Opening markets and removing barriers to trade are touted by many in Washington, DC and well beyond as a cornerstone of economic expansion. In the information age, ensuring the free flow of data across borders, and not simply goods and services, is increasingly important. But just as problems can arise with differing foreign laws on tobacco, chewing gum or automobiles, so can they present obstacles to the transfer and handling of certain types of data.
The US is currently negotiating an ambitious agreement to enhance trade and investment with eight other nations (Australia, Brunei Darussalam, Chile, Malaysia, New Zealand, Peru, Singapore, and Vietnam), and more waiting in the wings (Japan, Canada, Mexico) called the Trans-Pacific Partnership (TPP). Last summer, the US announced it had tabled an unprecedented proposal in a chapter on e-commerce in the TPP: binding, enforceable language obligating TPP countries not to block the cross-border transfer of data over the Internet, as well as a binding obligation that a TPP country cannot require a company to locate its data servers in its territory as a condition of doing business there. Other provisions in the e-commerce chapter according to the Office of the US Trade Representative (USTR), which has yet to publicly release the legal text, address customs duties in the digital environment, authentication of electronic transactions, consumer protection, and treatment of digital products.
The “data flow” provision is important to US social media and internet companies whose services have sometimes been blocked or censored abroad for competitive, political, or other reasons. Of course data, however defined, is a broad term, and it “flows” in both directions – out of the US and into other TPP countries and vice-versa. Thus, this provision also has significant implications due to differing national information privacy and data security regimes. In particular, recent accounts indicate that Australia and New Zealand are concerned about the TPP proposal due to potential conflicts with their laws. Early this month during Australia’s “Privacy Awareness Week” the government announced it plans to amend its Privacy Act of 1988 this year in several respects, including tightening requirements for sending personal information beyond its borders. The obvious concern, reportedly shared by New Zealand, is whether data transmitted to another TPP country would be subject to laws such as the PATRIOT Act in the US that could breach the privacy of its citizens. As has been described elsewhere in this blog, the Obama Administration is urging Congress to enact a data privacy bill of rights, prompting the question whether such rights would extend beyond US borders? It’s a sticky wicket, no doubt.
Companies affected by these issues need to closely follow the ongoing negotiations and consult with the USTR in Washington, DC or during negotiating rounds, the next of which is slated for July 2-10 in San Diego. Details of trade agreements aren’t generally made publicly available until the entire pact is fully negotiated and more or less agreed to, though some portions of the TPP were leaked last year.