An analysis by a Washington think tank says China has the most restrictions on the flow of data across borders in the world, and that such restrictions would contribute to the Chinese government’s information control and political repression.
China, with 29 data localization policies, is the most restrictive country for cross-border data flows, followed by Indonesia, Russia and South Africa, according to a report released Monday by the Information Technology and Innovation Foundation (ITIF), a think tank.
The report notes that confining data within its borders is becoming a trend among countries around the world.ITIF found that 62 countries now have 144 data localization measures in place, almost twice as many as in 2017.
Governments often implement these measures on the grounds of protecting the privacy and security of their citizens, which can have serious negative economic impacts.
The report estimates that every 1 percentage point increase in a country’s level of data restriction reduces its total trade output by 7 percent, reduces productivity by 2.9 percent, and raises downstream prices in data-dependent industries by 1.5 percent over a five-year period.
Some countries also impose data restrictions out of nationalism or authoritarianism, such as China and Russia, the report notes.
Digital authoritarian governments, led by China and Russia, view physical access to data centers as an important means of surveillance and political control,” the report reads. Data localization enables political repression by placing information under government control, enabling governments to identify and threaten individuals, thereby affecting privacy, data protection and freedom of expression.”
China is citing national security as a reason to tighten data controls. The National Security Law, implemented back in July 2015, states the need to achieve security control of important information systems and data, and China’s first Data Security Law will take effect on Sept. 1 of this year, giving the government the right to require companies to share risky data with the government. This comes after U.S. companies from Apple to Tesla have been required to store data on their Chinese consumers in China.
Earlier this month, the Chinese regulatory giant also launched a cybersecurity review of Chinese Internet giant Drip, which some reports say is partly due to concerns that the U.S. could leverage data submitted by companies listed in the U.S. to get a hold of data on Chinese users. Almost simultaneously, China introduced a policy requiring Chinese companies with more than 1 million users’ data to be vetted by authorities before going public overseas.
Paul Triolo, a global technology policy expert at political risk consulting firm Eurasia Group, said data has been seen as a new strategic resource in the context of increased political and economic competition between the U.S. and China.
“This is a result of the evolution of China’s domestic data governance system and the rising tide of data sovereignty, not just in China but elsewhere as well,” he told Voice of America.
The report argues that policymakers should revise laws to address legitimate issues related to data, but should ensure that individuals, businesses and governments can maximize the enormous social and economic benefits of data and digital technology.
The report recommends that the United States and its democratic country allies-Canada, the United Kingdom and Japan, among others-sign the “Geneva Data Pact” as a common framework for data sharing and exclude countries such as China and Russia that restrict data flows.
The report also recommends that provisions to protect data flows and prohibit data localization be included in e-commerce negotiations among World Trade Organization members.