As companies place greater and greater value on big data as an essential part of their operations, nations are beginning to look at the information — which runs from home addresses to consumer behavior — as a new national resource.
With this rise, countries are starting to build their own bastions through legislation to hoard the asset. But tech companies argue these types of data fortresses will stifle innovation.
Asian countries have been some of the most active in this movement. Of the eight countries requiring to localize the storage of data collected with their borders, five are in the region.
The latest battleground is in India.
“We are concerned that some provisions in the … bill would hamper the country’s economic growth, constrain the ability of companies operating in the market to innovate,” a group of about 30 companies, including such big names as Microsoft and Siemens, said in a September letter addressing a set of data regulations being considered by parliament.
The framework would require businesses to store data on servers within the country while heavily restricting cross-border transfers. The rules would cover not only personal information, but also some industrial data, leaving businesses alarmed at the prospect of being unable to use their own data freely.
Top Indian officials have called data a new form of national wealth. As governments come to recognize its value, India and a growing number of other countries, many in Asia, are taking steps to hoard it within their own borders.
These include requirements for data localization, or storing data domestically — measures that amount to data protectionism. If taken too far, critics say these risks stalling the free flow of information across national borders and preventing the world from reaping the full benefits of this resource.
Nikkei looked at regulations restricting data flows around the world, based on a study by the European Center for International Political Economy and the US-based Information Technology and Innovation Foundation.
Eight countries have moved to impose localization requirements, of which five are in Asia, including China, Vietnam, and Indonesia. These measures seem intended to curb foreign technology companies and help cultivate domestic industry.
China and Vietnam tightly restrict transfers of not only personal data, but also other sensitive information, such as that related to national security. Critics point to the vagueness of these rules, which puts a heavy burden on businesses trying to comply. Vietnam reportedly accused Facebook of violating its cybersecurity law in January 2019, days after it took effect.
Another 38 countries and regions, including the US and Japan, do not go that far but place other constraints on sending data out of the country, such as requiring the subject’s consent when personal information is involved. The specifics, such as oversight requirements and the types of data covered, differ from country to country, creating an expensive headache for multinational businesses.
An electrical equipment maker in eastern Japan estimated that the additional cost of handling data at its overseas offices would run into the hundreds of thousands of dollars or more, a representative said. The company has six foreign offices across Asia and Europe, with varying rules for data management.
“We couldn’t fully comply” and ended up giving up partway through the process, with full awareness of the risk of fines or other sanctions, the representative said.
The Indian Council for Research on International Economic Relations, a think tank, issued a report last year on the negative effect of excessive regulation on the data economy. The costs of compliance, such as building local servers, squeeze companies’ profits, and the rules present an obstacle to foreign companies seeking to enter the market.
“A 1% decline in cross-border data flows will reduce the volume of trade by USD 696.71 million” for India, the report said.
If countries go too far in trying to contain data within their borders and keep foreign businesses out in the process, it becomes more difficult to bring in data from the rest of the world, which could end up leaving these countries more data-poor than they otherwise would be.
The hoarding of data is symbolic of a broader fracturing of the internet. Noriaki Hirao, founder of Japanese startup Planetway, was struck by the use of the term “splinternet” at the World Economic Forum’s annual meeting in Davos in January.
But Hirao sees this state of affairs as temporary. “The nature of the data economy is that the more data you cross together, the more competitive you become,” he said. “Even countries that try to fence in their data will connect with the outside again as they look for more.”
Jovan Kurbalija, director at DiploFoundation and head of the Geneva Internet Platform, calls for a new framework for international cooperation in the digital age, outlined in a report for the United Nations.
“Humanity created the United Nations in order to safeguard peace, promote human rights, and enable development,” Kurbalija wrote in a blog post on the report. “Today, we are faced with new issues that the drafters and signatories of the UN Charter could have hardly foreseen.”
“In order to address them, humanity needs a digital home — a space where countries, citizens, and companies can work together to tackle policy issues and ensure that technology remains at the service of humanity,” he wrote.
Crafting rules that protect personal information while maximizing the benefits of big data, in a way that countries can agree on, will be one of the main challenges of the digital era.