Abstract
AbstractMeasures restricting data flows outside one's borders, including mandatory data/server localization measures, are not only a barrier to trade, but also largely ineffective in achieving better internet security or trust. Nevertheless, governments deploy such measures, primarily on grounds of cybersecurity and privacy, potentially violating their obligations under the General Agreement on Trade in Services (GATS). In this article, I investigate whether GATS-inconsistent measures may be justified under GATS Art. XIV when aimed at ensuring privacy or cybersecurity, and, if so, whether GATS Art. XIV effectively balances trade and internet policy. As the internet governance framework is complex and somewhat ambiguous, applying GATS Art. XIV to cybersecurity/privacy measures necessitates balancing of trade liberalization principles and domestic internet policy. This exercise can be effective in weeding out data localization measures disguised as privacy/cybersecurity measures, particularly by employing relevant technical and factual evidence. However, given the lack of binding international law/norms on these issues, GATS Art. XIV has a limited role, particularly in cases involving direct conflict between multistakeholder/transnational internet norms and domestic internet policies, or where the measures are founded on contentious standards/benchmarks on privacy/cybersecurity. Ultimately, ensuring free and secure data flows requires a multidimensional policy response, including strengthening linkages between trade law and internet governance.
Publisher
Cambridge University Press (CUP)
Subject
Law,Political Science and International Relations,Economics and Econometrics
Cited by
36 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献