When we go online, download an app, buy a sweatshirt, or peruse TikTok, we are taking a leap of faith—acting with agency in an environment without control or certainty. We trust the firms that provide these services will not only provide us with goods and services, but that they will also protect our personal data and do their best to prevent us—their stakeholders—from harm. As political theorist Francis Fukuyama has written: ‘Trust is the expectation… of regular, honest, and cooperative behavior, based on commonly shared norms, on the part of other members of that community’. According to the OECD, ‘trust is also the foundation upon which the legitimacy of public institutions is built and is crucial for maintaining social cohesion’. Trust is essential to democratic capitalist functioning, and in particular to trade, because buyers and sellers don’t know each other. But the same is true for users and providers online.
Yet no one knows how to build or sustain trust in the face of rapid data-driven change. Online ‘trust must be negotiated with others whom users do not see, with faraway enterprises, under circumstances that are not wholly familiar, in a world exploding with information of uncertain provenance’.
Since the onset of the global pandemic, individuals, companies, and governments have become increasingly dependent upon the internet and data-driven services to work, learn, and socialize. These new services helped sustain the global economy and allowed many to connect, work, study, and prosper online through lockdowns. Yet because many of these services are built on the collection, analysis, and monetization of personal data, they also threaten our autonomy, individual rights, and systems of governance. The US National Intelligence Council has issued a stark warning that:
privacy and anonymity may effectively disappear by choice or government mandate, as all aspects of personal and professional lives are tracked by global networks. Moreover, real-time, manufactured, or synthetic media could further distort truth and reality, destabilizing societies at a scale and speed that dwarfs current disinformation challenges.
These concerns about online security are reflected in surveys of users. In 2019, the Pew Foundation found that many people are afraid that their data are used without their consent, and concerned that firms use their clients’ personal data to discriminate and manipulate them. Likewise, CIGI and IPSOS suggested 75 per cent of 25,000 users polled cited Facebook, Twitter, and other social media platforms as contributing to their lack of trust. In the same survey, 78 per cent of respondents were concerned about their online privacy, with over half more concerned than they were a year ago. Similar concerns are seen in data collected by the Oxford Internet Institute in 2020 which showed that for those active online, around half are concerned about disinformation and 71 per cent of internet users are worried about a mixture of online threats, including disinformation, fraud, malware, spyware, and harassment.
Given this situation, in 2019 Prime Minister Shinzo Abe of Japan decided that he could both reinvigorate negotiations over cross-border data flows at the World Trade Organization (WTO) and build trust in policy-makers’ efforts to govern data. Policy-makers have been trying to negotiate such rules since the first e-commerce agreement (Australia/Singapore) in 2003. Abe stated that he wanted the Osaka meeting of the Group of 20 nations (the G-20) ‘to be long remembered as the summit that started world-wide data governance… under the roof of the WTO’. He noted that data-driven services are built on data collected from individuals in one country and often stored or analysed in another. Such cross-border flows underpin both the internet and the global economy. Hence, data free flow with trust meant that countries would allow medical, industrial, and other nonpersonal data to freely flow across borders, but ‘put our personal data and data embodying intellectual property, national security intelligence, and so on, under careful protection’.
However, although Abe argued that certain types of data needed special rules to facilitate trust, he never explained what these rules should look like and how nations might find an internationally accepted approach to such rules. Despite the lack of clarity, other international organizations have underscored the concept that data will not flow freely without trust, including the G-20, the OECD,3,5 the World Economic Forum, and most recently the G-7. Despite this consensus on the need to link free flow and trust, the trade regime is not the only or best venue to discuss this issue. Policy-makers discuss trust and data flows at other venues including the UN and the OECD. But trade agreements are binding and generally disputable. Moreover, digital trade agreements generally include language making the free flow of data a default, with certain exceptions. These agreements also address measures that can distort the free flow of data, such as spam.
This author is deeply ambivalent about this focus on trade agreements as a tool to govern data. First, although data are constantly exchanged between entities in different countries, such exchange is not always accompanied by a transaction and may not be ‘traded’. Moreover, data are multidimensional—they are not just a commercial asset but a public good and a national security problem. Policy-makers have not figured out how to encourage data sharing and the broad use of data to address wicked problems that transcend nations and borders, such as climate change. Finally, much of the data flowing across borders are aggregated and allegedly anonymized personal data. While users may benefit from services built on data, the people who are the sources of those data do not control them. The data are their assets, yet they cannot manage, control, exchange or account for them. Individuals’ data can essentially be weaponized to create malicious cross-border data flows, whether through disinformation, malware, spam, or other means. Nonetheless, trade agreements are vehicles to build trust because they are commitment devices. They build trust by clarifying how and when nations can trade and how and when they can violate trade rules.
Policy-makers are eager to build trust in how they govern data. But the process of negotiating trade agreements (which is secretive) could be problematic to engendering trust. Some believe that trade negotiations allow policymakers to deliver on behalf of special interests such as large digital platforms, rather than the broad public Others argue that because the process is secretive, policy-makers can avoid catering to national special interests. Hence, how policy-makers respond to what their citizens say they need or are concerned about is as important as what (the specific rules) when designing rules and institutions of governance.
This paper focuses on both what policy-makers include in trade agreements and how they include these provisions. I focus on three concerns impeding trust online: internet shutdowns and censorship, disinformation, and ransomware (a form of malware). I will show that these problems are increasingly visible, and trade distorting. Moreover, all three may undermine trust, which could lead consumers and firms to be more cautious in their online operations. Over time, that could reduce market growth for users and providers of data-driven services.
Building Trust in Digital Trade Will Require a Rethink of Trade Policy-Making
To read the full article, click here