Data protection regulations and international data flows: Implications for trade and development

Increasingly, an ever-wider range of economic, political and social activities are moving online, encompassing various ICTs that are having a transformational impact on the way business is conducted, and the way people interact among themselves, as well as with government, enterprises and other stakeholders. This new landscape gives rise to new business models and a wider scope for innovation. At the same time, it facilitates undesirable activities online, including cybercrime.

Against this background, world leaders in 2015 underscored the importance of adopting relevant policy responses to harness the potential of ICTs for all seventeen Sustainable Development Goals (SDGs).

Creating trust online is a fundamental challenge to ensuring that the opportunities emerging in the information economy can be fully leveraged. The handling of data is a central component in this context. In today’s digital world, personal data are the fuel that drives much commercial activity online. However, how this data is used has raised concerns regarding privacy and the security of information.

The present regulatory environment on protection of data is far from ideal. In fact, some countries do not have rules at all. In other cases, the various pieces of legislation introduced are incompatible with each other. Increased reliance on cloud-computing solutions also raise questions about what jurisdictions apply in specific cases. Such lack of clarity creates uncertainty for consumers and businesses, limits the scope for cross-border exchange and stifles growth.

As the global economy shifts further into a connected information space, the relevance of data protection and the need for controlling privacy will further increase. Understanding different approaches to and potential avenues for establishing more compatible legal frameworks at national, regional and multilateral levels is important for facilitating international trade and online commerce. The rules surrounding data protection and cross-border flows of data affect individuals, businesses and governments alike, making it essential to find approaches that address the concerns of all stakeholders in a balanced manner.

This study is a timely contribution to our understanding of how data protection regulations and international data flows affect international trade. It reviews the experience in different parts of the world and of different stakeholders.

The study identifies key concerns that data protection and privacy legislation need to address. It also examines the present patchwork of global, regional and national frameworks to seek common ground and identify areas where different approaches tend to diverge.

The last part of the study considers possible future policy options, taking the concerns of all stakeholders into account.

I would like to acknowledge with appreciation the valuable contributions received from various stakeholders.

I hope that the findings presented will serve as a basis for a much-needed global dialogue aimed at building consensus in a very important policy field.

Taffere Tesfachew
Acting Director, Division on Technology and Logistics
April 2016