'“Data localization”: The internet in the balance' by Richard D.Taylor in (2020) 44(8)
Telecommunications Policy comments
There is a steady global trend towards “Data Localization,” laws by which data is required to be maintained and processed within the geographic boundaries of its state of origin. This development has raised concerns about its possible adverse impacts on emerging data-intensive technologies such as Cloud services/E-commerce, Big Data, Artificial Intelligence and the Internet of Things (collectively, the Embedded Infosphere). The inability to reach an international agreement on rules for cross-border data flows may have significant adverse consequences for all future users of the Internet.
The basis of Data Localization is grounded in two distinct but inter-related policy models: Data Sovereignty and Trans-Border Data Flows. These two concepts have different origins. “Data Sovereignty” is derived from the historic power of a state of absolute and exclusive control within its geographic borders. Policies behind TBDFs arose in Europe following World War II, primarily motivated by Nazi use of early proto-computers to help round up Jews and others. As they have evolved, TBDF policies have been directed primarily at protecting personal data and privacy.
This article first examines the issues of: 1) “Information Sovereignty” and 2) TBDFs. It then describes the arguments for and against “Data Localization,” offers some examples of strong localization policies (Russia, China), and summarizes contesting policy proposals. It then contextualizes TBDF with issues of human rights (free flow of information) and privacy.
While the utility of an international agreement on TBDFs is clear, the differences in approaches are tenacious. For the free-market developed world (e.g, EU, OECD), the path forward seems to lead through policy convergence to compatible rules, with differentiated levels of data protection and accountability. It is far from clear whether these rules will address, in a mandatory way, issues of the “free flow” of information in the human rights sense. At the same time, there are countries (e.g., BRICS), representing a majority of the world's population, in which political and cultural resistance will produce stringent Cyber Sovereignty and Data Localization policies with few if any human rights components.
The article concludes that the more the Internet is “localized”, the more attenuated its benefits will become. The negative consequences of Data Localization will become increasingly obvious as new, data-intensive technologies become ubiquitous, creating a condition of “Data Dependence”. It is projected that in the future the nations with the least amount of Data Localization and the most open flow of information will be the most successful in benefiting from new data-intensive embedded, networked technologies. This will most likely be characterized by values adopted as policies and practices in the EU.