Governing personal data and trade in digital services

Abstract

AbstractThe regulation of personal data varies widely between countries, with potential effects on digital services. We develop a taxonomy for the regulation of cross‐border personal data transfers and systematically categorize 143 countries in one of the three data models identified, which are an open data model, a conditional model, and a control model. Using a gravity model, we then study if sharing a similar regulatory model between trading partners is associated with trade in digital services. Moreover, we assess if enacting a comprehensive data protection law impacts the relationship between data models and digital services. The open model of data transfers appears to support data flows, regardless of the the presence of a domestic regime for personal data. We find a negative effect on digital services for the conditional model that prescribes conditions that need to be fulfilled to transfer personal data across borders. Interestingly, we find that this negative effect is more than offset by the presence of a comprehensive data protection law. Finally, the control model, which has strict conditions to transfer personal data outside the country, only has a negative and significant effect when a domestic regime for data protection is implemented. The latter is likely to reflect the cost burden of firms to comply with these regulations as the trust channel might not be effective in countries characterized by government surveillance.