its \u201cunfettered supervisory access\u201d for \u201cbetter monitoring.\u201d While India isn\u2019t the only country to prevent companies from sending their data offshore, the RBI edict was unusually strict. Even Russia allows copies to be kept elsewhere. Google, among others, has complained loudly that the RBI\u2019s six-month deadline, which is approaching fast, is too short. Meanwhile, the government has begun considering a draft data-security law that requires data centers for all companies be physically located within India. The committee that drafted that law overstepped its mandate badly; it was supposed to limit itself to figuring out new rules to protect consumer data and instead focused on growing digital-economy companies. Separately, a government think tank has also produced an e-commerce policy which requires the storage of customer data in India. India\u2019s track record on the regulation of new technologies is abysmal. The RBI has been a particularly grave offender: India has yet to develop a proper digital-payments infrastructure largely because the central bank stifled its growth at birth, insisting that telecom companies offering cheap money-transfer services become banks first. Indian companies such as Airtel rolled out services in East Africa instead. Then, in 2014, the RBI required that every online card payment, even the smallest, go through a two-factor authentication process. To pay for an Uber in India, you have to enter your credit card password, swiping at your phone in the rain or blinding sun, even if your ride has cost only $1.50. Perhaps many of these decisions would have been different if Indian bureaucrats had ever had to take a cab, transfer money to a village through an SMS or the like. Their distance from the country they seek to regulate unfortunately has few peers in the world. The fact is that the arguments used to justify the need for data localization simply aren\u2019t persuasive. Proponents say, first, that places such as China do it. This barely requires a reply: China really shouldn\u2019t be a model for anyone designing a free and open digital economy. The second argument is that preventing foreign companies from repatriating and making money off of Indian consumers\u2019 data will help Indian companies grow: If data is the new oil, then surely Indian companies should have exclusive access to Indian data they can mine? This nativist instinct is in line with the rest of the national e-commerce policy, which openly seeks to tilt the playing field in favor of domestic companies; the panel that wrote the policy very noticeably excluded members from the big credit card companies, as well as Amazon and Uber. But, for one thing, some existing \u201cIndian\u201d payments companies, such as the largely Chinese-financed Paytm, are Indian in name only. And localizing data will wind up hurting Indian companies that seek to integrate with the world. Can you imagine the Indian business-process outsourcing industry surviving a data trade war? A borderless internet is what turned India into an IT services superstar; localization is just another kind of economic wall, not dissimilar to the tariffs that the government has begun to reimpose on imports after a generation of openness. Finally, in a particularly Orwellian twist, the government has claimed that keeping data in the country will protect Indians\u2019 privacy. In actual fact, that just means that Indian bureaucrats will be able to get their hands on it. India\u2019s privacy laws are weak; messages can be intercepted just on a senior security official\u2019s say-so, with minimal oversight or accountability, and even this requirement is widely ignored. Moving Indians\u2019 data from the relative security of U.S.-based servers to ones that their own government can access with ease is not going to make them any safer. Most Indians would trust Google\u2019s commitment to its users much more than they would their government\u2019s commitment to its citizens\u2019 privacy. I certainly do. When governments build barriers to protect companies, then consumers suffer, growth stagnates, and the entire country falls behind the rest of the world. Data localization limits possibilities for India\u2019s vibrant startups; they should be able to locate their servers wherever they want and use whatever cloud services make most sense for them. As for consumers, they have the right to access a free and unfettered internet and to use the highest-quality or cheapest online services they can find. And, certainly, they have the right to store their personal data wherever they want. Moving to a \u201csplinternet\u201d would hurt people and businesses worldwide \u2014 but those in India more than most.