Digital Sovereignty and International Cooperation:
A UN Perspective
May 1, 2023
Contemporary digital media platforms play a crucial role as intermediaries of the digital public sphere, effectively controlling and influencing public discourse and opinion (Rahman, 2018). However, only a few facilitate the majority of online social activity.
Often driven by commercial incentives, questions surrounding data privacy and protection continue to arise as platforms utilise the data they obtain from their users for targeted advertising and personalised algorithms, furthering the data supply chain to other commercial firms and data processors (Banerjee, 2019). Treating user data as a commodity further complicates the issue of privacy and protection. By considering data as a non-rival good, then user data would be freely available online for anyone to access (Tucker, 2019).
On the other hand, should platforms treat user data with exclusivity, then the natural process of creating data silos and the commodification of user data would encourage antitrust behaviour (Tucker, 2019). The United Nations [UN] currently have measures to address the issue through the Data Privacy, Ethics and Protection Guidance Note on Big Data for Achievement of the 2030 Agenda, providing guidance on big data use for the United Nations Development Group [UNDG], though not legally binding and intended for self-regulation for member organisations (UNDG, 2017). With specific focus on safeguarding the individual from harms associated with big data, it foregoes explicit considerations on how these regulations should be supported and, eventually, enforced and upheld, and what this means for jurisdiction and national sovereignty.
Acting as a transnational policy maker for the United Nations, this essay argues that the key priorities in regulating the digital space would be to push for international data cooperation to support existing sustainability goals whilst simultaneously not infringing on the digital sovereignty of nation-states.
Key Issues and Conceptual Framework
This essay focuses on key issues related to digital sovereignty, specifically concerning big data, data privacy, and data security. Couture and Toupin (2019) present different perspectives to examine digital sovereignty, including the individual-centric approach, the multi-stakeholder approach, and the state-centric approach. The individual-centric approach, referred to as ‘personal technological sovereignty,’ examines the control and agency individuals have over their own data and devices (Couture & Toupin, 2019, p. 2316). The multistakeholder approach, or ‘cyberspace sovereignty,’ argues for minimal state involvement and a collaborative effort to govern the digital space equitably (Couture & Toupin, 2019, p. 2311). The state-centric ‘digital state sovereignty’ emphasizes nationalising digital networks to protect the integrity of the state and its citizens, as well as directing data flows to national jurisdictions (Couture & Toupin, 2019). When supporting international data cooperation and trans-border data access, the digital sovereignty of the state becomes a primary consideration, especially within a transnational UN framework.
Policies regarding personal technological sovereignty and cyberspace sovereignty also influence the viability and effectiveness of international data cooperation policy making. While the UNDG’s Guidance Note on Big Data offers some insight, the European Union’s [EU] General Data Protection Regulation ([GDPR] 2016) serves as a prime example of how nations adopt it as a minimum standard within their jurisdiction and adapt the policy to their media systems to maintain sovereignty within the EU. The GDPR emphasises individual control over personal data and empowers individuals, referred to as ‘data subjects,’ to uphold their rights in the digital space (GDPR, 2016, Art. 4). This essay argues that maintaining sovereignty while supporting trans-border data access should be the key priority as it increases regulatory efficacy and competitiveness. Given that different states already have diverse priorities and systems for regulating the digital space, adopting a public utility approach to digital governance and maintaining sovereignty is crucial.
Regulation Efficacy and Competitiveness
Maintaining digital state sovereignty ensures that regulators are able to maximise the efficacy of regulations in ensuring data privacy and data security when facilitating international data cooperation and trans-border data access, potentially fostering neoliberal competitiveness in policy making.
The GDPR, though maintains personal technological sovereignty by ensuring greater individual control of their own data, faces a lack of enforcement and inadvertently regulatory strength, stemming from potential from inconsistencies across member states (Roberts et al., 2021).
Each EU member state establishes a supervisory authority that supervises the enforcement of the GDPR and “facilitate the free flow of personal data within the Union” (Art. 51). These authorities report directly to the European Data Protection Board, the EU’s data arm. Bodó et al. (2021) argues that the meso-level governance of platforms, conceptually similar to a commercially-driven version of cyberspace sovereignty, allows foreign businesses to pick and choose member states with the ‘most favourable’ supervisory authorities. Due to the relatively non-standardised ways of enforcement and the more restrictive nature of regulations like the GDPR, EU businesses and domestic platforms find themselves at a competitive disadvantage (Bodó et al., 2021). While it may increase the competitiveness of the EU as a whole, it potentially undermines the overall competitiveness of the member states on the grounds of digital state sovereignty.
In a study on how digital platforms influence media policy in Flemish and Norwegian media systems, Enli et al. (2019) found that although small, private media businesses in both cases want regulation that ensures they remain competitive with platforms like Google and Facebook, their attitudes to policy making differ because of their relationship to the EU. Norwegians were more expectant of change from national policy makers because of the national orientation of Norwegian media policy, “given that Norway is not a member of the EU, but relate to EU law as a member of EEA [European Economic Area], with and limited means to influence European policy making” (Enli et al., 2019, p.406). Flanders, on the other hand, is an EU federal state and thus has more influence on EU policy making, yet were more sceptic in seeing any tangible change in policy, citing that Flemish respondents viewed EU policy makers as being too far removed to understand the system and lacks effectiveness in protecting from anticompetitive behaviour, proliferating their vulnerability to international pressures (Enli et al., 2019). In the Norwegian and Flemish case, there are parallels on the degree of digital state sovereignty in policy making with the power to enforce those regulations, implying that the more constrained a national system is to EU jurisdiction, the less efficacy regulatory bodies, such as the GDPR’s supervisory authorities, have in upholding their own values.
By prioritising digital state sovereignty, states may be more effective in enforcing regulations.
Varying State Priorities and Systems
Transnational policy making on regulating the digital space should also consider the role of geopolitics and address global inequality, as expecting the uniformity of regulations would operate on logical fallacies that not only would nation-states follow the rules of another, but that each government system have the equitable means to facilitate international data cooperation.
International cooperation, which the GDPR defines as jurisdiction outside of the EU, focuses on facilitating the enforcement of personal data protection and to “promote the exchange and documentation of personal data protection legislation and practice, including on jurisdictional conflicts with third countries” (Art. 50/1d). As Roberts et al. (2021) argues, the EU’s status as one of, if not the, strongest supranational political and economic union in the world allows them to exert control and influence other governments to follow the EU’s regulatory approach, enacting a form of control over the public and private sector.
Bodó et al. (2021, p. 15) compares the EU’s degree of competitiveness to its hindered ability to compete with “US-based and Chinese competitors,” where one follows neoliberal and capitalistic values and the latter imposes state control on all forms of data produced within their borders. Couture and Toupin (2019, p.2313) also posed the argument of China and the US-led Western bloc’s competing priorities of digital sovereignty, with the former championing ‘internet sovereignty’ that supports “state efforts to control information networks,” and the latter advocating for ‘internet freedom’. Internet sovereignty in this case is an equivalent to digital state sovereignty, where on one side it can be used to imagine the physical borders of the state in the digital space and the extent to which their jurisdictions reach, but also goes beyond the quasi-legal argument and promotes “a distinct national identity or national vision of what the internet should be,” circling back to Cold War-esque tensions of Western and Eastern blocs of influence and governance (Couture & Toupin, 2019, p.2313).
Differing political priorities between nation-states also translates to differing infrastructure priorities and readiness when it comes to effectively using data to support digital governance. The World Bank’s (2017) Open Data Readiness Assessment [ODRA] is a report on the readiness of a government or agency to evaluate, design and implement an ‘Open Data initiative’. ODRA found that, for example, many Commonwealth countries have inherited an ‘Official Secrets Act’ from their former British overlords during the First World War and for most have persisted to the contemporary era in their original draconian form, which “not only makes it difficulty or risky for individual officials to authorize the release of data but also engenders a culture of official secrecy” (World Bank, 2017, p.4). In other instances, the report also found that less technologically developed countries have argued that “the lack of advanced telecommunications infrastructure is sometimes regarded by both government and stakeholders as a reason why open data should not be a priority at this stage in a country’s development”. Both cases are driven by completely different historical and socio-economic contexts, yet succinctly summarise their reluctance and hesitation to pursue further implementation of international open data policies. Different states have different priorities and systems, thus digital state sovereignty is not an afterthought in policy making, but should be at the forefront of the debate.
Cooperative Digital Governance and Public Infrastructure
To regulate the globalised digital space effectively, it is proposed to view platforms as public utilities and data as essential facilities, emphasizing fiduciary duties and public values. Treating digital platforms as public utilities and common carriers draws from historical practices of breaking up monopolies in industries like railroads and telecommunications (Rahman, 2018). This approach aims to ensure equitable access, foster competition, and regulate in the public interest. Platforms and infrastructures share similarities, including their gatekeeping power, which allows them to control the flow of information and activity within their networks and raises questions about anticompetition laws (Rahman, 2018). The concept of data as an ‘essential facility’ has been discussed by Tucker (2019). Essential facilities are characterized by a monopolist controlling access to essential inputs necessary for competitors to compete (Tucker (2019, p.684). Tucker (2019, p.690) summarises the necessary criteria for data to be considered an essential facility:
“(1) The monopolist must control and deny access to the data; (2) competition must fail without access to the data; (3) the plaintiff must lack means to duplicate the data; (4) the monopolist – in principle – must be able to share the data; and (5) the essential facility plaintiff must demonstrate the monopolist’s power in the market.”
Although Tucker (2019) argues against its classification due to data’s non-rival nature and ubiquity, the current issue on digital sovereignty focuses on the competing forces of digital state sovereignty and the meso-level governance of platforms, inadvertently treating data as a rival good. The ODRA (World Bank, 2017) found that the reluctance of governments to grant third-party access to government data, driven by the desire for control and concerns about commercial interests, hampers the proliferation of open data principles and creates challenges for businesses seeking basic data for optimisation and market opportunities.
Referring back to Tucker’s (2019) criterion of an essential facility, not only are there instances where governments restrict data access to third-party private companies – or more loosely defined as ‘competitors’ – but in doing so, they struggle to operate and are at a considerable disadvantage without the data. In this conflict between digital state sovereignty and cyberspace sovereignty, both sides of the debate mainly focus on either control and authority or commercial interests, which foregoes mentions of the main source of data: the individual and personal technological sovereignty. By establishing data as an essential facility within a public utility framework, commercial interests would diminish, and data brokers – either government or private – could focus on fulfilling fiduciary duties, including data protection and security, with a sense of duty of care and good faith. This approach considers the individual’s role in data generation and personal technological sovereignty, complementing the debates on digital state sovereignty and digital governance.
Conclusion
Maintaining digital state sovereignty in regulating the digital space ensures that regulators can maximise the efficacy of regulations in ensuring data privacy and security when facilitating international data cooperation and trans-border data access, potentially fostering neoliberal competitiveness in policymaking. The GDPR serves as an example of adopting a minimum standard within jurisdictions while adapting to national media systems. However, the enforcement of regulations like the GDPR faces challenges due to inconsistencies across member states, potentially undermining competitiveness. Geopolitical factors and differing priorities between nation-states further complicate the uniformity of regulations and infrastructure readiness. To regulate the global digital space effectively, a potential pathway is to view platforms as public utilities and data should be treated as essential facilities, emphasising fiduciary duties, public values, equitable access, competition, and regulation in the public interest. Such amendments could be made to existing papers like the UNDG’s (2017) Guidance Note on Big Data, further adding more tangibility to UN transnational policy making.
Bibliography
Banerjee, S. (2019). Geosurveillance, Location Privacy, and Personalization. Journal of Public Policy & Marketing, 38(4), 484-499. DOI: 10.1177/0743915619860137
Bodó, B., Irion, K., Janssen, H., & Giannopoulou, A. (2021). Personal data ordering in context: the interaction of meso-level data governance regimes with macro frameworks. Internet Policy Review, 10(3), 1-31. DOI: 10.14763/2021.3.1581
Couture, S., & Toupin, S. (2019). What does the notion of ‘sovereignty’ mean when referring to the digital? New Media & Society, 21(10), 2305-2322. DOI: 10.1177/1461444819865984
Enli, G., Raats, T., Syversten, T., & Donders, K. (2019). European Journal of Communication, 34(4) 395-409. DOI: 10.1177/0267323119861512
General Data Protection Regulation (EU) 2016/679. https://gdpr-info.eu/
Rahman, K. S. (2018). Regulating Informational Infrastructure: Internet Platforms As The New Public Utilities. Georgetown Law Technology Review, 234(2). https://georgetownlawtechreview.org/regulating-informational-infrastructure-internet-platforms-as-the-new-public-utilities/GLTR-07-2018
Roberts, H., Cowls, J., Casolari, F., Morley, J., Taddeo, M., & Floridi, L. (2021). Safeguarding European values with digital sovereignty: an analysis of statements and policies. Internet Policy Review, 10(3), 1-26. DOI: 10.14763/2021.3.1575
Tucker, C. (2019). Digital Data, Platforms and the Usual (Antitrust) Suspects: Network Effects, Switching Costs, Essential Facility. Review of Industrial Organization, 54, 683-694.
DOI: 0.1007/s11151-019-09693-7
United Nations Development Group (2017). Data Privacy, Ethics and Protection Guidance Note on Big Data for Achievment of the 2030 Agenda. https://unsdg.un.org/sites/default/files/UNDG_BigData_final_web.pdf
World Bank (2017). Open Data Readiness Assessments: Lessons Learned.
Originally submitted as coursework for the Master of Global Media Communication, University of Melbourne
The Perantau 