Globally, policy makers increasingly hold the mistaken belief that data is more secure and private when it is stored within a country’s domestic borders. The Information Technology & Innovation Foundation’s (ITIF) Senior Analyst, Daniel Castro, today released a report The False Promise of Data Nationalism that challenges this assumption.
Castro illustrates through five different scenarios that the location of servers and service providers, whether domestic or foreign, does not threaten the security of data:
“In regards, to security, while certain laws may impose minimum security standards, the security of data does not depend on where it is stored, only on the measures used to store it securely. In regards to privacy, data owners, whether they are consumers or businesses, can rely on contracts or laws to limit voluntary data disclosures so that data stored abroad receives the same level of protection as data stored domestically.”
Government-mandated data disclosure is the main arena in which location may impact data security and privacy. This should not be addressed through data nationalization, but through international legal standards. Castro argues:
“First countries should not restrict the flow of data beyond their own borders. Doing so does not protect consumers or businesses in any meaningful way from the risk of inadvertent or voluntary disclosures. Second, the United States should engage its trading partners in developing a ‘Geneva Convention on the Status of Data’ that establishes international legal standards for government access to data.”
Today, in a letter to Washington echoing Castro’s recommendations, cosigners AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter and Yahoo urge the revamping of government surveillance practices worldwide. This coalition of leading tech companies has also launched a website detailing their five principles:
- Limiting Governments’ Authority to Collect Users’ Information
- Oversight and Accountability
- Transparency About Government Demands
- Respecting the Free Flow of Information
- Avoiding Conflicts Among Government
As SIIA noted in a recent whitepaper, the seamless flow of data across borders is important to the growth of data-driven innovation and the global economy. Data nationalism, which has become a global defensive response to recent surveillance revelations will do nothing but harm economic outcomes. The threat to the US-EU Safe Harbor Framework from the unsupported assumption of location being pertinent to data security has the potential to drive companies to less secure alternatives of data transfer. Ultimately, government surveillance should not be made the catalyst for the suspension of the Safe Harbor Framework which has the benefit of streamlining the cross border regulatory process between Europe and the U.S. making data transfer more secure.
Sabrina Eyob is the communications and public policy intern at SIIA. She is a recent graduate of Michigan State University, where she studied Comparative Cultures and Politics, and International Relations.