Sovereignty in the digital world۔۔۔ Dr Sahibzada Ali Mahmud
Talking about sovereignty and data protectionism in the digital world in the context of Pakistan may seem a little out of place since the country does not have data protection and privacy laws though numerous discussions have been held with pertinent stakeholders on the Data Protection Bill.
But Pakistan does have a sprawling digital economy, and the aspects of sovereignty and protectionism can certainly give us certain useful insights to foresee where the digital economy will eventually lead us. Sovereignty is the supreme and independent authority of a nation or state to govern itself and make decisions within its territory without external interference leading to exclusive use of power.
Protectionism is an economic policy or approach that aims to shield domestic industries, businesses and workers from foreign competition or influence. It involves the imposition of trade barriers, such as tariffs, quotas or subsidies, to protect domestic producers from foreign competitors.
Sovereignty preserves national autonomy and decision-making authority, protects national security interests, allows for tailored policies to address domestic needs and values, fosters cultural preservation, and enables self-determination. However, it can lead to isolationism, restrict international cooperation and collaboration, limit the benefits of global interconnectedness, impede progress through barriers to trade and knowledge exchange, and potentially undermine global governance efforts.
Protectionism shields domestic industries from foreign competition, protects jobs and wages, promotes domestic economic growth, supports strategic industries, fosters self-sufficiency, and safeguards national security interests in sensitive sectors.
On the downside, it can result in higher consumer prices, reduced product choices and quality, retaliation from trading partners, hindered innovation and competitiveness, stifled economic efficiency, and lessened opportunities for global cooperation and interdependence.
Digital sovereignty refers to the ability of countries to control their digital infrastructure, data, and digital technologies. It is the idea that countries should have the authority to set rules and regulations for their digital domains and to protect their citizens privacy, security, and economic interests in the digital realm.
Digital protectionism, on the other hand, refers to the use of policies and practices to protect domestic digital industries from foreign competition. This can include measures such as tariffs, quotas, or other barriers to trade in digital goods and services.
A sub-domain of digital sovereignty and protectionism is data sovereignty and protectionism. Data sovereignty aims to maintain control over data generated within a specific jurisdiction to protect privacy, security, and national interests. It emphasizes the right of a nation to govern and regulate data-related activities within its boundaries. Protectionism, however, primarily focuses on shielding domestic industries from foreign competition, often to nurture or safeguard those industries.
Some examples of laws pertaining to data sovereignty include the EUs General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Chinese Cybersecurity Law, and the Brazilian General Data Protection Law (LGPD). The GDPR is considered to be one of the strictest data protection regimes in the world and has influenced the development of data protection laws around the world, some examples being the CCPA, LGPD, Data Protection Act 2018 (DPA 2018) of the United Kingdom, and Personal Data Protection Act (PDPA) of Singapore, among many others.
The Personal Data Protection Bill (PDPB) is Indias proposed data protection legislation. It aims to regulate the processing of personal data within India and establish individuals rights and obligations for organizations handling personal data. The bill draws inspiration from the GDPR in terms of its principles, data subject rights, and accountability requirements. However, it also incorporates some unique elements, such as data localization requirements for certain categories of sensitive personal data.
Pakistans proposed Personal Data Protection Bill intends to regulate the processing of personal data in Pakistan and protect individuals privacy rights. It is expected to incorporate principles and concepts similar to the GDPR, including data subject rights, transparency obligations, and provisions for cross-border data transfers.
The free flow of data across borders enables businesses to reach new markets, expand their customer base and identify growth opportunities. Access to international data allows companies to gain insights into customer preferences, tailor their products and services and innovate to meet the diverse needs of global markets.
However, data sovereignty and data protectionism can potentially hinder the free flow of cross-border data and impact innovation. Some countries enforce data localization requirements, mandating that certain types of data be stored within their borders. This can create barriers to the free flow of data and limit access to global knowledge and expertise, hindering innovation by restricting access to international data resources.
Some examples of such regimes include Chinas data localization measures, Russias data localization law, Vietnams cybersecurity law, South Koreas Personal Information Protection Act, etc. In the case of GDPR and some other data protection laws, data can be allowed to flow across borders, provided that certain adequacy requirements are met by countries involved in data exchange.
Amidst the disruptions taking place in the technology sector and in the competitive digital economy, new markets are created at an increased frequency due to innovative products and services offered by different players in the global ecosystem.
Pakistan needs to closely keep a watch on the possible impact on its digital ecosystem due to the trends of different countries to adopt a digital sovereignty or a digital protectionist regime since that can significantly affect its IT exports on which it is relying and hoping to increase. An example of how a law can have an impact on restricting access of companies of a certain country to a foreign market is the RESTRICT Act of the United States, which is a form of digital protectionism.
The US Restricting Entrance and Strengthening the Requirements on Technology (RESTRICT) Act is a proposed bill that would restrict the ability of Chinese companies to acquire US technology companies that are involved in emerging technologies deemed critical to US national security. Under the proposed legislation, companies from countries deemed to be strategic competitors of the US, such as China, would be barred from acquiring US technology companies involved in 27 areas deemed critical to national security, including artificial intelligence, biotechnology, quantum computing, and semiconductors.
Also, the EU aspires to achieve digital sovereignty within an open and interconnected global landscape. It aims to implement digital policies that empower individuals and businesses, enabling them to embrace a human-centered, sustainable and prosperous digital future. The policy programme Path to the Digital Decade establishes a monitoring and cooperation mechanism to collaboratively work towards the shared goals and targets of Europes digital transformation.
To play an important role in the digital economy, Pakistan therefore, has to ensure that the right kind of policy options are adopted when it comes to taking a decision on how it will deal with cross-border data flows and how it would look at the various digital sovereignty and protectionist regimes around the world in the context of protecting its interest in the global digital ecosystem.
The writer is managing director of the Khyber Pakhtunkhwa Information Technology Board and can be reached at: ali.mahmud@gmail.com
Courtesy The News