Cross-Border Data Flows: Harmonizing trust through interoperability mechanisms (DCO)

4 Dec 2023 15:00h - 16:30h UTC

official event page

Table of contents

Disclaimer: This is not an official record of the UNCTAD eWeek session. The DiploAI system automatically generates these resources from the audiovisual recording. Resources are presented in their original format, as provided by the AI (e.g. including any spelling mistakes). The accuracy of these resources cannot be guaranteed. The official record of the session can be found on the UNCTAD website.

Full session report

Matis Pellerin

Cross-border data flows are crucial for a B2B data company like Oracle, as its customers rely on technologies to run operations worldwide. The ability to freely transfer data across borders allows Oracle to efficiently serve its global clientele. Cloud technologies play a significant role in improving cybersecurity, and hyper-scalers like Oracle invest billions to secure their shared infrastructure. Enabling a free flow of data is essential for access to new technology, as restrictions can hinder innovation and digital transformation. Trust in technology is key for technology adoption and data sovereignty, which requires common definitions and agreements. Different definitions of sovereignty and data residency among countries can create challenges for regulating cross-border data flows. Data residency, while desirable from a regulatory perspective, can impede the free flow of data and hinder collaboration and innovation. Harmonizing rules and definitions is crucial to efficiently address sovereignty requirements and streamline cross-border data flow processes. Proper data classification is important for effective data management, allowing businesses to allocate resources and prioritize security measures appropriately. Supporting regional agreements promotes economic growth and collaboration, stimulating innovation and development. The free flow of data is necessary for accessing new technologies and facilitating technology adoption, especially in the case of AI reliance. There are two types of business models concerning the use of data: customer data supporting free products or services, and B2B companies keeping data restricted. Encryption plays an increasingly prominent role in data security, protecting sensitive information. Creating security certifications can be costly, and a single cybersecurity scheme, like the EU Cyber Security Scheme, would simplify compliance procedures for businesses. Ensuring UK spelling and grammar is used in the text, correcting any errors, enhances the quality and accuracy of the summary.

Pascal Dutru

Qatar has made significant efforts to recognize the importance of data flows for its digital transformation. This is evident through the implementation of its data protection and privacy law in 2016, which enables the free flow of data to countries providing the same level of protection. Furthermore, Qatar released a Cloud Policy Framework in 2022 that emphasised the need for supporting and developing data flows to harness the benefits of cloud computing.

Cross-border data flow necessities, such as high-quality infrastructure, legal support, and substantial computation power, play a crucial role in facilitating the smooth transfer of data. This is particularly important for technologies like cloud computing and AI, which rely heavily on large amounts of data and computing power. Laws, contracts, and global efforts are all instrumental in creating an environment conducive to efficient data flow.

The FIFA 2022 World Cup in Qatar demonstrated the significant benefits of efficient data flow in enhancing service delivery. During the event, two data lakes were created to gather data from multiple service providers, greatly facilitating transportation and resulting in fluid traffic and seamless entry into stadiums. The successful handling of data flows during the World Cup showcased how effective data management can greatly enhance service delivery.

Qatar’s focus on adopting Cross-Border Privacy Rules (CBPR) further highlights its commitment to achieving a level of data exchange that is conducive to its digital transformation. CBPR provides a flexible and relevant mechanism for managing data flows and ensuring the privacy of individuals’ data. Qatar’s emphasis on CBPR aligns with its goals of enabling smooth and secure data exchanges, supporting its overall digital transformation efforts.

In addition to Qatar’s initiatives, organizations like the Data Coalition (DCO) play a crucial role in addressing data flow issues within member countries. The DCO’s work helps countries understand the importance of harmonising rules and regulations, which in turn facilitates business operations and ensures trust among various stakeholders.

In the context of SMEs transitioning to the digital space, Asian countries are leading the way in providing support. Agreements like the Digital Integration Promotion Act (DIPA) in Asian countries have dedicated chapters promoting assistance to SMEs in their transition to digital. This approach indicates a strong commitment to fostering a supportive environment for SMEs to thrive in the digital landscape.

On the other hand, the European perspective leans more towards regulating big players in the digital market through acts like the Digital Market Act (DMA) and the Digital Service Act (DSA). While these acts set specific competition rules and controls on larger players, they may not provide the same level of support to smaller businesses. This difference in approach highlights a divergence in strategies in promoting digital growth and development.

It is widely recognised that SMEs require support for their digital transition. However, it is important to note that the extended summary did not provide specific supporting facts for this statement.

Notably, the volume of data is growing exponentially, and this growth presents both challenges and opportunities. It is crucial to employ effective data management strategies to harness the potential benefits of this vast amount of data. Furthermore, it is important to ensure that the utilisation of data is inclusive and benefits everyone, as emphasised by the relevance of this issue to SDG 10 (Reduced Inequalities).

In conclusion, Qatar has taken significant steps to recognise the importance of data flows for its digital transformation. The country’s data protection and privacy law, Cloud Policy Framework, and focus on adopting CBPR all demonstrate its commitment to enabling secure and efficient data exchanges. The FIFA 2022 World Cup exemplified the positive impact of efficient data flow on service delivery. Moreover, Asian countries lead in supporting SMEs transitioning to digital, while the European perspective focuses more on regulating big players. Regardless of the approach, it is crucial to provide support for SMEs in their digital transition and ensure that data utilisation benefits everyone and promotes inclusivity.

Audience

During the discussion, the audience raised concerns regarding the economic value of data and the benefits that accrue to data owners. They questioned the extent to which data owners, particularly big tech companies, profit from the large volume of data collected from populous markets such as India. The argument put forth was that while these companies make billions from data, the actual economic benefits are not adequately distributed to those who generate the data.

In response to this, the audience suggested that countries in the global south should have sovereignty over their data. The idea behind this was to ensure that these nations, whose data is frequently used and monetised by companies based in the global north, have more control and are able to directly benefit from the economic wealth generated by their own data. The sentiment surrounding this issue was negative, as it highlighted the existing economic inequalities between different regions of the world.

Trust emerged as a crucial factor in the discussion. The need to build trust between consumers, enterprises, and governments was emphasised by the panellists. They stressed the importance of harmonising rules and fostering systematic trust to ensure the fair and ethical use of data. Furthermore, it was argued that trust is vital for the overall functioning of the digital economy.

One positive aspect identified in the discussion was the role of standards development in building trust. Organisations such as the International Organisation for Standardisation (ISO) were cited as valuable contributors to the establishment of trust. ISO, consisting of national bodies and engaged stakeholders, develops voluntary market-driven standards that can help ensure ethical practices, data protection, and transparency.

The issue of trust also led to the exploration of other mechanisms that can be employed to build trust in the digital landscape. Unfortunately, no supporting facts were provided to further elaborate on this matter, leaving room for future investigation and discussion.

Another noteworthy concern raised during the discussion was the dominance of larger tech companies and its impact on small businesses in the digital economy. AWS, for instance, was highlighted as a market leader in cloud services, controlling a significant portion of the entire market. This poses potential risks to small businesses, which might find themselves undercut or even acquired by these larger companies due to their substantial financial power. Consequently, the need for clear rules and regulations to protect small businesses was emphasised.

In conclusion, the discussion highlighted the economic disparities surrounding data ownership and the necessity for countries in the global south to assert sovereignty over their data. Building trust among consumers, enterprises, and governments was seen as a crucial step towards an equitable and ethical digital economy. The role of organisations such as ISO in developing standards to enforce ethical practices was appreciated. Furthermore, the potential risks faced by small businesses in the face of dominant tech companies were acknowledged, calling for the establishment of clear regulations to protect them.

Hadri Sopri

The analysis of the provided statements reveals important insights into digital trade, data flow restrictions, and the digital economy in the ASEAN region. ASEAN countries are actively working towards creating a favorable environment for digital trade by implementing forward-leaning rules. Furthermore, these countries are taking proactive measures to ensure that both domestic and international businesses can operate advantageously.

The digital economy in ASEAN is predicted to double by 2030, with micro, small, and medium enterprises (MSMEs) playing a crucial role in this growth. MSMEs contribute significantly to employment, accounting for 85%, and to the region’s GDP, contributing 44.8%. Therefore, supporting and empowering MSMEs are essential for socio-economic development in the region.

Startups in ASEAN are utilizing digital technologies to empower small businesses. For instance, Karo and Traveloka, ASEAN-based startups, leverage AI and cloud technologies for optimization and security purposes. Doctor Anywhere, another startup, has successfully scaled up its operations during the COVID-19 pandemic by leveraging cloud technology. Additionally, agri-tech companies like Sirebox and Hara employ digital solutions to improve farmers’ income and market reach. These examples highlight how digital technologies enhance the growth and sustainability of small businesses in the ASEAN digital economy.

It is argued that digital trade agreements should prioritize digital inclusion and operationalize trust. This can be achieved through practical projects between countries, as demonstrated by the Singapore-Australia Digital Economy Agreement. This agreement not only focused on the rules but also showcased the value of data flows through collaborative projects between companies in both countries. One of these projects focused on the security of digital identities, allowing students to open bank accounts in Australia using Singapore-based digital identities. This emphasizes the importance of operationalizing trust in digital trade agreements to ensure the smooth and secure flow of data.

The involvement of the private sector is also crucial in informing the conversation about operationalizing trust. The G7 chairmanship of Japan serves as an example, where the private sector was invited to contribute to discussions on trust in digital trade agreements. By involving the private sector, the conversation can be enriched with diverse perspectives and experiences, leading to more effective and inclusive outcomes.

The tech industry, including major players like Amazon, has the capacity to contribute to skill development as part of digital inclusion. Amazon’s special programs in India, which involve collaboration with higher education institutions, focus on training women students in AI and machine learning. This highlights the potential for tech industry giants to drive skill development and bridge the digital divide by providing training opportunities and resources.

However, tensions can arise between bigger companies and domestic local companies regarding the benefits of digital trade rules. The analysis raises concerns about the growing disparity in benefits and the potential impact on the local economy. This highlights the importance of ensuring that digital trade rules and agreements are inclusive and equitable, benefiting not only bigger companies but also domestic local businesses.

In terms of stakeholder engagement, governments in the ASEAN region are actively broadening the stakeholder base to involve startups and small businesses. This proactive approach is seen as positive and aligns with the goals of industry, innovation, and economic growth. Engaging startups and small businesses in the decision-making process can lead to more inclusive conversations and policies that benefit all stakeholders.

In conclusion, the analysis highlights the proactive approach of ASEAN countries in promoting digital trade, creating a favorable environment for businesses, and stimulating the growth of the digital economy. The involvement of MSMEs and startups, coupled with efforts to operationalize trust and prioritize digital inclusion, are essential for sustainable and inclusive socio-economic development. However, it is crucial to address tensions between bigger companies and domestic local businesses and ensure that digital trade agreements benefit all stakeholders. By involving the private sector and broadening the stakeholder base, ASEAN countries can create a more inclusive and thriving digital economy.

Giulia Ajmone Marsan

In this timely discussion, experts delve into the critical issues surrounding data transfer in the context of digital economies. The session, titled “Cross-Border Data Flows for Sustainable Development, Trade Innovation, and the Role of Global Cooperation,” focuses on the increasing importance of data flows as economic activities shift online.

Representatives from various organizations, including the Economic Research Institute for ASEAN and East Asia and Oracle Corporation, participate in the panel. They shed light on the significance of cross-border data flows in the Asia region, where policymakers prioritize these matters. The participants emphasize the need for data transfer to fuel trade, innovation, and sustainable development.

The first speaker, Michael Kander, Chair of the Board of the Data Sphere Initiative, presents a comparison of cross-country data flows. His presentation reinforces the criticality of international collaboration in enabling smooth cross-border data transfer.

Dr. Frederic Massoudi, Chief Science Officer and Vice President of Clinical Research and Analytics for Ascension, serves as the second speaker. He offers insights into the challenges faced in sharing healthcare data across borders. Dr. Massoudi highlights the unique aspects of clinical data and emphasizes the necessity for tailored protection methods for different data classifications.

Matisse Pellerin, Vice President for Global Government Affairs at Oracle Corporation, discusses the significance of cross-border data flows for a cloud-based company like Oracle. While not accompanied by a PowerPoint presentation, his perspective as a representative of the private sector adds diversity to the panel.

The discussion revolves around the role of governments in promoting trust and eliminating barriers to facilitate data transfer. The participants underscore the importance of governments and other organizations within the data ecosystem in forging agreements and advancing cross-border data flows.

In conclusion, the panelists stress the significance of cross-border data flows for economic growth and sustainable development. They highlight the need for international collaboration, the removal of barriers, and the role of governments in promoting data transfer. This session provides valuable insights into the challenges and opportunities surrounding data transfer in the digital economy.

Frederick Masoudi

The American College of Cardiology (ACC) is playing a crucial role in enhancing global cardiovascular care. They operate the National Cardiovascular Data Registries (NCDR), which is recognised as one of the largest outcomes-based cardiovascular patient data repositories worldwide. The NCDR has actively engaged with over 95 million patients suffering from cardiovascular disease in the United States. This extensive patient database provides valuable insights and outcomes that can contribute to improving cardiovascular care on a global scale.

However, the process of international data collection and sharing in the field of cardiovascular care faces numerous barriers. One of the major obstacles is the presence of ambiguous data laws and regulations in various countries. This lack of clarity often leads to conservative interpretations of the rules, making it necessary to work with each hospital individually rather than establishing a standardised approach.

To overcome these challenges, establishing a clear and consistent data standard is crucial. Having a universally accepted standard would streamline the process of data sharing among different healthcare centres. This is exemplified by the experience of Saudi Arabia, where it took several years to aggregate data from different sources due to the absence of a clear standard. Therefore, the implementation of a consistent standard with consensus around it could greatly facilitate the sharing of healthcare data among communities.

Addressing data flow issues is also essential. The efficient and secure movement of data is crucial for collaboration and exchange of valuable insights. However, it is equally important to protect individual privacy and ensure data security. Achieving a balance between data flow and privacy is a critical step forward in improving global cardiovascular care.

Moreover, building trust within the healthcare community is essential for successful data sharing. Trust not only fosters cooperation but also enables effective collaboration with the government and other stakeholders. The presence of trust encourages healthcare centres to actively participate in data sharing initiatives, leading to more comprehensive and accurate insights.

In terms of data management, it is not cost-effective to separately domicile data in individual countries and build specific structures within each country. This fragmentation hinders data sharing and collaboration efforts. Therefore, developing a global quality solution that incorporates contributions from local, regional, and global clinical data repositories can enhance data aggregation, anonymisation, and analysis. This aggregated dataset can provide more opportunities for analysis and generate greater insights compared to a federated model.

An additional benefit of promoting data sharing and adoption of successful health improvement models is the potential for driving economic growth. Good health is fundamental to economic development, and adopting effective health improvement models can positively impact both healthcare outcomes and economic productivity.

In conclusion, the American College of Cardiology, through initiatives such as the National Cardiovascular Data Registries, is at the forefront of improving global cardiovascular care. However, there are significant barriers in international data collection and sharing that need to be addressed. Clear and consistent data standards, addressing data flow issues while maintaining individual privacy, and building trust within the healthcare community are crucial steps towards overcoming these challenges. By promoting data sharing and adopting successful health improvement models, both the quality of cardiovascular care and economic growth can be substantially enhanced.

Ahmad Bhinder

The Digital Cooperation Organization (DCO) is an intergovernmental body based in Riyadh, Saudi Arabia, with 15 member states across the Middle East, Africa, Asia, Europe, and South Asia. The DCO aims to promote the digital economy and utilize technology to create equal opportunities for all nations, regardless of their borders or boundaries. They recognize the importance of cross-border data flows, which play a pivotal role in fostering innovation, empowering economies, and shaping societies. The movement of data across borders is seen as essential for compatibility and enhancing international trade.

To support the free flow of data, the DCO advocates for the interoperability of data governance regulations. They have conducted studies exploring data governance regulations across member states, with the aim of finding ways to make these regulations interoperable and enable the free flow of data with trust. They also emphasize the economic value of data sharing, particularly in sectors such as health. The DCO believes that sharing data can unlock its economic potential and contribute to advancements in the health sector.

One of the key arguments put forward by the DCO is the need for data free flow with trust. They propose a model for data to flow across borders, which involves agreeing on common principles and data classification schemes. Activation of these mechanisms through trade agreements is seen as a way to facilitate the free flow of data while maintaining trust and privacy.

The DCO also recognizes the concerns of member states regarding privacy. They understand the need for member states to have a say in how their citizens’ data is treated globally. The DCO aims to find a balance between enabling the free flow of data and ensuring a level of trust and privacy.

In conclusion, the Digital Cooperation Organization is dedicated to promoting the digital economy and leveraging technology to create equal opportunities. They emphasize the importance of cross-border data flows, the interoperability of data governance regulations, and the economic value of data sharing. They support data free flow with trust and are planning to set the basis for interoperability mechanisms. The DCO is actively considering multilateral or bilateral agreements to enhance cross-border data flows. They also understand the importance of addressing member states’ concerns regarding privacy while enabling the free flow of data.

Michael Kende

The Data Sphere Initiative is a non-profit organisation dedicated to finding a balance between data openness and protection in order to foster innovation. They are actively working on two major initiatives: Sandboxes for data and the Data Sphere Governance Atlas.

Sandboxes are platforms that allow for experimentation on data handling within a controlled environment to minimise risks and promote innovation. These sandboxes can be either operational or regulatory, providing guidance and dialogue on how data is handled while exploring new technologies. The initiative strongly supports the use of sandboxes for cross-border data management, recognising their potential to facilitate collaboration and knowledge sharing.

International cooperation is crucial for effective cross-border data flows. A report by the United Nations Conference on Trade and Development (UNCTAD) reveals that 29% of countries do not have data protection and privacy regulations, which creates hesitation in sharing data. The Data Sphere Initiative emphasises the need for collaboration and alignment of policies to ensure the secure and responsible flow of data across borders.

Countries also need to find a balance between their national rights and international data flows. Different regions have varying approaches to data governance. For instance, the United States gives control of data to the private sector, while Europe places individual rights over their data. This diversity in perspectives has led to the concept of data localisation, driven by concerns over security and privacy. However, data localisation can reduce the benefits obtained from data. The Data Sphere Initiative suggests the possibility of using cross-border sandboxes and new technologies that could allow access to data without breaching privacy, thus finding a middle ground.

Creating trust in data privacy across borders requires a combined effort from companies, governments, and the tech community. Trust has historically been established in industries such as banking and automotive through regulations, third-party testing, and competition. The use of end-to-end encryption in messaging apps and the announcement of data breaches for transparency and prevention of reputational risks are some examples of the measures taken to instil trust in data privacy.

Regulation is necessary for instilling trust in data privacy. The government’s role in shaping safety standards in the automotive industry has increased trust in that sector. Companies that actively promote end-to-end encryption indicate that trust can be ensured by assuring the implementation of safety measures. The Data Sphere Initiative recognises the importance of regulations in creating a framework for data protection.

Cross-border data and data flows are fundamental to globalisation. The internet and data have played a significant role in connecting people and businesses across the globe. It is hard to imagine the level of globalisation achieved before the advent of the internet.

Moreover, data flows have proven to be essential during the pandemic. They have allowed us to stay connected, communicate with people, entertain ourselves, and kept businesses operational as much as possible. It is impossible to imagine how we would have managed the crisis without data flows.

Governments play a crucial role in finding ways to share data safely. It is important for them to be comfortable with exploring data collaboration and finding mechanisms to protect data privacy and security.

Finally, the Data Sphere Initiative believes that data should not only be supplied from one country to another or to companies. Instead, it suggests that data should be kept in place and made available to those generating the raw data. This approach ensures that the benefits derived from data generation are shared more equitably.

In conclusion, the Data Sphere Initiative is actively working towards striking a balance between data openness and protection to foster innovation. Their initiatives, such as sandboxes for data and the Data Sphere Governance Atlas, aim to create frameworks and promote cooperation for the responsible flow of data across borders. International collaboration, trust-building efforts, and effective regulations are key to ensuring the secure and equitable use of data in an increasingly interconnected world.

AB

Ahmad Bhinder

Speech speed

159 words per minute

Speech length

2723 words

Speech time

1028 secs

A

Audience

Speech speed

181 words per minute

Speech length

561 words

Speech time

186 secs

FM

Frederick Masoudi

Speech speed

162 words per minute

Speech length

1608 words

Speech time

595 secs

GA

Giulia Ajmone Marsan

Speech speed

204 words per minute

Speech length

1128 words

Speech time

332 secs

HS

Hadri Sopri

Speech speed

204 words per minute

Speech length

2170 words

Speech time

637 secs

MP

Matis Pellerin

Speech speed

168 words per minute

Speech length

2121 words

Speech time

756 secs

MK

Michael Kende

Speech speed

173 words per minute

Speech length

3022 words

Speech time

1048 secs

PD

Pascal Dutru

Speech speed

137 words per minute

Speech length

1527 words

Speech time

670 secs