Things in the digital realm could be set to get significantly more complex amid rising concerns over digital data surveillance, and how information on citizens in different nations can be utilized by government groups.
According to a new report from The Wall Street Journal, a European Union privacy regulator has sent Facebook a preliminary order to suspend data transfers to the US about its EU users. The report suggests that EU officials are concerned about potential surveillance practices by the US Government, and are looking to limit such by restricting the flow of user information, essentially keeping user data within each region, and therefore not accessible by other nations.
The specifics of the perceived threat in this case are not entirely clear, but the move follows the US Government’s decision to ban several Chinese-originated apps from America, including TikTok, due to concerns that they could be used to provide China’s ruling CCP with personal data on US citizens.
How the CCP might use such info is also not known, but the fact that China’s cybersecurity laws dictate that Chinese-owned companies must provide user data to the CCP on request is an element of concern, particularly given the rising tensions between the US and China on several fronts.
America doesn’t have the same laws in place, so digital platforms are not obligated to share user data with the US Government. But according to the EU order, there are still credible concerns around potential data access due to the fact that large swathes of data on EU citizens are indeed stored within the US.
The order comes on the back of a European Court of Justice finding back in July, which ruled that this type of data sharing “exposed Europeans to American government surveillance without actionable rights to challenge it”. That sparked the beginning of investigations into potential new laws restricting the transfer of user info – and while the China/TikTok case has proceeded wholly separate from this ruling, it’s no doubt now having some impact on the decision to push for increased data separation.
And while Facebook is the main focus at this stage, it could end up having a major impact on all digital platforms with a multi-national presence, forcing them to split data storage into various global blocs, based on agreements.
But then again, such a move could also have regional benefits, outside of the noted privacy concerns.
One of the key issues various nations face in managing the impacts of the digital giants on their local economies is ensuring that the platforms pay their fair share, with all the major platforms minimizing their tax obligations where they can by using lower-cost nations to house their local data centers and operations.
For example, the Australian Government is currently looking to make Google and Facebook pay local new publishers for the use of their content in order to re-distribute the wealth being generated by the tech giants to the struggling local news sector. That proposal won’t work, and Facebook and Google have already stated that they’ll stop using local publisher content before they agree to any such terms.
But what if, instead, the Australian Government, or indeed any government, sought to make Google and Facebook build local data centers instead, which would not only ensure that user data is kept within each nation, but would also enable the companies to be taxed under local laws, instead of filtering their revenue through more flexible neighboring regions?
Of course, there is a concern with that approach with respect to industry competition. By implementing regulations that limit international growth based on localized data storage, new players entering the market would find it much harder to scale, as they would not have the same capacity to build local data storage. But regulators could set thresholds on user numbers or revenue before such rules are enacted – if you have more than, say, a million users in each region, you would need to establish a local data center.
That’s not a perfect proposal, and there are various considerations that would need to be factored into this approach. But it could provide a more equitable way to both limit data access and ensure the tech giants are paying their fair share in each region.
One way or another, it seems that we’re going to be looking into considerations like this, with the EU now making moves to force more division of user data, in order to limit exposure. There’s still a long way to go on this, but we could be entering a new age of data sovereignty, with each region taking a more considered approach to the potential impacts of such exposure.
And as we’ve already seen, social media data can be very powerful, and can be used by foreign operators to influence action in other states.
It’s early stages, but this could become a key digital battleground moving forward.
