Data permeate all aspects of modern economies and societies. As a result of decades of digitalisation, data in digital form are constantly created, gathered and shared across the globe to support core societal functions. Digitalisation brings together two interrelated processes: digitisation, the transformation of analogue information into digital form, and datafication, the application of quantitative and other analytics to data.
The digitisation of everything and the unprecedented expansion of datafication have led jurisdictions to produce and utilise ever expanding amounts of data, setting the stage for a new economy – a fourth industrial revolution. Through this revolution, data have transformed into a strategic asset interlocking individuals, private actors and public entities in global networks, supporting traditional economic activities and giving rise to a new economic ecosystem – the data economy – where digital information is sourced, analysed, aggregated and exchanged.
Over the past three decades, transnational data governance has been dominated by a techno-libertarian ethos reflected in free movement of data across decentralised infrastructure – the internet. Without an international legal framework governing data, domestic policy-makers are developing different systems of rules and processes to extend their jurisdictional control over the digital world, domestically and transnationally. Legal and regulatory frameworks are being developed to define rights and obligations for data holders and consumers; competition policies have been triggered to curb data abuse by dominant incumbent firms; new rules to assert control over internal and external data flows and related infrastructure are being enacted.
Crucially, as these data governance frameworks develop and expand their reach across policy domains, they create new fault lines for geopolitical tensions and strategic competition, with digital innovation, competitiveness and cybersecurity as priorities. At the heart of these initiatives lies the urge for state actors to assert their sovereignty over data. The result is the emergence of a global data governance framework that is transnational in nature and increasingly fragmented by the designs of the major competing economies.
In The Transnational Data Governance Problem, a forthcoming paper in the Berkeley Technology Law Journal, we advance a twofold argument to explain this issue.
First, fragmentation is stemming from the emergence of distinct data governance styles in the three largest economies. The basis for the divergent data governance regimes of the US, European Union and China is a combination of differing regulatory styles in each and a range of new strategic initiatives to extend sovereignty over data and networks.
Second, emerging data governance regimes are on a collision course that is already altering the international digital landscape and is poised to compromise globalisation and the global data economy. Efforts to assert sovereignty over global data and networks resulting in expansionary influences are well depicted by the Brussels and Beijing effects. The consequence is a conflictual dynamic that is tugging at the pillars of the shared decentralised, interconnected and permissionless internet, with the potential to splinter the very foundation of the data-enabled global economy. The extraterritorial application of domestic rules epitomises this dynamic.
As governance styles develop and jurisdictions extend their sovereignty into the digital domain, previously permissionless international data flows become fractured. As data governance styles harden into competing, non-interoperable transnational data governance regimes, national interests clash and international coordination becomes even more difficult. This conundrum creates a wicked problem, as reaching an agreed solution is arduous if not impossible.
While there is no single solution to the problem of transnational data governance, there are three possible approaches that discretely or combined could be implemented to address different critical aspects. The first approach, by assimilating data to a natural resource, indicates that data present issues similar to those posed by water rights management, where the lack of an international framework leads to the proliferation of bilateral arrangements (on a case-by-case basis) to resolve jurisdictional conflicts. Similarly, bilateral arrangements can be established to ensure data flow between jurisdictions. Yet, as is the case for water, granting a special legal status for data under international law would facilitate coordination.
The second approach is a regulatory coalition model built on regional or sectoral governance regimes. This approach would build on a shared technological infrastructure, managed by an independent entity, where each jurisdiction decides which channels for data flows are opened and for what purpose. For instance, jurisdictions could maintain existing restrictions on the circulation of personal data, while allowing a free transnational flow for trade and financial purposes.
The third approach entails a multilateral arrangement for transnational data governance. This solution could entail the establishment of a new digital Bretton Woods system to coordinate, oversee data-related negotiations and drive legal and regulatory harmonisation of data governance. A digital stability board, similar to the Financial Stability Board, with the power to set legal and regulatory standards and coordinate the development of policies, principles and standards related to data governance could be a way forward.
A combination of approaches is the most likely outcome, with the best case being the creation of a digital stability board to address issues of greatest common concern, particularly cybersecurity and criminal activities.
Douglas Arner is the Kerry Holdings Professor in Law, Giuliano Castellano is Associate Professor and Eriks Selga is a PhD Candidate at the University of Hong Kong.