Most Favoured Nation: Do Digital Trade Provisions Do Anything?

Digital trade, EVs and trade wars, and who got what right about Brexit

Welcome to the 65th edition of Most Favoured Nation. The full post is for paid subscribers only, but you can sign up for a free trial below. (This is last week’s newsletter, so there will be another one on Friday. What a treat!)

---

You don’t have to be fully bought into the idea of a metaverse (although it does present a wonderful opportunity for me to discuss interesting trade conundrums, for example here, here and here) to acknowledge that more and more international commerce and economic activity is shifting online.

And where economic activity congregates, government intervention follows. Underpinning lots of this activity is data. And the more freely, and cheaply, data can flow around the globe the easier it is for businesses. But as the OECD shows here, government attempts to prevent firms moving data across borders is already on the rise:

Source: OECD, ‘A Preliminary Mapping of Data Localisation Measures’, 2022

So, what’s to be done?

Last week, as part of the day job, my colleague Kathryn Watson and I published a report for the City of London Corporation looking at the impact of digital trade provisions on trade in financial services. Specifically, we ask whether the digital trade provisions in new UK free trade agreements deliver tangible commercial benefits for financial services firms, and if not why not.

The first thing to say is that if you are hoping for the new deal with Australia, Japan, Singapore and New Zealand remove pre-existing barriers and data localisation requirements, you’re going to be disappointed. But that is because (for the most part) none of these countries require financial firms to store data on local computer servers as a condition of market entry anyway.

Rather, the objective of these deals is to lock-in existing levels of liberalisation, making it more difficult for future governments to reduce existing levels of liberalisation. Which given the trend evidenced above is quite a sensible approach.

So the correct question is not whether the deals remove new barriers to digital trade, but rather whether they succeed in locking in the status-quo.

The answer here is … kinda. Or rather they do so long as policymakers and regulators wants them to:

While the UK digital commitments really are best-in-class, particularly the digital economy agreement with Singapore, they still come heavily caveated.

Take the UK-Japan provisions on the localisation of financial data, for example. They are really good, but still contain some wriggle room [bold]:

Article 8.63 Financial information

1. A Party shall not restrict a financial service supplier of the other Party from transferring information, including transfers of data into and out of the former Party’s territory by electronic or other means, where such transfers are relevant for the conduct of the ordinary business of the financial service supplier.

2. Subject to paragraph 3, a Party shall not require, as a condition for conducting business in its territory, a financial service supplier of the other Party to use or locate financial service computing facilities in the former Party’s territory.

3. A Party has the right to require a financial service supplier of the other Party to use or locate financial service computing facilities in the former Party’s territory, where it is not able to ensure access to information that
   is appropriate for the purposes of effective financial regulation and supervision, provided that the following conditions are met:

   (a) to the extent practicable, the Party provides a financial service supplier of the other Party with a reasonable opportunity to remediate any lack of access to information; and

   (b) the Party or its financial regulatory authorities consults the other Party
   or its financial regulatory authorities before imposing any requirements to
   a financial service supplier of the other Party to use or locate financial service computing facilities in the former Party’s territory.

4. Nothing in paragraph 3 shall be construed to grant a Party access to information or to require a financial service supplier of the other Party to use or locate financial service computing facilities in the former Party’s territory, in a manner beyond what is appropriate for the purposes of effective financial regulation and supervision.

5. Nothing in this Article restricts the right of a Party to protect personal data, personal privacy and the confidentiality of individual records and accounts so long as that right is not used to circumvent Sections B to D [commitments on investment, cross- border trade and temporary movement of people] and this Sub-Section.

There are also then the big three exceptions to contend with:

1. National Security. All FTAs, and trade commitments in the context of the WTO, are subject to a national security exception. This largely self-judging exception
   allows countries to breach their treaty commitments to apply “measures that it considers necessary for the fulfilment of its obligations with respect to the maintenance or restoration of international peace or security, or the protection of its own essential security interests” or to “access to any information the disclosure of which it determines to be contrary to its essential security interests”.

   The security exception is increasingly being used illegitimately to justify the introduction of trade restrictive, and discriminatory, data localisation measures. For example, despite USMCA committing parties to not force firms to localise financial data, Mexico has done just that due to alleged national security concerns. Geopolitical events such as Russia’s invasion of Ukraine will increase political pressure to restrict data flows on the basis of national security concerns.

2. Prudential. Mirroring similar provisions in the WTO’s Annex on Financial Services, UK FTAs contain a so-called prudential carve-out. This carve-out allows regulators to breach UK trade commitments in respect of financial services if necessary to ensure financial stability, among other things.

   In practice, the broad nature of the prudential carve-out provides cover for almost any action taken by a financial services regulator, and significantly undermines the binding power of all financial services-related FTA provisions. If a regulator wants to do something an FTA says it should not do – for example force a firm to store its data on local servers – the prudential carve-out provides a route for them to do so. The UK does not explicitly require financial firms to store data locally, but the overlap between its data privacy regime and anti-money laundering and know your customer requirements have a similar effect. Australia – one of the more instinctively liberal countries in respect of cross-border financial data flows – is an instructive example of how regulator unease can create de-facto data localisation requirements with requirements that make it more difficult for financial service operators in Australia to store data on offshore cloud data centres.

3. Public policy. UK FTAs contain provisions allowing both parties to breach their commitments on cross-border data flows so long as the breach serves a legitimate public policy objective. This provision is broad and covers such interventions as those to uphold privacy and data protection, the protection of public health, the defence of public morals and the protection of cultural diversity.

   It is the public policy exception that, for example, enables the UK to retain General Data Protection Regulation (GDPR) and its restrictions on the free-flow of cross-border personal data despite having signed up to a number of agreements and provisions that on first glance are contradictory.

Collectively, the three major exceptions create considerable latitude for countries and their regulators to justify any breach of their commitments in respect of the free flow of financial data. The exceptions are not unique to UK agreements and are borne of a general unwillingness by governments to give up room for manoeuvre. All three exceptions are arguably necessary – no government should be constrained from acting in the event of, for example, being invaded, or during a financial crisis – but their broad application has historically led to abuse. The fact that Australia, the UK, and United States are unwilling to limit the scope of exceptions themselves provides a loophole for genuinely protectionist countries to misuse them.

So yeah … digital provisions kinda lock in existing levels of openness … until government or regulators decide they don’t. Anyhow, for more and this, and some suggestion re: how to improve on existing agreements, do check out the report.

---