Many Americans likely approved of Facebook founder Mark Zuckerberg’s motto: “Move fast and break things.” Zuckerberg was trying to encourage companies and individuals to adopt innovation. However, in the US, disruption spread to the realm of public policy. In 2016, more than 62 million Americans voted for a President who was determined to break the Western alliance, accountable capitalism and democracy. On January 6, 2021, with the siege of the US Capitol, the world saw the direct and indirect effects of a man and a party willing to move fast and break democracy and global political stability. While we may be slow learners, this lesson will likely push America and Europe closer together. We have been reminded that our democracy is fragile, and we need our allies to help protect it.
Throughout all this disruption, our allies have stood by and encouraged a return to normalcy, e.g. competition and collaboration. As Vice President of the European Commission Margrethe Vestager noted, “We see a lot of similarities in our approach when it comes to technology, when it comes to security, when it comes to open democracy.”1 But while we may share many norms and objectives, the US and the EU do not share approaches to data governance. Some have even argued that the US, EU and China are creating separate data realms. I argue that we must collaborate on strategies to govern data and cross-border data flows because data is the most collected, analyzed, shared and traded good or service around the world. Data is ubiquitous.
Although mankind has created and analyzed data since humans first walked the earth, there are several reasons why data is difficult to govern. First, data is different. It is not one thing; it can be a good, a service or both simultaneously. There are many different types of data that are governed by different rules at the national and international levels (e.g. personal, public and proprietary). Economists generally agree that many types of data are public goods, which governments should provide and regulate effectively. Furthermore, when states restrict the free flow of data, they reduce access to information, which, in turn, can diminish domestic and global economic growth, productivity and innovation. Secondly, it is also difficult to govern data because data from one country can be stored in another country, raising questions of jurisdiction. As a result, if policymakers want to ensure that data governance rules are effective, they must be interoperable with those of other nations and built on internationally developed and trusted norms.
Furthermore, data governance is an essential component of good governance in the twenty-first century and will have important effects on economic as well as human rights outcomes, such as freedom of speech, access to information and privacy. As data-driven technologies become more widespread, the governance of data becomes more important. Hence, the failure to effectively govern data could undermine trust in government, democratic values and the Internet as a whole.
However, some nations in the developing world are not home to data-driven firms. In fact, two countries have much of the world’s data and data prowess. In 2019, UNCTAD reported that US and Chinese firms collectively hold 75% of all patents related to blockchain technologies, 75% of cloud capacity and 90% of the market capitalization value of the world’s 70 largest digital platforms. In contrast, Europe’s share of the value of these platforms is 4% and Africa and Latin America’s together is only 1%. Developing countries could be at risk of becoming providers of raw data to global digital platforms while having to pay such platforms for the digital services produced from their data.
Without such firms, policymakers are less able to develop a feedback loop between these firms, regulators and consumers. In addition, without expertise to analyze data about the economy, firms in developing countries will be less well positioned to trade traditional goods such as commodities or crops. But the truth is no one really knows how to effectively govern the different types of data. Data governance is a work in progress. With this in mind, the US and EU should:
Clarify their digital trade objectives. Digital trade/e-commerce agreements should be designed to enable more people to participate and benefit from data-driven growth and set clear rules to govern digital trade to facilitate trust and predictability among market actors. The WTO negotiations have stalled because countries have not found common ground on norms, definitions and strategies. Developing countries have argued that they need support to develop data-driven sectors, and some have even argued for infant-industry protection. Hence, the US and the EU should issue a clear statement delineating their shared vision of how and when personal, public and proprietary data can flow freely among other nations. They should also clarify the rules and exceptions to the rules in trade agreements so that nations do not restrict cross-border data flows more frequently or broadly than necessary, especially in the name of national or cyber security. The US and EU should also provide clarity on what types of practices should be banned because they are trade distorting. For example, many Western countries believe that censorship, filtering or internet shutdowns are trade barriers. Yet these are not mentioned in relative trade agreements. If the US and the EU cannot agree on the data flow among nations, a WTO agreement on data is unlikely to move forward.
Announce their intent to join the Digital Economy Partnership Agreement (DEPA) among New Zealand, Chile and Singapore. DEPA is a model for how trade agreements can facilitate growth in countries with different levels of digital prowess. It encourages shared digital development and includes modules focusing on trust, provisions designed to promote data sharing between the public and private sectors, and provisions designed to encourage regulatory innovation in recognition of rapidly changing data-driven sectors. Yet DEPA too falls short; it does not include language governing data sharing in both directions: from public to private and private to public. Moreover, like most trade agreements, it simply states that “each Party shall adopt or maintain a legal framework that provides for the protection of the personal information.” In short, it establishes a floor, but does little to build interoperability and shared approaches to data governance.
Spread the wealth, as two of the leading beneficiaries of data-driven change. They should fund development organizations such as the World Bank and UNCTAD to train citizens as well as officials in data governance and prepare countries for the panoply of ethical, social, economic and political issues that regulators must address when discussing new data-driven services such as AI.
Use corporate governance rules to bolster data protection. US and EU regulators should ask all publicly traded companies to disclose how they acquire and utilize personal data and divulge to which firms they sell these data. Such mandated transparency would accomplish two things: make the market for data less opaque and incentivize firms to do more to protect personal data.
Build understanding and trust of data governance strategies through dialogue and making sure they hear citizens’ concerns about how data is collected, anonymized and monetized by firms and government entities. They should discuss how various types of data should be governed, what kinds of data should and should not be shared, how data can move from one platform to another, how data can flow to other countries and how various types of data can be combined and utilized by private firms or governments. The two trade giants should also crowdsource new ideas for data governance through a shared data governance portal. In so doing, they will be truly building a partnership on data governance.
