Cover Image

International Data Flows and Privacy : The Conflict and its Resolution

The free flow of data across borders underpins today's globalized economy. But the flow of personal data outside the jurisdiction of national regulators also raises concerns about the protection of privacy. Addressing these legitimate concerns...

Full description

Bibliographic Details
Main Authors: Mattoo, Aaditya, Meltzer, Joshua P.
Language:English
Published: World Bank, Washington, DC 2018
Subjects:
PRIVACY
DATA PROTECTION
GLOBALIZATION
TRADE
WTO
WORLD TRADE ORGANIZATION
REGULATORY COOPERATION
HARMONIZATION
TRADE AGREEMENT
Online Access:http://documents.worldbank.org/curated/en/751621525705087132/International-data-flows-and-privacy-the-conflict-and-its-resolution
http://hdl.handle.net/10986/29837
Description
Summary:The free flow of data across borders underpins today's globalized economy. But the flow of personal data outside the jurisdiction of national regulators also raises concerns about the protection of privacy. Addressing these legitimate concerns without undermining international integration is a challenge. This paper describes and assesses three types of responses to this challenge: unilateral development of national or regional regulation, such as the European Union's Data Protection Directive and forthcoming General Data Protection Regulation; international negotiation of trade disciplines, most recently in the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP); and international cooperation involving regulators, most significantly in the EU-U.S. Privacy Shield Agreement. The paper argues that unilateral restrictions on data flows are costly and can hurt exports, especially of data-processing and other data-based services; international trade rules that limit only the importers' freedom to regulate cannot address the challenge posed by privacy; and regulatory cooperation that aims at harmonization and mutual recognition is not likely to succeed, given the desirable divergence in national privacy regulation. The way forward is to design trade rules (as the CPTPP seeks to do) that reflect the bargain central to successful international cooperation (as in the EU-US Privacy Shield): regulators in data destination countries would assume legal obligations to protect the privacy of foreign citizens in return for obligations on data source countries not to restrict the flow of data. Existing multilateral rules can help ensure that any such arrangements do not discriminate against and are open to participation by other countries.

Similar Items