Javier Lopez-Gonzalez Profile picture
Senior Economist @OECDtrade working on #digitaltrade. Views are my own

May 19, 2021, 14 tweets

Want to know more about the regulatory environment underpinning cross-border data transfers?

Hold on to this digital🧵and follow me down the zettabyte hole!

💻Full paper: oe.cd/il/3FD
📲 Policy note: bit.ly/DataTsPb
1/

#Dataflows underpin most of our economic and social interactions and are the lifeblood of #internationaltrade.

There is no wisdom without knowledge, no knowledge without information, and no information without data.
2/

But the growing patchwork of rules and regulations on cross-border data flows is making it difficult to enforce #privacyprotection and for firms to engage in international trade.
3/

We have a good understanding of the different approaches to cross-border data flows across countries (see oecd-ilibrary.org/docserver/b202…)
4/

But to advance discussions in this difficult area we need to look at the #commonalities in approaches to help us identify the building-blocks for a more #interoperable global infrastructure. This is what our new paper does!
5/

It shows that there is no one, single mechanism to enable the free flow of data with “trust”.

Governments pursue different, or even multiple and complementary, approaches.

These can be grouped into 4 broad categories
6/

1. Unilateral mechanisms

These vary according to whether safeguards require public sector approval before transfer (pre-authorised safeguards), or if they leave discretion to the private sector (open safeguards). Both rely on notions of #adequacy or contracts.
7/

2. Pulilateral arrangements

These create rules or generate consensus around data transfers, largely in the context of #privacyanddataprotection.

Analysis shows that, at the country level, the average degree of overlap in approaches to privacy is high (68%).
8/

3. Trade Agreements

These increasingly incorporate binding data flow provisions (in the context of personal but also non-personal data).

All agreements with binding provisions also require or promote the adoption of domestic privacy and data protection legislation.
9/

4. Other stakeholder and technology driven initiatives

These refer to the use of non-regulatory tools that include ISO standards and technology driven initiatives (technological solutions for technological problems! e.g. #privacyenchancingtechnologies).
10/

There are three key lessons from this work:

💾 There are important #commonalities between instruments (but also within).

👉The dual goals of safeguarding data and enabling its flow across borders is common across all instruments.
11/

💾💾There is growing evidence of #convergence

👉#Tradeagreements increasingly combine data flow provisions with requirements for privacy
👉The principles that underpin domestic privacy and personal data protection have a high degree of overlap.
12/

💾💾💾There is a high degree of complementarity between instruments:

👉Unilateral mechanisms draw from, and contribute to, plurilateral arrangements
👉Trade agreements increasingly reference plurilateral arrangements
13/

Many thanks for following me down this data hole!
14/ end

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling