Evolution of data requirements in international trade agreements

Data-related requirements have increased in international trade deals. Senior Policy Advisor Lawrence Kay and Delivery Manager Walter Brown share how trade agreements have evolved over time.

Data flows across the world have increased with the rise in digital services trade over the past few decades. Cisco Systems has estimated that Internet Protocol traffic was 100 gigabytes per second in 2002, and will rise to 150,700 GB per second in 2022; while according to the World Trade Organization, trade in ICT-enabled services grew from USD1,039 billion in 2005 to USD2,368 billion in 2017. International trade agreements have gradually incorporated more data stipulations as a result.

The World Trade Organization (WTO) is responsible for agreements that underpin the global trading system, including the General Agreement on Tariffs and Services (GATS) which has applied since 1995. The GATS was negotiated during the Uruguay round of international trade talks, which was launched in 1996 and also birthed the WTO. The GATS extended rules that had long applied to goods trade such as that countries must give the advantages that they give to one trading partner to other trading partners, to services. There are several stipulations in the GATS that pertain to digital services and cross-border data flows:

• Article XIV allows countries the ability to ‘...[protect] the privacy of individuals in relation to the processing and dissemination of personal data and the protection of confidentiality of individual records and accounts’ as long as doing so is not discriminatory between trading partners or unjustly restricts trade.
• The Annex on Financial Services defines a financial service as including the ‘Provision and transfer of financial information, and financial data processing and related software by suppliers of other financial services.’
• The Annex on Telecommunications includes data transmission as a typical ‘public telecommunications transport service’ that ‘...[involves] the real-time transmission of customer-supplied information between two or more points without any end-to-end change in the form or content of the customer's information.’ The annex also requires that members ‘...ensure that service suppliers of any other member may use public telecommunications transport networks and services for the movement of information within and across borders, including for intra-corporate communications of such service suppliers, and for access to information contained in data bases or otherwise stored in machine-readable form in the territory of any member.’

Data is an intangible asset, so the use of it during international trade also falls under the Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS). TRIPS was also negotiated during the Uruguay round, and was signed in 1994. It has a number of stipulations with regard to data:

• Article 10 on the ‘Computer Programs and Compilations of Data’ states that ‘Compilations of data or other material, whether in machine readable or other form, which by reason of the selection or arrangement of their contents constitute intellectual creations shall be protected as such. Such protection, which shall not extend to the data or material itself, shall be without prejudice to any copyright subsisting in the data or material itself.’
• Section 7 on the 'Protection of Undisclosed information' requires regulatory authorities in a country that have received data from a company for ‘...approving the marketing of pharmaceutical or of agricultural chemical products’ to not release the data in a way that harms the commercial interests of the company.

In addition to the above agreements, the WTO is responsible for other data-relevant agreements. These include the Information Technology Agreement, agreed with the Ministerial Declaration on Trade in Information Technology Products in 1996 and intended to ‘...[expand] world trade in information technology products’, and the Fourth protocol to the General Agreement on Trade in Services – also agreed in 1996. The WTO has an ongoing work programme on e-commerce, which considers telecommunications networks, online marketplaces, fraud, and other data-related issues.

In her paper, The Regulation of Data Flows Through Trade Agreements, Mira Burri of the University of Lucerne reviews the adequacy of the WTO framework for data in international trade. She finds that a lack of progress at the WTO beyond the aforementioned agreements – which remain uncertain with regard to, for example, computer games, and whether they should be considered a good or a service – has led to countries using free trade agreements (FTAs) for quicker adaptation to changes in the use of data and the patterns of digital trade. Burri mentions several FTAs which have sought to do this, such as the following:

• The US–South Korea FTA, in force from 2012, which includes data stipulations such as the non-binding obligation on the parties ‘to refrain from imposing or maintaining unnecessary barriers to electronic information flows across borders.’
• The EU-South Korea FTA, ratified in 2015, in which ‘The Parties agree that the development of electronic commerce must be fully compatible with the international standards of data protection, in order to ensure the confidence of users of electronic commerce.’

The US and the EU have signed trade deals that have gone further on data. The recently ratified United States-Mexico-Canada Agreement (USMCA), for example, has stipulations against requirements that organisations store data on local servers. The EU-Japan Economic Partnership Agreement aspires to the free flow of data, but has postponed provisions that might be necessary for it until three years after the agreement came into force in 2019.

The most advanced treatment of data in a trade deal is now by Chile, New Zealand, and Singapore in their Digital Economy Partnership Agreement (DEPA), signed in early 2020. It includes a clutch of stipulations that show the advancement of data policy in countries such as the United Kingdom, and the need for such changes to be included in trade deals. These include:

• Recognition of “the role of standards, in particular open standards, in facilitating interoperability between digital systems and enhancing value-added products and services”. Open standards are standards that are “made available to the general public, developed or approved and maintained via a collaborative and consensus driven process”. Open standards have been the focus of a number of ODI projects.
• As well as specific advancement of open banking, with article 2.7 on electronic payments encouraging parties“to promote the use of Application Programming Interface (API) and to encourage financial institutions and payment service providers to make available APIs of their financial products, services and transactions to third party players where possible to facilitate greater interoperability and innovation in the electronic payments ecosystem.”
• Article 4.2 on personal information protection, which encourages “adoption of data protection trustmarks by businesses that would help verify conformance to personal data protection standards and best practices.” Again, this is at the forefront of developing best practice in data governance, as explored in the ODI’s work on certification and data institutions.
• Commitments on data innovation in article 9.3, with recognition of the importance of “data sharing mechanisms, such as trusted data sharing frameworks, and open licensing agreements” for innovation. This article is notably forward looking, endeavoring the parties to collaborate on “innovative new proof of concepts for new uses of data, including data sandboxes, to promote data-driven innovation.”
• Specifically committing the parties to endeavor to “...expand access to and use of open data”, that is “digital data that is made available with the technical and legal characteristics necessary for it to be freely used, reused, and redistributed”.
• Encouragement on open data in Digital Economy Partnership Agreement (DEPA) , which is much more explicit than other trade agreements. Article 9.4 on Open Government Data commits the parties to “identifying sectors where open data sets, particularly those with global value, can be used to, among other things, facilitate technology transfer, talent formation and innovation.” It also encourages “fostering the use and develop open data licensing models in the form of standardised public licenses available online”.

Module four of DEPA outlines a cooperative framework within which the parties can develop their regulations with regard to data in ways that accommodate change, respect national preferences, and facilitate trade. For example, the agreement states principles for a ‘robust personal information protection framework’, such as collection limitation, purpose specification, use limitation, individual participation, and accountability; scope for mutual recognition of regulatory outcomes; and the exchange of information to promote the interoperability of the partners’ respective data regulations. Formalising this through international regulatory cooperation that boosts trade in ways that accommodate the demands that arise from the regulation of combinatorial innovation, is the subject of our further blogs.