p.p1 impose measures that restrict cross-border data flows and

p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; text-align: center; font: 12.0px ‘Times New Roman’; -webkit-text-stroke: #000000}
p.p2 {margin: 0.0px 0.0px 0.0px 0.0px; text-align: center; font: 12.0px ‘Times New Roman’; -webkit-text-stroke: #000000; min-height: 15.0px}
p.p3 {margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px ‘Times New Roman’; -webkit-text-stroke: #000000}
p.p4 {margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px ‘Times New Roman’; -webkit-text-stroke: #000000; min-height: 15.0px}
span.s1 {text-decoration: underline ; font-kerning: none}
span.s2 {font-kerning: none}
span.Apple-tab-span {white-space:pre}

Data Localization: the New Age of Economic Nationalism

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

The US, Mexico, and Canada have hit a wall on their fourth round of talks trying to re-negotiate North American Free Trade Agreement. The core of the US proposal is centered around ‘rebalancing’ the deal particularly surrounding auto manufacturers, x, and y. However, another important and contentious topic being discussed is NAFTA’s regulations regarding digital and data storage. The US demands that “NAFTA countries do not impose measures that restrict cross-border data flows and do not require the use or installation of local computing facilities” (Office of the United States Trade Representative). This stipulation squares the tension between the goal of more open trade in NAFTA versus countries’ desire to protect their citizens’ privacy and national security. The US raises the objection that countries requesting localization are requesting trade barriers. As technology and the internet are transforming the world and the ways in which the international society interacts, tech services is now an critical part of international industrial policy. The United States backing their domestic tech giants are calling for liberalization and economic nationalism, while the rest of the world are calling for protectionism. This paper will introduce the concept of data localization, connect it to how it is related to international trade at large, and end with a policy prescription of how the international community should regulate it.

Data Localization
Data localization is the policy in which national governments set standards that force internet operators/hosts to store the data received from internet user on servers within the country that the data originated from. Those in favor of data localization, generally stipulate that the data stored within the country is usually the sole copy of the data. This means that the copy of such data cannot flow across borders from where it was originated.  In this way, such data localization standards require internet hosts to build or rent computer servers within each country or jurisdiction they have users. This poses an issue as data operators are prohibited from routing the data to whatever servers may be the most logical or economic for them. In most cases, internet hosts currently host the majority of the data created by their users globally in locations that optimize their network and/or economic performance. Such data localization policies can be broad or narrow in scope, a broad policy would dictate that all data generated in a jurisdiction must be stored in that jurisdiction. Conversely, a policy with narrow scope would dictate that only particular (usually sensitive) data in specific populations, classes, and  industries be stored locally. 

For some time different countries have enacted different policies regarding data localization. The EU and Australia have implemented narrow localization policies while Russia and China have implemented broad localization policies. From 2000 – 2015, the European Union established an agreement with the US, the US-EU Safe Harbor Agreement, which allowed U.S. companies to lawfully transfer and process the personal information of citizens in EU member states across borders with little restriction. However in 2014, Angela Merkel, troubled by findings that she had been targeted in U.S. surveillance activities, called for European Internet services to be entirely separated from the United States. The European Union Court of Justice (CJEU) ended the Safe Harbor agreement, determining that the prior level of regulation and protection was inadequate in 2015. In 2016, the European Union announced the Privacy Shield, regulations that contains several significant updates from the Safe Harbor Agreement, including “expanded privacy notices, stronger avenues of redress for violations, and greater privacy protections when personal data is transferred to third-party controllers and processors” (Servers.Global). In 2018, the European Union’s General Data Protection Regulation (GDPR) is set to come into effect that is predicted to create a lot of compliance issues for US based companies, potentially forcing them to maintain servers in an EU country of their choice moving forward. 

Conversely, China and Russia have taken a broader scope in the aims of protecting their national security and citizen’s privacy. Since 2015, Russian law dictated that all data operators collecting personal data of Russian citizens must stored on servers within the Russian Federation. Unlike EU law, the law is non-sector specific and speaks of generally application. Russia has shown that those who fail to abide by the law will be blocked, such as Facebook, Twitter, and Linkedin in 2015. However, there other non-US Based companies like Lenovo and Samsung have complied and are some of the largest clients of Russia’s local data storage centers Orange and IXCellerate (Ambrosio). Similarly, China has been notorious in their regulation around internet, with the West referring to their censorship as the Great Firewall of China and the Golden Shield. China has blocked over 30 US-Based companies such as Google, Facebook, and Youtube that fail to comply with data localization or China’s censorship laws (Kennedy). China is fully aware of the power of deriving business and technology insights from data, with technology companies like WeChat and Alibaba that rival US tech giants. China has limited data privacy laws protecting their citizens, enabling Chinese tech companies to record, systematize, and manipulate data to create some of the most advanced tech products in the world. Thus, the Chinese government is proactive about protecting themselves from United States access to their information, as we all as  decreasing their comparative disadvantage with the United States.

How Access to Data Equals Comparative Advantage
In May of 2017, The Economist did an expose titled, “The world’s most valuable resource is no longer oil, but data”. Within the article it discussed the ways in which data gives the United States invaluable comparative advantage. The pervasiveness of smartphones have rapidly increased the amount of data generated by an individuals per second. Now data operators can collect data on any process imaginable making data all the more valuable (Parkins). Data operators aggregating, synthesizing, and employing artificial intelligence data can tell everything from when a user will most likely make a purchase to when a user may be having suicidal thoughts. This abundance of data changes the nature of competition altogether. Essentially, those who know how to manipulate the data and derive insights are arguably almost protected from their competition. The more data a company has about their product, the faster they are able to make their product better, and the faster they are to knock competition out of the running. For example, Tesla is one of the first companies in the self-driving car space. Having early mover advantages, the more data Tesla is able can gather from their self-driving car, the better they can make them at driving themselves. Tesla only selling 25,000 cars in the first quarter has now surpassed GM which sold 2.3m that same quarter. Effectively utilizing data enables companies to have a “God’s eye view” of activities in their own markets and beyond. Google can see what people search for, Facebook what they share, Amazon what they buy (Parkins). Thus, access to data sets of international markets give US Based companies and the United States a large comparative advantage. 

How data localization is related to trade
The Ricardian Free Trade economic model, accepted generally amongst most economists, stipulates that countries should specialize in producing and exporting good or services they have comparative advantage in. Thus, countries should import from other nation states the goods or service they have a comparative disadvantage in. According to Ricardo, even an unproductive country benefits from free trade by avoiding high costs for goods that it would otherwise have to product domestically. Benefits of free trade do not depend on absolute advantage. Trade may reduce wage for some workers, affecting the distribution of wealth, but the country as a whole does benefit. The WTO subscribes to this theory and bases their mission of open trade off of Ricardo (WTO). Although this is a popular theory, in reality, some countries will advocate or resist this theory of comparative advantage in practice. 

The United States argument in against data localization is a result of their comparative advantage in digital. In 2012, the United States reported that its digital exports of $223 Billion greatly exceed its digital imports of $106 Billion, giving the US a large trade surplus in digital industries, which includes data storing and hosting (Scott). The US has been consistently trade deficit in terms of the general balance of trade for the last couple of decades making the digital trade surplus significant. A study by Oxford University assess the precise reasons that account for the US’s comparative advantage in regards to data hosting. First, the early developments of the internet and digital technologies gave US based companies first-movers advantage. Second, the large size of the US domestic economy enables technology companies to tap into a large consumer base. This enables tech companies to achieve economies of scale before needing to acquire users outside of the country and deal with other countries compliance regulations. Third, the US government encourages and invests in the growth of knowledge hubs like Silicon Valley and the Research Triangle resulting in positive externalities. Fourth, US based companies like Amazon and Comcast dominate the digital hosting space in terms of users and infrastructure. Fifth, the US government gives out subsidies artificially lowering the cost of electricity enabling US tech companies to run data centers at a low cost (Selby).

Proponents of Data Localization
Although the United States has undeniable comparative advantage in data storage and hosting that increases global productivity, when used improperly, it gravely disadvantages other nations. Hosting data within the country as opposed to outside of the country gives the US government an advantage in retrieving information. There are fewer hurdles the United States must overcome to subpoena a US tech company for information they necessitate pertinent to national security, as opposed to gaining access to data stored outside of the US. According to a study done by Atlas, Apple complied 80% of the time the US government requested by court order user’s data. From January to July of 2015, the US government requested users data from Apple iPhone devices 3,824 times, and Apple gave the data 3,093 times. Followed by Facebook (80%) and Google (78%) yielding user data and information per government request (Wong). However the extent to which the US government uses technology to enhance its own national security and interests surpass requesting data on individuals. The Snowden leaks revealed that the United States used data and intrusive technology to tap a submarine cable and operate signals gathering station out of an overseas embassy. 
The most powerful argument in favor of data localization is the potential national security threat of the United States having access to other nations’s sensitive information. After the Snowden leaks, the United States could no longer deny that it misused internationals data as well as surveilled international leaders. Although it was later found out that Angela Merkel also employed similar tactics against leaders of other countries, data localization at the very least could reduce the comparative advantage of the US and NSA from solely having access to such data. In regards to Russia and China who have broad regulations in regards to data localization, such regulations are a matter of domestic stability. Arthur Waley author of the book, The Opium War Through Chinese Eyes, argues that Chinese government emphasis on domestic stability goes back to the Opium Wars. A number of countries, primarily the United States and the United Kingdom, attempted to decrease their trade deficit with China by selling opium to Chinese citizens (Waley). Similarly, Russia has made clear their distaste for the US’s support of revolutions in the name of democracy that have destabilized countries such as Libya and Ukraine. Acknowledging the findings revealed by the Snowden leaks, China and Russia understand the immense intelligence capabilities of the NSA. They find it within their national interest to decrease the comparative advantage of the US in terms of their intelligence capabilities or ability to electronically surveil domestic and foreign threats (Selby). 
Despite the international pushback on the US’s push for data storage liberalization, technology companies and other stakeholders are not satisfied with the US government’s commitment to simply not introduce data localization regulations. Rather such stakeholders spend immense amounts of resources lobbying and meeting with US trade representatives to frame data localization as a trade issue. Noting the economic and surveillance advantages the US reaps from data hosting, it is not surprising that tech companies and the US goals align for in maintaining low regulation on data as part of their industrial policy. For the next generation of international trade agreements in regards to digital, there needs to be governance and a set of rules for the international community. There will also most likely need to be a distinction between broad and narrow scope to pacify nations with different attitudes towards data localization. 

Policy Prescription – World Trade Organization
The World Trade Organization should create rules and structure regarding the increasingly important issue of data storage and localization. Too many regulations on data storage can decrease the positive effects, global commerce, and innovation that has benefited the global economy. Too few regulations on data storage can result in companies misusing data, data breaches, and surveillance. The WTO already has mechanism in place to govern and enforce data localization laws as it already deals with the international communities issues regarding Intellectual Property and trade monitoring. As the purpose of the WTO is to encourage trade liberalization and accountability of countries, rules should be put into place that benefit both the data operators and the nations who enable data operators to collect and process citizen’s data over borders. 
One of the largest issues for proponents of data localization is who is accountable for the data when breached. Under the WTO, rules can be stipulated that the country in which the data originates from will hold the data operator responsible for security breaches. For example, if Google gets hacked for German user’s sensitive information, then the US Based company would have to comply with the punishments or fines imposed by Germany. This would give nation states leverage to form relationships with data operators encouraging them to store data locally and work together in the case of a cyber-security breach. Under the WTO, it can more easily be enforced and punished.
The WTO’s sanctioning mechanism also enables countries to punish countries’ whose data operators/host violate WTO privacy laws through the Dispute Settlements Board. A country who detects another country is violating their citizen’s data or privacy rights can bring these problems to the board during WTO meetings. When they decided on a verdict, the country at fault will correct its errors and compensate the other country/countries that have a conflict with the way they are acting. At this point, the WTO can stipulate that if the offense is repeated that the nation state that feels their rights have been violated can demand that data be stored locally. 
Having the backing of the WTO is particularly important for getting the international community interests aligned in regards to data and cyber security. The WTO acts as a forum for cooperation and information sharing that can enable countries and companies to learn from the mistakes of each other. Private US Based companies can share information with other less developed countries on the mechanism they use to successfully secure member’s data. Similarly, countries can share investigations, information, and profiles on cyber hackers. The support of the WTO shines a positive light on the interdependence of technology. Countries, especially less developed countries, see the benefits of data liberalization within the framework of WTO regulations that encourage them to share useful data as well as invest in infrastructure to keep their citizens and other nation’s citizens data safe.
In conclusion, after information spread regarding the way in which the US would use data in the Snowden leaks, a number of countries called new requirements for data of their citizens to be stored within their borders. Countries argued that failing to have data localized opened them up to foreign surveillance, potential data breaches, and disabled them from enhancing domestic surveillance. However, the United States criticize such proposal as trade barriers. As seen in the negotiations of NAFTA, it is now part of US foreign policy to fight for the regulations and standards that do not restrict data flow over border. US tech companies dominance in data gives the United States significant comparative advantage both in both domestic economic political interests and surveillance. However as the world become more reliant on data for commerce, communication, trade, and other processes, barriers to the free flow of trade will become extremely costly. In order to galvanize the international community to view the collection of data as an asset and not a liability, the World Trade Organization must govern international data storage and localization laws. In this way, technology that is made better by aggregating users data across borders can benefit all industries, companies, and users.