Peter Wells, Head of Policy at The Open Data Institute explains how emerging global initiatives will help data-enabled businesses decide where to export or seek investment.
Today’s business environment is increasingly reliant on data. Data can provide vital information to help drive business decisions, and is fast becoming essential to companies, who will all have their own assets, standards, policies and guides about how they collect, use and share it.
For exporting businesses, it is important to be aware of and to understand the differing data infrastructures in each country which could promote or impede trade, affect business decisions or necessitate adapting policies and services to local conditions.
Decisions about where to trade for data-enabled businesses can sometimes be based on factors as relatively straightforward as consumer demand and availability of data to the right standard, but other times it is far more complex and involves an assessment of other dynamics. Good businesses should be aware of how these dynamics will shape them and their services.
Each data infrastructure includes the values of the societies and communities from which they arise, and shapes the services that can be built on it. This, in turn, has an effect on businesses.
Some of our findings about data policy in different geographies are outlined below. We can see that major shifts in data policy in key markets affect the global data infrastructure. Two of these recent developments are China’s digital silk road and the European Union’s recently introduced General Data Protection Regulation (GDPR).
China’s ‘digital silk road,’ announced in 2015, harks back to the original China’s Silk Road – an ancient network of trade routes that connected East and West.
The digital silk road, and other trade agreements, allow China to encourage other countries to adopt its standards. It is part of China’s technology and trade strategies which have helped new tech giants like Baidu, Alibaba and Tencent to grow by creating policy frameworks – such as its cybersecurity framework and new data protection framework – to help drive growth.
China’s digital silk road initiative includes developing telecoms infrastructure to connect countries that have joined the initiative while promoting China’s standards and frameworks internationally, but it is its approach to developing and promoting standards within its own borders that has been criticised internationally, notably by the USA, who have complained that the Chinese government is breaching World Trade Organisation rules by unfairly interfering in standards development to the benefit of its own businesses.
Countries as varied as Thailand, Turkey and Serbia have already subscribed to the digital silk road, and China’s growing population combined with these countries means its potential market is huge. Encouraging countries that subscribe to China’s rules, will make it easier for the road to be travelled in both directions. Chinese tech giants can be expected to leverage the road to help them export services outside of their home country, while businesses looking to travel in the other direction and export to China will also need to abide by its rules.
For some services, there might be no impact, but for others this might include providing access to data for China’s social credit scoring – using those scores in the design of their own services, or enforcing China’s extensive censorship rules which are considered by many organisations to be in breach of human rights. As well as considering the costs and benefits of adapting services to meet China’s market, businesses need to consider potential harms to citizens and communities and weigh up how staff, investors, and existing customers might react.
But China is far from the only nation deliberately trying to strengthen global data infrastructure and align it with its own goals.
In May 2018 the General Data Protection Regulations (GDPR) came into force in Europe. GDPR makes all organisations that process data in the European Union (EU) comply with a common set of regulations that give more rights and control to citizens over data about them. It also gives regulators more power to fine organisations that fail to comply. Both the EU and advocacy groups aligned with the principles of GDPR are encouraging other nations to adopt similar legislation. This will grow the reach of GDPR beyond the EU’s population of 500 million people.
These are the EU’s ‘rules of the road’. As with China, businesses that want to operate in the EU have to abide by their regulations. Recently, some businesses outside of the EU have chosen not to comply with GDPR and withdrawn their service offerings from EU citizens.
The EU’s rules reflect many of the values of the open movement, which brings together governments, private and third sector organisations to create a data infrastructure with a foundation of open data. The Open Data Charter’s principles and the ODI’s strategy articulate the shared values of the movement and the missions of the organisations in it.
Australia and Canada also both include strong proponents of the open movement, like Open North and ODI Nodes in Australia, Ottawa and Toronto. Each country has ongoing debates about data. The Government of Canada has recently launched a consultation looking at data’s impact on the future of work, innovation and trust. Australia has launched an open banking initiative intended to give consumers more control over banking data as a way of creating more competition and new services. Both countries are part of the CPTPP free trade agreement which includes measures to increase the flow of data and trade in services built from it. These data measures are another manifestation of global data infrastructure.
Other global data infrastructure is being built by organisations in the USA. The USA has little national legislation and strategies for data; instead, measures are implemented at the state level or imposed by the market. In practice, this means that technology hubs, such as Silicon Valley, set the rules.
Cloud services platforms like Amazon Web Services, Microsoft Azure, Google and Cloudflare and social media platforms like Facebook and Twitter are a huge part of our global data infrastructure. Some of these organisations are working on their own initiative, the Data Transfer Project, to increase data sharing between them. They are also working to establish rules about what type of businesses and services they allow to use their infrastructure, or not. The degree to which these private companies set their own rules, and the extent of influence of their origin country or other national or global institutions, will be something that will develop over coming years.
Consciously or not, all of these initiatives are building different flavours of data infrastructure. Sometimes these differences arise for local reasons – for example building better consumer services or enforcing desired privacy guidelines – but they also arise to support international trade and other forms of foreign policy. For the informed exporter, learning about the international variations in data policies and keeping up to date with developments will be vital in deciding upon future international growth strategies. One of our projects is currently developing ways to help businesses quickly understand these issues and make better decisions about where to spend their time and money.
If you would like to talk these issues through with us at the ODI, you can reach us at info@theodi.org.
