Cross-Border Data Flows in WTO Law: Moving Towards an Open, Secure and Privacy-Compliant Data Governance Framework
The digitalisation of the economy and the heavy dependence on cross-border data flows raises complex questions regarding the potential role of international trade agreements in data governance and digital regulation. As concerns around cybersecurity protection, privacy and data protection, and online censorship increase, governments across the world are struggling to strike a balance between digital openness/innovation and safeguarding legitimate internet public policy concerns. Consequently, governments increasingly impose restrictions on cross-border data flows such as data localisation laws and stringent compliance requirements in domestic censorship, privacy, and cybersecurity laws. These restrictions directly restrict cross-border flows of services, and thus may violate rules contained in international trade agreements such as the General Agreement on Trade in Services (‘GATS’) of the World Trade Organization (‘WTO’). This interface of international trade rules (such as those contained in WTO treaties) and internet public policy raises complex and interesting questions regarding how international trade law regulates or can regulate cross-border data flows.