Data is a fundamental source of competitive advantage across almost all companies and industries. It is a quantifiable, insurable asset that has been called the oil of the digital economy. Companies that we perceive one way, are often in fact data companies at heart. Consider Amazon which is actually a data company with an (admittedly massive) retail arm. And data-driven insights are now key market differentiators for everything from home appliances to farm equipment.

Yet for all its de facto status as an international commodity, data is not yet treated like other freely traded goods. In fact, data is essentially being hoarded at the national level in a sort of neo-digital isolationism. Unilateral regulations are springing up – GDPR and more recently Gaia-X in the EU, the Clean Network Initiative in the US, China’s hyper-restrictive cybersecurity regulations, and many other regulatory frameworks enacted by some 100 nations globally.

Why is data treated as a closely-guarded national asset, rather than freely traded like grain? And how should it be handled to facilitate economic progress?

What IS data sovereignty, and why are we talking about it?

Data sovereignty is the idea that data created in one geographic or national entity is the property of that entity, and should be subject to its governance. At face value, this makes sense: sensitive personal healthcare data from the NHS should reside on servers within the UK, and the biometrics of Israeli citizens should be stored in government-operated databases located geographically in Israel.

Similarly, companies like Facebook and Google should be held to account for their long-term international exploitation and mismanagement of reams of personal data. And governments should restrict the way tech giants can exploit PII (personally identifiable information) and aggregated behavioral data for commercial purposes, just like the way governments control how – for example – fossil fuels are mined and exploited.

Yet all data is not equal. How do we draw the line between legitimate international trade in data-based assets, and infringement of sovereign rights over data? What about data that facilitates the digital economy, which is an increasingly large slice of national GDPs? And what about data that can save lives?

Case in point: Covid-19

In the face of the ongoing global Covid-19 crisis, data sovereignty has become literally a matter of life and death.

National approaches to data sharing have played a massive role – for good and bad – throughout the Covid-19 pandemic. In the early days of the outbreak, data coming out of China was limited by that country – a fact that unquestionably facilitated the dissemination of the virus, according to the WHO.

As time went by, international data sharing facilitated more - and more effective - treatments for Covid-19 patients, and ultimately the development of viable vaccines. During the vaccines' ongoing rollout, the willingness of countries to share data about vaccine recipients continues to contribute to scientists’ understanding of both vaccine efficacy and side effects. Ongoing data sharing is facilitating a more effective international response to emerging variants of the Covid-19 virus. And most recently, vaccine developer Moderna and IBM announced their intention to “to explore technologies…that could help support smarter Covid-19 vaccine management” – goals which can only be attained with effective international data sharing.

The golden path: a data WTO

When we accept that data is truly a commodity like any other (despite its intangibility), we can also begin to accept that it should be subject to established rules of international commerce. Just like there are controls in place over international trade of soybeans and aluminum ore, there should be controls around international data transfer that are based on agreed-upon principles.

Even more than we need unilateral protections that limit data transfer, we need common standards that facilitate it. We need a way that data storage and transfer can be coordinated, organized, safeguarded, and overseen. 

Essentially, we need a data WTO.

The World Trade Organization (WTO) is the international organization that defines and enforces the legal grounds of global trade. Its mission is to ensure that “trade flows as smoothly, predictably and freely as possible.” WTO member states, which encompass the vast majority of the world’s developed and emerging economies, commit to uphold the organization’s rules and to submit to its adjudicating authority in the event of dispute.

Applying the principles of the WTO to data would eliminate unnecessary international data silos that choke digital commerce, and stunt economic growth. An agreed-upon set of principles and prescriptive APIs governing – for example, cloud-based data storage, data transfer or data obfuscation - could be easily implemented by cloud vendors. Data centers in various jurisdictions could become airport-like ports of entry and exit for data, with remote oversight provided by a data WTO using blockchain or other independently verifiable technology.

The legitimacy of a degree of data sovereignty is clear - Covid-19 has given us all a visceral lesson in the value of effective and open data sharing. Working together to smooth the global path of data will offer a far more effective engine for economic growth than working individually to hinder it.