Skip to main content

Data Free Flow With Trust

AI technology and big data have transformed our daily lifestyles, work patterns, and communication methods. Today, as digitalization progresses globally, data has emerged as a crucial driver of economic development and a key facilitator of government functions. Data has also left its imprint on the private sector, where business models are increasingly dependent on data collected from products manufactured, distributed, and sold across borders.

Transnational data flow can benefit society through economic and social innovations, but it can also be a defining factor in global security, public order, and geopolitics. For example, Edward Snowden’s exposure of surveillance programs showed us that technological dominance in collecting, storing, and transferring data can be used as arms and shields in international politics. In addition, the Cambridge Analytica incident, where the firm illicitly collected data from Facebook accounts, highlighted how private companies and institutions can influence the politics of a particular country through social networking services and other commercial applications.

As our societies become increasingly dependent on data-driven technologies, there are more concerns about potential access or even control of the data of citizens, businesses, and national authorities by foreign governments or entities. These concerns have spurred laws and regulations on data that require the private sector to secure data domestically and prohibit certain applications. As Europe develops a new data regime centered around the General Data Protection Regulation, which emphasizes protection of privacy and human rights, the United States remains more liberal with its use of data, even with personal data. At the same time, the US has issued a presidential decree on sensitive data, and Congress is currently debating legislation that would prohibit certain types of applications from collecting personal data. Meanwhile, China is trying to create an authoritarian data regime of its own. It seems impossible to converge the data related regulations globally and to create an international data regime, at least in the short term.

Establishing a practical framework to facilitate cooperation on cross-border transfer of data based on common values, even in the midst of the differing ideologies of data and the lack of unified global rules, was, and still remains, essential to sustain global economic activities and growth. The ease of duplication and transfer of digital data across borders increases the risk of unauthorized access and usage, and it can even lead to the theft of data. Traditional regulatory tools, such as treaties and international conventions, are insufficient to deal with these issues, and it has become essential to combine them with digital technologies such as encryption, anonymization, and offline storage. The rapid pace of technological advancement on the part of the perpetrators, however, requires swift reactions with a broad spectrum of stakeholders, including technical experts.

 

Data Free Flow with Trust:

Acknowledging these ideological divides over privacy and human rights, the late Japanese Prime Minister Abe Shinzo first articulated the concept of Data Free Flow with Trust (DFFT) during the 2019 Davos World Economic Forum as a fundamental framework for constructive cooperation on cross-border data flow, and the concept later gained traction and endorsement from leaders at the G20 Summit in Osaka.  Since that Summit in Osaka, the G7 and G20 member states, as well as international organizations such as the Organisation for Economic Co-operation and Development (OECD), have recognized the need for a foundational framework based on constructive cooperation, even as fierce debates on data governance continued. These bodies have supported the concept of the DFFT and tried to operationalize the idea.

The inherent value of DFFT lies in its ability to facilitate continuous discussions on securing the trust necessary for smooth international data flow. DFFT evolved into a key agenda in various international fora, allowing leaders and policymakers to skillfully balance the promotion of cross-border data flow with the protection of privacy, human rights, security, and intellectual property.

There was a clear need for multilateral policy coordination to promote international data governance among like-minded countries. When the Japanese government unveiled DFFT in 2019, there were two major obstacles in developing international data governance. First, there was a lack of cross-sectoral policy coordination on cross-border data flow. The issue of data flow had been handled inconsistently in the realms of trade, privacy, data protection, cybersecurity, and intellectual property. The existing laws and regulations lacked a unified vision for comprehensive data governance and made regulatory and policy consensus-building complex and difficult.

Second, cross-border data flow policy had no precedent in international policy-making. One significant difference is data’s non-competitive nature, which allows unlimited use by countless parties: a single dataset could, for instance, develop software for millions of self-driving cars. Many global companies believe, however, that competitive edge lies in data accumulation and exclusive possession. Corporations hoard data to bolster productivity and economic clout, often barring others from using it. When designing international data governance, incentives to facilitate the cross-border transfer of data must be taken into account. The non-competitive nature of data makes reciprocity principles such as arms export controls and free trade regimes less likely to work.

The outcomes of discussions among the experts need to be turned into national and international rules, regulations, and policies by national governments. Issues related to data are often very sensitive and closely related to the history and national ideology of each nation-state. Through DFFT, ‘trust’ must be established as the basis for such cooperation. Political leaders must acknowledge that data should flow freely across borders with the appropriate guardrails in place.

 

Institutional Arrangement for Partnership:

As the concept of DFFT gained traction, a critical issue remained on how to design a framework that will facilitate future international discussions and operationalize DFFT. To deal with sensitive data issues such as privacy and human rights as well as the rapid evolution of data-driven technologies, we must include technological experts in the debates, in addition to policymakers and regulators. Furthermore, such a forum should not be ad hoc: we need a permanent structure.

In order to address this need, the G7 nations endorsed the establishment of an international mechanism with a permanent secretariat in 2023. The new mechanism, called the Institutional Arrangement for Partnership (IAP), was established as an intergovernmental and multi-stakeholder mechanism under the umbrella of an existing international organization, the OECD.

Existing international regimes, such as those on trade or climate, involve governments of sovereign states, but because technological expertise lies mainly with the private sector and in academia, it is not enough to create a forum of governments alone. In order to reflect this reality, the IAP consists of two important components: the Committee, which is a part of the OECD, and various working groups that involve government officials, experts, and various stakeholders.

Rather than create a single conference with a huge membership, given the cross-sectoral, fast-developing, and technical nature of data issues, we see the importance of having multiple working groups each focusing on a specific topic. In December 2023, the OECD established the DFFT Expert Community under the Digital Policy Committee. The DFFT Expert Community, made up of a group of technological experts and stakeholders in the private sector and academia, is charged with providing policy and technical solutions to address the barriers and issues of cross-border data flow. This past May, the members of the OECD’s Ministerial Council Meeting committed themselves to start discussion on strengthening the relevant committee structure of the OECD to advance its capability in data related issues.

The DFFT Expert Community is expected to invite project proposals to tackle particular data-related issues and invite project participants from various nations and sectors. These working groups could form partnerships with other international and regional organizations appropriate for the topic to create an international network and garner expertise. This working-group-based structure has already led to a number of initiatives. For example, Japan will provide support for collaborative projects with non-OECD countries, especially with the Association of Southeast Asian Nations (ASEAN) member states. I have recently proposed collaboration with the IAP to ASEAN Digital Ministers, and the proposal was met with considerable enthusiasm and support.

The proposed collaboration aims to increase transparency on regulations on cross-border data flows in both ASEAN and OECD countries. The joint initiative will lead to the creation of a common repository with state-of-the-art technology to provide up-to-date information and transparency on national data regulations. The Economic Research Institute for ASEAN and East Asia (ERIA) is expected to lead the project.

The OECD can profit immensely from collaborating with Asia, a center of global economic growth, and we hope to establish a positive precedent for international data governance development.

Sharing data across countries and regions is essential for our future prosperity, and no other organization is working on international data issues among so many countries but the OECD. Working closely with the OECD, Japan is committed to representing the voices of stakeholders in shaping an international data governance. This goal will be one of the top priorities for Japan’s digital strategy.

 

Conclusion:

As I reflect on the work that we, as the international community, have accomplished in the last five years, I notice that the complexity and far-reaching implications of cross-border data flow and international data governance are very significant in shaping the international economy and politics in the 21st century. Technological capabilities in the collection, storage, and transfer of data can be a means of attack and defense in global power games, affecting economic and security dynamics. Governments must therefore work together to address the new realities of challenges and threats posed by digital technologies.

Through DFFT, the Japanese government spearheaded a framework of ‘trust’ as the basis for international cooperation, enabling political leaders to agree that data should flow freely across borders with the proper guardrail in place. The IAP, a new mechanism for international data governance, was launched by the OECD to facilitate the operationalization of DFFT. It will allow for substantive problem-solving by ensuring collaboration between policymakers, stakeholders and experts under the strong leadership of a permanent secretariat.

At the heart of the DFFT and the IAP lies the ethos of “thinking geopolitically and acting technologically.” This perspective is crucial for navigating the complexities of international data governance. Issues such as disinformation and data security remain, and we will work with the IAP and like-minded nations to address these concerns with efficiency and determination.

Author
Honorary Kissenger Fellow, Kono Taro
Publish Date
January 23, 2025
Type
Share
image with no alt attributes