This paper reflects on the beneficial potential of a future EU-Japan Digital Partnership for global trade governance. It provides an informed consideration of the profound implications of digitisation and the data-driven economy, as well as the dynamic field of digital trade rule-making in free-trade agreements.
Digital trade and cross-border data flows in particular have become one of the relatively new but intensely discussed topics in global trade-law discussions. This paper sketches the developments in the landscape of digital trade law and policy and outlines the positions of the EU and Japan. It seeks to identify the points of convergence and divergence between Japan and the EU and contemplates the potential contribution of an EU-Japan Digital Partnership in progressing towards a framework of digital trade governance that is beneficial both in terms of enabling the data-driven economy and its growth, as well as in terms of safeguarding vital societal interests and values.
The critical importance of data for all economic sectors seems almost uncontested. Beyond the somewhat flawed mantra of data being the ‘new oil’, many studies point to the vast potential of data as an enabler of more efficient business operations, highly innovative solutions and better policy choices in all areas of societal life. It is noteworthy that this transformative capacity refers not only to ‘digital native’ areas, such as search or social networking, but also to ‘brick-and-mortar’, physical businesses, such as those in manufacturing or logistics. The COVID-19 pandemic has further augmented the value of digital transactions and the significance of data-driven platforms. Emerging technologies, like Artificial Intelligence (AI), which are thought to be in many senses a game-changer and endowed with incredible potential for growth and innovation, are also highly dependent on data inputs. Therefore, solutions in the domain of data governance are expected in many aspects to condition the future of the data-driven economy and the unfolding of the Fourth industrial revolution or Society 5.0, as framed by the Japanese government.
At the same time, as is well documented, the increased dependence on data has brought about a set of new concerns. The impact of data collection and data use upon privacy has been particularly widely acknowledged by scholars and policy-makers, as well as felt by users of digital products and services in everyday life. Such risks have been augmented in the era of Big Data, which presents certain distinct challenges to the protection of personal data and by extension to the protection of individual privacy and family life, as protected by international human rights frameworks and national constitutions. Governments have responded to these concerns in a variety of ways. In terms of external safeguards, states have sought new ways to assert control over data -in particular, by prescribing diverse measures that ‘localise’ the data, its storage or suppliers, so as to keep it within the state’s sovereign space–. This kind of barriers to data flows, however, does affect trade and can endanger the realisation of an innovative data economy, even in a domestic context. In terms of internal safeguards, the preoccupation of the perceived perils of Big Data analytics has triggered the reform of data protection laws around the world, perhaps best exemplified by the efforts of the EU to set particularly high standards of protection through the adoption of the 2016 General Data Protection Regulation (GDPR). The reform initiatives are, however, not coherent, as they reflect societies’ understandings of constitutional values, relationships between citizens and the state, and the role of the market, to name but a few. The divergences, both in the perceptions and the regulation of privacy protection across nations, and the fundamental differences between the human rights approach of the EU and the more market-based, non-interventionist approach of the US, have also meant that conventional forms of international cooperation and an agreement on shared standards of data protection have become highly unlikely.
Against this backdrop of a complex and contentious regulatory environment, digital trade and cross-border data flows in particular have become one of the relatively new but intensely discussed topics in global trade-law discussions. This brief piece sketches the developments in the landscape of digital trade law and policy and outlines in particular the positions of the EU (EU) and Japan. This allows us to identify the points of convergence and divergence between Japan and the EU, and to contemplate the potential contribution of an EU-Japan Digital Partnership in progressing towards a framework for digital trade governance that is beneficial both in terms of enabling the data-driven economy and its growth, as well as in terms of safeguarding vital societal interests and values.
(2) The dynamic field of digital trade governance
Notwithstanding the recent reinvigoration following the 2019 Joint Statement Initiative on Electronic Commerce and the fact that the Members of the World Trade Organisation (WTO) have early on realised the challenges of digitisation with the 1998 Work Programme on E-Commerce, the multilateral forum of the WTO has not been able to reform its rules and squarely address the digital challenge so far. The existing WTO rules, albeit certainly not irrelevant for digital trade, are therefore still in a pre-Internet state. To keep pace with the rapid digital transformation, in the past two decades states around the world have intensely employed the venue of free-trade agreements (FTAs) to fill in some of the gaps in the WTO framework, clarify its application and, beyond that, address the new generation of digital trade challenges –both in the sense of new trade barriers, such as localisation measures, as well as of a completely new set of regulatory issues, such as those regarding data protection, cybersecurity or open government data–.
Unsurprisingly for developments in preferential trade, the framework that has emerged as a result and now regulates contemporary digital trade is not coherent and there are profound differences as to the participating countries and the issues covered, as well as to the form and bindingness of the commitments made. Despite this patchwork of rules, the last five years have marked the emergence of more sophisticated templates on digital trade regulation and dedicated digital trade agreements. The positioning of the major players has also become clearer and this is true for both the EU and Japan, who have assumed the roles of important legal entrepreneurs in the area.
(2.1) US-centric models
In terms of the models that have emerged, it is first important to look at the highly influential model that has been endorsed by the US over the years. A crystallisation of this model has been the Comprehensive and Progressive Agreement for Transpacific Partnership (CPTPP), which was agreed upon in 2017 between 11 countries on the Pacific Rim, including Japan. Despite the US dropping out of the agreement with the start of the Trump Administration, the CPTPP rules reflect the US efforts to secure obligations on digital trade and are a verbatim reiteration of the e-commerce chapter of the previously negotiated Transpacific Partnership Agreement (TPP). The CPTPP chapter is important because it addresses many of the leftovers of the WTO E-Commerce Programme (eg, with regard to a permanent ban on the imposition of customs duties on electronic transmissions, Article 14.3 CPTPP) and provides for the facilitation of online commerce. In the latter sense, for instance, it shapes the domestic electronic transactions framework by including binding obligations for the parties to follow the principles of the UNCITRAL Model Law on Electronic Commerce 1996 or the UN Convention on the Use of Electronic Communications in International Contracts (Article 14.5 CPTPP); it also includes provisions on paperless trading, as well as electronic authentication and electronic signatures that secure the equivalence of electronic and physical forms (Articles 14.8 and 14.9). The remainder of the provisions found in the CPTPP e-commerce chapter are even more critical, as they belong to a more innovative category of rule-making that tackles the emergent issues of the data-driven economy. Importantly, the CPTPP explicitly seeks to curb data protectionism. First with regard to a ban on localisation measures, as Article 14.13(2) prohibits the parties from requiring a ‘covered person to use or locate computing facilities in that Party’s territory as a condition for conducting business in that territory’. And, secondly, by inserting a hard rule on free data flows: ‘[e]ach Party shall allow the cross-border transfer of information by electronic means, including personal information, when this activity is for the conduct of the business of a covered person’ (Article 14.11(2) CPTPP). The rule has a clearly broad scope and most data transferred over the Internet is likely to be covered; the explicit mentioning of personal data is also noteworthy. Measures restricting digital flows or implementing localisation requirements are permitted only if they do not amount to ‘arbitrary or unjustifiable discrimination or a disguised restriction on trade’ and do not ‘impose restrictions on transfers of information greater than are required to achieve the objective’ (Article 14.11(3) CPTPP). These non-discriminatory conditions are similar to the strict test formulated by Article XIV GATS and Article XX GATT 1994 –a test that is aimed at balancing trade and non-trade interests by ‘excusing’ certain violations (but is also extremely hard to pass, as we know from existing WTO jurisprudence)–. At the same time, the CPTPP parties, while mentioning the need to ‘adopt or maintain a legal framework that provides for the protection of the personal information of the users of electronic commerce’ (Article 14.8(2)), have adopted very lenient rules, which in essence prioritise trade over privacy rights –a position that has been long endorsed by the US due to its relatively weak and patchy domestic regime for protection of privacy–.
The approval for the UK to accede to the CPTPP and recent requests for accession by China and Taiwan potentially expand the commercial reach and geopolitical dimension of this agreement. Next to these possibilities for an enlarged CPTPP membership, it should also be pointed out that the CPTPP model has diffused in a substantial number of other agreements, such as the 2016 Chile-Uruguay FTA, the 2016 updated Singapore-Australia FTA (SAFTA), the 2017 Argentina-Chile FTA, the 2018 Singapore-Sri Lanka FTA, the 2018 Australia-Peru FTA, the 2019 Brazil-Chile FTA and the 2019 Australia-Indonesia FTA. Important follow-ups to mention in this context are also the 2018 United States Mexico Canada Agreement (USMCA), which updated the North American Free Trade Agreement (NAFTA) confirming the US approach to digital trade issues, as well as the 2020 Digital Economy Partnership Agreement (DEPA) between Chile, New Zealand and Singapore, which building upon the CPTPP created a new modular approach towards cooperation on the regulation of data-driven economy, taking on board many new issues, such digital identity and AI.
The US approach towards digital trade issues has also been confirmed, and importantly in the context of this paper, by the US-Japan Digital Trade Agreement (DTA), signed on 7 October 2019, alongside the US-Japan Trade Agreement. The US-Japan DTA can be said to replicate almost all provisions of the USMCA and the CPTPP, including the free flow of data and the ban on localisation measures. The DTA also replicates the new USMCA rules on open government data, source code and interactive computer services but notably covering also financial and insurance services as part of the scope of agreement, thereby rendering its impact much broader. The DTA mirrors in all provisions the US proposal under the ongoing WTO negotiations on electronic commerce and has created the farthest-reaching proposal in the discussions on a future plurilateral agreement.
(2.2) EU agreements
The EU has been a relatively latecomer in the area of digital trade governance and its approach has evolved over time. The 2002 agreement with Chile was the first to include substantial e-commerce provisions but the language was still cautious and limited to soft cooperation pledges in the services chapter and in the fields of information technology, information society and telecommunications. In more recent agreements, such as the 2009 EU-South Korea FTA, the language is much more concrete and binding. It imitates some of the US template provisions and confirms the applicability of the WTO Agreements to measures affecting electronic commerce, as well as subscribing to a permanent duty-free moratorium on electronic transmissions. The EU, as particularly insistent on data protection policies, has also sought the commitment of its FTA partners to compatibility with international standards of data protection. The 2016 EU agreement with Canada –the Comprehensive Economic and Trade Agreement (CETA)– includes farther reaching commitments ensuring: (a) clarity, transparency and predictability in their domestic regulatory frameworks; (b) interoperability, innovation and competition in facilitating electronic commerce; as well as (c) facilitating the use of electronic commerce by small and medium-sized enterprises. The EU has succeeded in deepening the privacy commitments and the CETA has a specific norm on trust and confidence in electronic commerce, which obliges the parties to adopt or maintain laws, regulations or administrative measures for the protection of the personal information of users engaged in electronic commerce in consideration of international data protection standards (Article 16.4 CETA). It is only recently, however, that the EU has taken steps towards the inclusion of rules on data flows. This happened in particular with the 2018 EU-Japan Economic Partnership Agreement (EPA), where the Parties committed to ‘reassess’ within three years of its entry into force the need for including provisions on the free flow of data (Article 8.81). This still cautious approach has now been adjusted in the currently negotiated deals with Australia, New Zealand and Tunisia, as well as in the recently adopted post-Brexit Trade and Cooperation Agreement (TCA) with the UK. The new EU-led digital trade chapters include for the first time norms on the free flow of data and a data localisation ban. This repositioning and newer commitments are, however, also linked with high levels of data protection. The EU wishes to permit data flows only if coupled with the high data protection standards of the GDPR. In its currently negotiated trade deals, as well as in the EU proposal for WTO rules on electronic commerce, the EU follows a distinct model of endorsing and protecting privacy as a fundamental right. On the one hand, the EU and its partners seek to ban data localisation measures and subscribe to free data flows but, on the other hand, these commitments are conditioned: first, by a dedicated article on data protection, which endorses the protection of personal data and privacy as a fundamental right and acknowledges that high standards in this regard contribute to trust in the digital economy and to the development of trade; and, secondly, the policy space of the EU is strengthened by a provision on data sovereignty and a broadly defined right to regulate ‘to achieve legitimate policy objectives, such as the protection of public health, social services, public education, safety, the environment including climate change, public morals, social or consumer protection, privacy and data protection, or the promotion and protection of cultural diversity’. Additional safeguards come with a review possibility regarding the impact of free data flows within three years of the entry into force of the agreement and parties remain free to propose to review the list of restrictions at any time.
While the rest of the EU digital trade template seems to include the issues covered by the CPTPP/USMCA model, such as software source code, facilitation of electronic commerce, online consumer protection, spam and open government data, the EU’s striving for data sovereignty and for heightened protection of privacy as a fundamental right, potentially at the expense of free data flows, must be underscored.
The potential contribution of an EU-Japan Digital Partnership to global trade governance
The above sections reveal only a segment of the dynamic field of digital trade governance, as driven by FTAs. Other relevant developments include, of course, the idiosyncratic but ever more proactive stance of China, the legal innovation driven by smaller states, such as Singapore and New Zealand (in particular in their dedicated digital economy agreements) and the less active and even antagonistic role played by a number of developing countries, such as India and South Africa. What is critical in this fragmented regulatory landscape is that as trade agreements have become a major platform for regulating the broader field of the data-driven economy, the FTA provisions are not so much about merely securing deeper market access but about the interfacing of domestic regulatory regimes, which also affects a number of non-economic interests, such as those in the area of personal data protection. This enhances the need for international cooperation and it is where, against the backdrop of the diverging positions of the US, the EU and China, a future EU-Japan Digital Partnership can play a key and potentially highly beneficial role. One could break down the benefits for global trade governance along two (interrelated) avenues.
The first one is to promote cross-border data flows with safeguards. In this context, it is important to highlight that both the EU and Japan have long acknowledged the risks that digitisation brings with it and sought to promote, albeit with some differences, a human-centric approach in their digital policies. Both parties have also strived to establish, through a variety of channels and initiatives, their digital autonomy: on the one hand, for the promotion of strategic business interests, as with the initiative for a European Chips Act and the EU-Japan Partnership on Sustainable Connectivity and Quality Infrastructure; on the other, and more importantly, both parties strive for adequate protection of privacy, as the EU does with the GDPR and its support for Japan’s strong call for ‘Data Free Flows with Trust’ (DFFT) under the Osaka track. The building blocks for a strong and farther-reaching partnership between the EU and Japan in this context have already been laid down by the parties’ existing relationship. Next to the EPA and the above noted initiatives, we should not underestimate the fact that Japan was the first country to be issued an adequacy decision under the GDPR and this is also the first EU decision that is reciprocal in nature, based on mutual recognition of domestic privacy standards. Going forward and as parties that have both shown distinct legal entrepreneurship that can shape new technological developments for the benefits of society, one can imagine taking the existing points of convergence and the existing close partnership between the EU and Japan to a next level that effectively fills the DFFT initiative with content and provides important orientation for other policy makers.
The second important and closely linked effect of a potential EU-Japan Digital Partnership will be to shape data flow regulation and data governance in general in the discussions under the multilateral forum of the WTO towards an agreement on electronic commerce. As briefly noted earlier, while progress has been made under the WTO Joint Statement Initiative on E-Commerce, the positions of the participating WTO Members strongly diverge on the interface of data flows and data protection and a number of countries have indeed opposed the ongoing efforts. While it can be argued that Japan is somewhere in the middle of the spectrum between the EU and the US stances, a coordinated action between the EU and Japan can potentially bridge some of the diverging positions and help advance a WTO framework on digital trade with a higher level of equity. Both the EU and Japan have proved that it is possible to promote an inclusive environment that curbs digital protectionism, facilitates digital trade and data-driven innovation but also safeguards vital societal values and interests –there is a strong argument that can be made that they can leverage this experience under the WTO–. This is critical in its own right but can also help accommodate smaller economies and developing countries and support their efforts to overcome data inequalities and missing regulatory capacity, which can often be the result of existing highly fragmented and power-driven regulatory environments for digital trade.
Image: EU-Japan Summit 2014. From left to right: Mr José Manuel BARROSO, President of the European Commission; Mr Shinzo ABE, Japanese Prime Minister; Mr Herman VAN ROMPUY, President of the European Council. Photo: Herman Van Rompuy (CC BY-NC-ND 2.0)