WTO trade talks must safeguard privacy, 42 organisations urge

Shopping online concept - Shopping service on The online web. with payment by credit card and offers home delivery. parcel or Paper cartons with a shopping cart logo on a laptop keyboard

In a statement, 42 consumer and digital rights groups underline the importance of trust in the digital economy. This can only happen by placing people’s fundamental rights to data protection and privacy first.

This piece was first published on BEUC’s website, read it here.

Digital trade negotiations at the World Trade Organization – formally known as ‘joint initiative on e-commerce’ – started in 2019 and now comprise more than 80 countries. The negotiations aim to make it easier for consumers and companies to trade online.

A purported objective of some countries is to ensure the transfer of data across international borders (‘cross-border data flows’). In today’s statement, consumer and digital rights groups urge WTO negotiators to seriously consider the implications of these rules on people’s privacy and personal data protection before committing to them in both present and future trade deals.

The signatories understand that some countries want rules for an unhindered free flow of data, effectively prioritising it over people’s rights to privacy and data protection. Such rules exist already in other trade deals – such as the new US-Mexico-Canada agreement. This effectively restricts countries’ ability to regulate data protection and privacy, which would only be allowed under strict conditions in order to avoid ‘obstructing’ data flows.

As a result, people’s fundamental rights to privacy and protection of personal data might not be sufficiently protected. For consumer and digital rights group this is not acceptable: the protection of people’s rights comes first.

Global Statement from 42 organisationsIn this statement, the 42 signatories call upon WTO negotiators to follow our suggested approach for successful negotiations:

If ‘cross-border data flows’ rules are part of the future WTO agreement: To upgrade the existing safeguards, putting people’s data protection and privacy rights first so that the digital economy can thrive and consumers’ trust is regained.

If these conditions cannot be met: To exclude or not to commit to rules on cross-border data flows from the negotiations and final deal. Endorsing other binding international rules – notably Convention 108+ for the Protection of Individuals with Regard to the Processing of Personal Data – will be more balanced. 55 countries have become parties to Convention 108 already.

About TACD’s position

TACD firmly defends the idea that nothing in trade deals should compromise the protection of personal data and privacy afforded by countries’ related laws. We recently reiterated this point in our response to the European Commission’s Trade Policy Review consultation.

TACD, together with its members BEUC and EDRi – co-signatories of this Global Statement –, have welcomed the EU’s proposals for provisions on cross-border data flows and protection of personal data and privacy in trade agreements in the past. These provisions are balanced and are the result of hard work and extensive consultation with stakeholders and other trade partners.

This is not about imposing the EU General Data Protection Regulation (GDPR) on other countries, but about ensuring that all countries can regulate in the public interest to provide consumers with privacy and data protection. That protection can help to foster more trust in the digital economy and trade in general.

Importantly, people in the EU trust that their personal data will be protected by an effective law. The lack of strong privacy and data would be a serious barrier to digital trade for consumers. The GDPR is a trade and trust enabler. This should not be put in jeopardy by international trade negotiations. Personal data is not a tradable good, and the right to privacy is a human right.

Background information

International data transfers are an important feature of the present-day global economy. However, when transferring data cross-borders, data cannot travel alone. It must travel with strong and effective privacy and personal data protections. The world has more than 140 data protection laws. Some, such as the General Data Protection Regulation (GDPR), ensure that citizens’ data is protected when companies decide to transfer it abroad. Laws therefore play an important role in ensuring data flow with privacy. Trade negotiations that cover cross-border data flows can complicate this. All 80 countries that are part of digital trade negotiations should be able to have and enforce high levels of rights protections, so we do not have first, second or third-class privacy protections across the globe.

Further reading