November 19, 2019

Digital Sovereignty is Re-Defining the Rules of International Business Engagement

Digital Sovereignty is Re-Defining the Rules of International Business Engagement

The internet has long represented the embodiment of globalization and freedom. But today, this is no longer the reality. Across the globe, countries are asserting digital sovereignty by regulating how the internet operates within their respective jurisdictions. The EU’s GDPR – hailed the “the most consequential regulatory development in information policy” – now serves as the model for other countries that are developing or beefing up data protection laws.

data sovereignty

GDPR is hardly the first or the most restrictive regulation, however. China pioneered the concept of digital sovereignty with its Great Firewall. Iran, North Korea, and Russia have since built their own versions of the internet.

The Rise of Digital Nationalism

Splinternet is spreading globally, sparking public debate about freedom of speech, right to privacy, national security, and surveillance states. As internet regulations proliferate, another dimension of splinternet is emerging: the end of international digital trade as we know it.

A recent Wall Street Journal essay examines the rise of digital nationalism and the resulting roadblocks that multinational companies are now starting to see. The article features insights from InCountry CEO Peter Yared, who describes the current state as follows:

“People in compliance, information security and technical operations departments are starting to sweat a little bit right now,” he says. “It hasn’t quite hit business leaders yet that they could face large fines or be ejected out of large markets like India.”

Compliance or Ejection

Data data Residency Laws by country
To learn more, visit our research page

As regulations enter the enforcement stage, businesses––particularly those dealing with data in multiple jurisdictions––will no doubt face the existential threat to be in compliance or be ejected. The need for readiness is more imminent than companies may realize: currently, 45 countries have data residency regulations already in effect. Most likely, a significant number of businesses are still non-compliant with those laws.

That’s largely because regulations aren’t exactly easy to decode, says Peter Yared:

…companies are struggling to understand local requirements, purchase or rent servers, hire staff and deploy new software to comply with a panoply of emerging (and often fluctuating) laws.