Confronting Data Inequality

Control over data conveys significant social, economic, and political power. Unequal control over data—a pervasive form of digital inequality—is a problem for economic development, human agency, and collective self-determination that needs to be addressed. This Article takes steps in this direction by analyzing the extent to which law facilitates unequal control over data and by suggesting ways in which legal interventions could lead to more equal control over data. We use the term "data inequality" to capture unequal control over data-not only in terms of having or not having data, but also in terms of having or not having the ''power to datafy" (i.e., deciding what becomes or does not become data). We argue that data inequality is a function of unequal control over the infrastructures that generate, shape, process, store, transfer, and use data. Existing law often regulates data as an object to be transferred, protected, shared, and exploited and is not always attuned to the salience of infrastructural control over data. While there are no easy solutions to the variegated causes and consequences of data inequality, we suggest that retaining flexibility to experiment with different approaches; reclaiming infrastructural control; systematically demanding enhanced transparency; pooling data and bargaining power; and developing differentiated and conditional access to data mechanisms may help in confronting data inequality more effectively going forward.

Published in Columbia Journal of Transnational Law, Volume 60, Issue 3 (2022), pp. 829-956. The paper was initially written as a background paper for the World Development Report 2021: Data for Better Lives. It draws on ideas developed in Guarini Global Law & Tech’s Global Data Law project.

Designing International Economic Data Law

This contribution to the Proceedings of the Annual Meeting of the American Society of International Law (ASIL) reflects on discussions at ASIL’s virtual annual meeting in 2021, where the author chaired a panel titled “The Rise of Restrictions on Data Flows and Digital Technologies: National, Security, Human Rights, or Geo-Economics?”. Transnational access, transfer, and use of data have increasingly become focal points during negotiations for “comprehensive” trade and investment agreements. While these efforts are often presented and discussed as negotiations about “electronic commerce” and “digital trade” that will “modernize” the acquis of international economic law, we are arguably witnessing the design of new international economic data law that is conceptually distinct from conventional international trade and investment law. The design of this new international economic data law reflects a complex political economy.

The Beijing Effect: China's 'Digital Silk Road' as Transnational Data Governance

China shapes transnational data governance by supplying digital infrastructure to emerging markets. The prevailing explanation for this phenomenon is “digital authoritarianism” by which China exports not only its technology but also its values and governance system to host states. Contrary to the one-size-fits-all digital authoritarianism thesis, this Article theorizes a “Beijing Effect,” a combination of “push” and “pull” factors that explains China’s growing influence in data governance beyond its borders. Governments in emerging economies demand Chinese-built digital infrastructures and emulate China’s approach to data governance in pursuit of “data sovereignty” and digital development. China’s “Digital Silk Road,” a massive effort to build the physical components of digital infrastructure (e.g., fiber-optic cables, antennas, and data centers), to enhance the interoperability of digital ecosystems in such developing states materializes the Beijing Effect. Its main drivers are Chinese technology companies that increasingly provide telecommunication and e-commerce services across the globe. The Beijing Effect contrasts with the “Brussels Effect” whereby companies’ global operations gravitate towards the EU’s regulations. It also deviates from US efforts to shape global data governance through instruments of international economic law. Based on a study of normative documents and empirical fieldwork conducted in a key host state over a four-year period, we explain how the Beijing Effect works in practice and assess its impact on developing countries. We argue that “data sovereignty” is illusory as the Chinese party-state retains varying degrees of control over Chinese enterprises that supply digital infrastructure and urge development of legal infrastructures commensurate with digital development strategies.

Published in New York University Journal of International Law and Politics (JILP), Vol. 54, Issue 1, pp. 1-92.

NYU Law’s US-Asia Law Institute (USALI) published an essay about the paper entitled “Understanding China’s Growing Influence in Global Data Governance: Looking beyond US-China Relations”.

The paper draws on ideas from Guarini Global Law & Tech’s Global Data Law project and the MegaReg and InfraReg projects hosted by the Institute for International Law and Justice.

The Evolution of European Data Law

This new chapter for the 3rd edition of Paul Craig and Gráinne de Búrca’s Evolution of EU Law conceptualizes European data law as an area of EU law that gravitates around but transcends data protection law. It traces the origins of the EU’s data protection law to national and international antecedents, stresses the significance of recognizing data protection and privacy in the EU’s Charter of Fundamental Rights, and explores the gradual institutionalization of data protection law through exceptionally independent data protection authorities, firmly embedded data protection officers, and emergent structures for supranational coordination. It then contrasts the EU law on personal data with the EU law on non-personal data and scrutinizes two other domains of European data law that intersect in complicated ways with data protection law: data ownership laws and access to data laws. European data protection law has been globally diffused through extraterritorial application, conditionalities for transfers of personal data, international agreements, and the “Brussels Effect” but whether the EU will retain its role as global data regulator is far from certain. As the European Commission is executing its data strategy, it needs to move beyond simplistic understandings of data as a resource, recognize the salience of data infrastructures, and confront the reality that data is more than a regulatory object.

The chapter draws on ideas from Guarini Global Law & Tech’s Global Data Law project.

China’s Influence in Global Data Governance Explained: The Beijing Effect

In today’s global economy, digital data enable transnational communication, serve as a resource for commercial gain and economic development, and facilitate the decision-making by private and public entities alike. As questions of control over digital data have become flashpoints in global governance, Chinese technology companies and the government of the People’s Republic of China (PRC) increasingly shape and influence these contests. The “Digital Silk Road” through which the PRC promises “connectedness” in the digital domain alongside the physical transport capacity of the land- and sea-based planks of the Belt and Road Initiative (BRI) manifests the PCR’s aspirations to facilitate digital development in host states. The prerequisite digital infrastructure investments are orchestrated by its gigantic technology companies, which are acquiring an increasingly prominent presence abroad.

In our article “The Beijing Effect: China’s ‘Digital Silk Road’ as Transnational Data Governance”, which is forthcoming with the New York University Journal of International Law and Politics, we analyze China’s growing influence in global data governance. The term “Beijing Effect” pays homage to Anu Bradford’s account of the EU’s global regulatory influence as the “Brussels Effect”, which is said to be particularly prominent in the digital domain, where the EU’s General Data Protection Regulation (GDPR) has been heralded as a global benchmark for multinational corporations and a template to be emulated by countries without comprehensive data protection laws. Even the PRC is sometimes following in the GDPR’s footsteps, as illustrated by the draft for a Personal Information Protection Law (PIPL) which – together with the Data Security Law – is set to complement China’s existing data governance framework which revolves around cybersecurity. Like the GDPR, the PIPL is set to apply to personal information handling outside PRC borders when the purpose is to provide products or services to people within the territory of the PRC or when conducting analysis or assessment of their activities. In this way, both the GDPR and the PIPL apply extraterritorially in recognition of the Internet’s cross-jurisdictional reach. While such parallels must be recognized, their effects must not be overstated or equated. We concur with Professor Bradford that Beijing will not be able to replicate the Brussels Effect which occurs when globally operating corporations choose to amplify European law. However, we posit that a Beijing Effect of a different kind is already materializing and might gain further strength since the COVID-19 pandemic has revealed the global economy’s reliance on digital infrastructures.

Our account of the Beijing Effect explains how the PRC is increasingly influencing data governance outside its borders, in particular in developing countries in need of digital infrastructures with only nascent data governance frameworks. Indeed, the most consequential vector may be the construction, operation, and maintenance of digital infrastructure by major Chinese technology companies. More than twenty years after Lawrence Lessig’s famous insight that “code is law,” the creators of the hardware and software that penetrate and regulate our increasingly digitally-mediated lives globally are increasingly based in Beijing, home to Baidu and ByteDance, Hangzhou, where Alibaba is based, or Shenzhen, where Huawei and Tencent are headquartered. As their digital infrastructures become ingrained in the social, economic, and legal structures of host states, they affect where and how data flows, and, by extension, how people communicate and transact with, and generally relate to, other individuals, the private sector, and public authorities.

At the same time, the PRC challenges the Silicon Valley Consensus which heralded the unconditional desirability of “free flow” of data and, instead, promotes “data sovereignty” as a leitmotif for international and domestic data governance. This tension materializes in the “digital trade” and “electronic commerce” chapters of recent megaregional trade agreement: While members of the Trans-Pacific Partnership (TPP) can challenge the necessity of data transfer restrictions and data localization requirements under threat of dispute settlement proceedings, the Regional Comprehensive Economic Partnership (RCEP) agreement allows its members to self-assess which restrictions they deem necessary.

As some governments in BRI host states seem drawn towards the dual promise of social control and economic development as reflected in the PRC’s transition towards a digitally-advanced techno-authoritarian society, a critical reevaluation of extant digital development narratives and China’s self-representation as an alternative center for global governance is warranted. Our account of the Beijing Effect is one piece in this larger puzzle, which requires more theoretically informed and empirically grounded research into China’s unique approach to law and development.

This blog post was initially published by the Machine Lawyering Blog hosted by the Chinese University of Hong Kong (CUHK). It is reposted here with permission since the original post is no longer available.


Digital Megaregulation Uncontested? TPP’s Model for the Global Digital Economy

The United States championed the creation of new rules for the digital economy in TPP. Analyzing this effort as “digital megaregulation” foregrounds aspects that the conventional “digital trade” framing tends to conceal. On both accounts, TPP’s most consequential rules for the digital economy relate to questions of data governance. In this regard, TPP reflects the Silicon Valley Consensus of uninhibited data flows and permissive privacy regulation. The paper argues that the CPTPP parties endorsed the Silicon Valley Consensus due to a lack of alternatives and persistent misperceptions about the realities of the global digital economy, partly attributable to the dominant digital trade framing. It suggests a new approach for the inclusion of data governance provisions in future international trade agreements that offers more flexibility for innovative digital industrial policies and experimental data regulation.

This paper was published in Megaregulation Contested: Global Economic Ordering After TPP (edited by Benedict Kingsbury, David M. Malone, Paul Mertenskötter, Richard B. Stewart, Thomas Streinz, and Atsushi Sunami, Oxford University Press 2019), chapter 14 (pp. 312-342).