U.S.-Kenya Digital Policy Cooperation Must Protect Policy Space to Regulate Big Tech in Both Countries
Washington, D.C. — Late yesterday, the US Department of Commerce and Kenyan Ministry of Information released a joint statement laying out details of a non-binding partnership to “harness AI, facilitate data flows, and empower digital upskilling.”
In response, Melinda St. Louis, Global Trade Watch director at Public Citizen, issued the following statement:
“While it is well and good for the United States to cooperate with other countries to safeguard consumer data and protect the public from known and potential harms of AI, that cooperation must lead to a race to the top in consumer protections, not the reverse.
“The recent joint statement from the Department of Commerce and Kenyan Ministry of Information recognizes the need to implement robust data protection norms to facilitate cross-border data flows, but fails to account for the absence of any strong federal data protection system in the United States. While we work to establish better privacy and data protection in the U.S., we must ensure that we do not undermine Kenya’s more robust data protection law – which has long been a target of U.S. Big Tech companies.
“The statement’s focus on the Global Cross-Border Privacy Rules (CBPR)-based certification framework also raises serious concerns, as research indicates that the Asia Pacific Economic Cooperation (APEC) Cross-Border Privacy Rules framework, on which the Global CBPR regime is based, does not adequately protect data when transferred abroad. For instance, its largely voluntary certification mechanisms can have prohibitive costs with little obvious impact in terms of enabling the enforcement of privacy rights in a foreign jurisdiction.
“Both the U.S. and Kenya must ensure that regulators in each jurisdiction have the policy space to regulate data and the AI ecosystem in the public interest. Consumer privacy rights must be adequately protected and enforced in both jurisdictions. This makes it imperative for the U.S. to implement robust domestic privacy legislation as soon as possible, and that we ensure that ill-advised “digital trade” provisions that could thwart regulation of cross-border data flows are excluded from any ongoing talks in the U.S.-Kenya Strategic Trade and Investment Partnership (STIP).”