It would be easy to dismiss the Trump administration's campaign against Chinese apps TikTok and WeChat as part of an election strategy to attack China from all angles. The moves, however, as well as China's counter-response, are contributing to a deeper problem at the heart of the global economy — one that can't be resolved unless the world's two biggest economies work together.
Just as oil opened new possibilities for trade in the last century, data has become the lifeblood of trade growth in the 21st century. Trade in digital services, including apps such as TikTok, is booming. Data flows increasingly underpin trade in physical goods, too, supporting complex global value chains and emerging technologies such as blockchain, artificial intelligence and the Internet of Things. The amount of cross-border bandwidth in use increased 148 times between 2005 and 2017, according to consultants McKinsey and Co.
Meanwhile, however, global trade rules have barely changed since the 1990s. In effect, the world is trying to run a 21st-century, cloud-based economy on the equivalent of Windows 95.
In the absence of shared global norms on how data flows should be governed, domestic policymakers everywhere are developing their own "patches" to regulate data and protect national security and their citizens' privacy. The European Union implemented its General Data Protection Regulation (GDPR) in 2018. China has passed a sweeping cyber-security law and, like India, is working on a major data protection law.
If the US has been slower to regulate data, this is partly because it still dominates the industries and network architecture that handle global digital flows. Yet, given rising concerns about China's access to Americans' personal data, the tide of opinion there, too, is turning.
According to the OECD, the number of data regulations has risen from around 50 worldwide in the early 2000s to just under 250 in 2019. The overall degree of data control, as measured by the European Centre for International Political Economy's Digital Trade Restrictiveness Index, has doubled in the past decade.
The patchwork nature of these rules is creating complexity for firms and friction between nations. Just since the start of July, aside from Trump's executive orders against TikTok and WeChat, India has banned 59 Chinese apps, and the European Court of Justice struck down the Privacy Shield mechanism, which US firms such as Facebook Inc. and Twitter Inc. had been using to handle personal data from the EU. Meanwhile, the US is locked in disputes over digital taxation with several European countries.
Different countries naturally have different views, values and capabilities regarding data governance. All should have the right to regulate data as they see fit for purposes of national security. At the same time, the world needs to lay down some common rules for how to manage data, or such conflicts will only proliferate and stifle interoperability, investment and innovation.
Some bilateral and regional agreements have begun to forge such common standards. The e-commerce chapter in the Comprehensive and Progressive Agreement on Trans-Pacific Partnership (CPTPP) allows members to regulate data flows in a rules-based way that minimizes barriers to trade. If China were to join the agreement — an idea gaining traction in Chinese policymaking circles — this would help align the country with next-generation data governance norms and support the aspirations of Chinese technology firms to "go global."
What's really required, though, is a multilateral data governance regime that includes both China and the US The first step is to complete ongoing World Trade Organization negotiations on e-commerce. These talks should aim to set global ground rules and exceptions for data, while upholding the centrality of the WTO system.
Next, the G-20 should build on last year's Osaka Declaration on Digital Economy, which affirmed the need for international policy discussions to maximize the benefits of digitalization. A "Digital 20" (D-20), comprised of the world's 20 largest digital companies, should bring together figures from government, industry, academia and non-governmental organizations to develop a workable, fact-based approach that safeguards national security while providing consumers with trust and privacy, and businesses with clarity and predictability.
The US and China are home to most of these big tech companies. Rather than treating each other's firms as national security threats, leaders in both countries should seek industry consensus and best practices that can be used to establish global standards.
To reassure security hawks on both sides, the world will need clear standards to judge what constitutes secure data management practice. Countries should be encouraged to use international standards as benchmarks for domestic approaches, such as ISO 27000 information security standards.
Rules-based free trade was crucial in helping the global economy recover from the ravages of World War II. We now face the worst global recession since then. It is time to haul our multilateral trade rules into the 21st century and stem the tide of digital protectionism so that data flows can be a source of growth and opportunity, not discord.
Disclaimer: This article first appeared on Bloomberg, and is published by special syndication arrangement