Data is increasingly becoming a valuable resource in the 21st century, greatly affecting how countries and industries build and develop their nations.
In 2019, there were close to 4.13 billion internet users in the world, a marked increase from the same statistic two decades ago. Goods and services move between borders via digital platforms unprecedentedly as digital transformation moves forward.
However, the digital economy is experiencing two divergent trends. Information flows across borders in record volumes, but domestic restrictions on these flows are also increasing. Privacy, security, law enforcement access – among other issues, are significant policy concerns that governments seek to protect. These facts are symptomatic of the government’s inability to regulate the digital economy.
What is data governance in the context of regulatory compliance? In a larger sense, data governance is about governing cross-border data flows by countries, which is more precisely classified as international data governance. This new study area is concerned with the norms, principles, and rules governing various data types.
The discussions surrounding the digital economy and data governance have become abstract and complex. How can data interoperability be achieved to reap the benefits of digital trade to the fullest extent? What global rules or norms should be set up? From this point, countries have the opportunity to recombine the silos between data governance, international cooperation, and economic growth.
This blog offers insights on good domestic practices and tools that can contribute to facilitating cross-border data flows while protecting other goals.
Data governance levers
Data governance trends are essentially transforming the global digital economy, making up more than 16% of the global economy and growing 3.5 times as fast.
Global data governance exists at the national, sub-national, and super-national levels. These cover bilateral, regional, and multilateral trade agreements and laws, regulations, standards, and norms related to data.
These are ways governments, corporations, and other key players in global data governance can technically influence the data flows and storage and how they can exert similar influence on legal and regulatory matters.
Doing efficiently and cost-effectively, distributing data via data localisation can be powerful tool for data governance, enabling control over data – and a share of its value, within national borders.
Countries that are attempting to implement data governance regimes that prevent others from gaining access to specific data hosted on their websites, for example, must take into account how the internet is currently designed to route information globally.
New and updated national data privacy and data localization laws are changing the way that companies do business internationally. The recent enactment of the EU’s General Data Protection Regulation (GDPR) and China’s Cybersecurity Law – two of the most comprehensive packages of privacy regulations – have already had cascading effects on businesses in these markets. And this is just the beginning.
Technical standards, which address technical topics like web traffic security and internet protocol interoperability, play a crucial role. In practice, limitations on free data flow include government power and corporate technical capabilities or its subset of data governance levers.
The governments and firms must use policies, laws, and regulations to influence the internet’s technical aspects, including data flows across internet architecture.
Over one hundred countries have passed data privacy laws that contain some form of data localisation in the last few years – one of the most restrictive and expensive measures. In 2017, U.S. enterprises cited data localisation policies as their most significant hurdle to digital trade – and this type of protectionist measure only looks to be growing.
Nations that restrict cross-border data transfers have many (often overlapping) reasons for doing so. One reason could be to make more sense of security (by assuming that data location is more critical for its security than the way it’s secured).
On the other hand, data restrictions might also be motivated by the government’s desire to impose content-based controls on communications that occur online. One possible driver could be the promotion of domestic digital businesses by safeguarding local citizen data’s value. Governments may also seek to improve their ability to use and access data for law enforcement purposes and other political or social uses by security and intelligence agencies.
Global data governance – emerging methods
There is consensus among experts that the free flow of data is more or less today’s status quo (though it may not last forever). There are filtering mechanisms in place in various parts of the world to filter internet data, and there are also data localisation policies that require data localisation in certain geographies, but most data still flows uninhibited on the global internet because
- Existing barriers do not block all kinds of data or are enacted unevenly
- There are numerous technological obstacles to enforcement, as evidenced by internet censorship workarounds (i.e., Virtual Private Networks) in regions like China and Russia.
In light of that, there are several geolocation-based internet traffic-blocking protocols, data transfer restrictions, and other measures being imposed across borders that are limiting data flows between countries.
With data governance, countries must consider how domestic and/or international levers can complement each other to best manage worldwide data flows.
Please feel free to use our resource page to learn more about countries with data residency regulations.
Here we examine the rapidly changing regulatory environment by cataloguing specific data localisation and data privacy laws by country.
Our Country Map provides the most comprehensive assessment and mapping of data regulations and privacy laws to date. It is a starting point for businesses and others seeking to understand how these evolving governance regimes define our digital world.
Data governance framework – best practices for global companies
Moving to the cloud is all about outsourcing specific tasks to third parties, like infrastructure management, application development, security, etc. Moreover, the cloud involves virtualizing technological resources, which can create challenges for data sovereignty, such as laws and regulations dictating that data must reside in a specific location or country.
That’s where governance comes into play. In the first place, a strategic data governance plan is critical to migrating content to the cloud. It doesn’t matter if an organisation moves to a hybrid or a complete cloud model. The migration process can benefit from the same benefits as the data governance plan and the migration itself will be more efficient and secure.
In the second place, you’ll need to choose your data residency partner. Partnering with InCountry is the quickest and easiest way for companies to meet privacy regulations and unlock new territories for your business.
Why partner with InCountry to solve your global data governance challenges?
- InCountry helps you generate new revenue streams and grow internationally
- You can comply with data residency regulations in more than 90 countries
- InCountry application eliminates the need to coordinate the plethora of international, regional, national, and international regulations affecting data
- Businesses or individuals who utilize your platform can localize data without repeatedly building new applications for them
- Reduce spending on infrastructure and software, and have more time to focus on core customer and product experiences
- We undergo audits and reviews to ensure our services are ready for market changes that could affect your business. Check the list of our compliance certificates here
By leveraging InCountry’s global infrastructure, we securely manage your regulated data.