Privacy Needs Protection in a Borderless World
42 Consumer and Privacy Groups Call for Data Protection at the WTO
On Monday, November 16, Public Citizen joined a group of 42 organizations in a statement underlining the importance of privacy and building consumer trust in the digital economy. As negotiators from 80 countries of the World Trade Organization (WTO) try to introduce rules for global digital trade, we urge them to put privacy and data protection first in any present and future digital trade deals.
Digital trade negotiations at the WTO, formally dubbed the ‘Joint Statement Initiative on e-commerce’ (JSI), started in 2019 and now comprise more than 80 countries. These discussions are focused on removing barriers on international data transfers in the name of accelerating global online trade, but we must warn of the risks in a post-Cambridge Analytica world.
These “cross-border” data transfers are an important feature of the present-day global economy, but recent history shows that data cannot be considered a mere commodity. It must be accompanied by strong and effective privacy and personal data protections.
To ensure private and secure conditions for internet users across the globe, we suggest that the JSI’s negotiators take the following approach:
If ‘cross-border data flows’ rules are part of any trade agreement countries should upgrade existing safeguards, putting people’s data protection and privacy rights first so that the digital economy can thrive and consumers’ trust is regained. Doing so would also create new business incentives and enable innovation in privacy-friendly, human-centric technology.
If countries cannot agree to constructive reform, we urge them to exclude rules on cross border data flows, data protection and privacy from the final text of any e-commerce initiative. They should instead adhere to Convention 108+ for the Protection of Individuals with Regard to the Processing of Personal Data—the world’s only binding treaty on data flows and personal data protection to date—to which 55 countries are already parties.
Public Citizen’s Position
Regulations like the General Data Protection Regulation (GDPR) give consumers in the European Union stronger privacy protections while empowering them to keep companies accountable through independent regulatory authorities. The law plays an important role in ensuring data flows respect digital rights, but the open nature of the internet requires trade negotiators to maintain high standards of data protection outside of the European Union.
Public Citizen and a coalition of civil society organizations have called for a closing of the transatlantic data protection and privacy gap, and we’ve developed a Framework for Comprehensive Privacy Protection and Digital Rights in the United States as a roadmap to this goal. From enforcing fair information practices to establishing a data protection agency to promoting privacy innovation outside of Big Tech firms, the policy reforms in this framework would fundamentally improve the rights of US internet users.
As explained in our factsheet on Cross Border Data Flows, Privacy, & Global Inequality, “the web has made our world increasingly borderless, and digital privacy should be a privilege enjoyed by all jurisdictions. Strong, global, and uniform privacy and personal data protection, together with efficient and effective enforcement mechanisms, is the sine qua non requirement for a digital society promoting equality and development.”
The recommendations in this statement are a crucial step towards this digital society, one where everyone is afforded the same level of trust, privacy and security, regardless of nationality or economic circumstance.