Trust in global data flows

The COVID-19 pandemic lockdowns manifested how global data flows are crucial to the world economy. Companies in all sectors and sizes enabled WFH (work-from-home), transitioned, and repositioned their operations to online first or online only. Companies rely on these flows to conduct day-to-day business with all players in their supply chain, innovate their businesses, detect cyberattacks and patterns and effectively compete.

Micro, small and medium enterprises leverage cloud services to reduce barriers in market access allowing them equal footing with larger companies. Recent reports indicate MSMEs in Asia reducing export costs by 82 percent and transaction times by 29 percent.

Data transfers are estimated to add $2.8 to the global gross domestic product — a share that exceeds global trade in goods and is expected to grow to $11 trillion by 2025.

Trust in the cross-border data flow is being eroded by government demands to access data for criminal and national security purposes. Such demands conflict with universal human rights and freedoms including privacy rights or when data transcends borders are conflicted with national laws.

Individuals, businesses, and some government participation are discouraged, thus impacting negatively inclusive and sustainable economic growth. With 60 percent of global GDP digitized by end of 2022, disruptions will lead to reduced GDP gains. In the EU, data flow restrictions have been estimated to cost 79 billion euros per year. Data localization measures on IOT applications and machine-to-machine data lead to a loss of 59-68 percent in productivity resulting in investment losses from 4-5 billion euros and job losses from 182K- 372K. The World Bank, however, says economies would gain an average of 4.5 percent in productivity if restrictive data policies are removed.

The ICC outlines its principles for trusted Government Access to Personal Data, as follows:

1. Appropriate legal basis with meaningful opportunities for stakeholders’ input.

The laws, rules, and international agreements for government access to personal data should be clear, comprehensive, and developed through transparent processes;

2. Legitimate aims of surveillance with safeguards to prohibit unfair treatment
Government access laws should be proportionate to meet defined public safety and national interest one is employed to acquire commercial advantage or data held by foreign governments and the public sector. Safeguards are to be instituted to prohibit unfair and discriminatory treatment. No suppression of dissent or free expression;

3. Requirements for approval commensurate with privacy intrusion
Access must have prior judicial approval;

4. Appropriate protection for handling personal data
Governments must require strict and transparent data minimization, dissemination, and retention limits when seeking access to personal data;

5. Transparency of government demands access
A publication of both government and service provider transparency reports that include stats info on demands and the prior user notice must be sustained;

6. Independent oversight of access authorities;

7. Mechanisms for effective redress;

8. Avoidance and accounting for conflicts law
Agreements should advance frameworks that minimize conflicts of law. Legal bases must include mechanisms to raise conflicts, so providers are not forced to violate one country’s laws to comply with another’s; and

9. Prohibition of excessive costs and burdens placed on providers

Government requests should not impose significant costs or burdens on providers, including data retention obligations unrelated to a business purpose, as additional guidance, providers should not be held liable for complying in good faith with the legal obligations of jurisdictions in which they operate.

The International Chamber of Commerce believes that cooperation between governments and stakeholders, including business and multilateral organizations, is essential to develop interoperable policy frameworks that would allow cross border data flows and enable data to be exchanged and used in a trusted manner.

An initiative to define principles and safeguards for government access to personal data held by the private sector is urgently needed to provide a firm foundation for data-free flow with TRUST.

Leave a Reply

Your email address will not be published. Required fields are marked *