IGF 2023 WS #197 Operationalizing data free flow with trust

    Time
    Monday, 9th October, 2023 (08:00 UTC) - Monday, 9th October, 2023 (09:30 UTC)
    Room
    WS 1 – Annex Hall 1

    Organizer 1: Timea Suto, 🔒International Chamber of Commerce
    Organizer 2: Rose Payne, International Chamber of Commerce
    Organizer 3: Meni ANASTASIADOU, ICCWBO

    Speaker 1: Maarit Palovirta, Private Sector, Western European and Others Group (WEOG)
    Speaker 2: Wolfgang Kopf, Private Sector, Western European and Others Group (WEOG)
    Speaker 3: Raúl Echeberría, Private Sector, Latin American and Caribbean Group (GRULAC)
    Speaker 4: Sheetal Kumar, Civil Society, Western European and Others Group (WEOG)
    Speaker 5: Nwakanma Nnenna, Civil Society, African Group
    Speaker 6: David Pendle 
    Speaker 7: Carl Gahnberg, Technical Community, Western European and Others Group (WEOG)

    Moderator

    Timea Suto, Private Sector, Eastern European Group

    Online Moderator

    Rose Payne, Private Sector, Intergovernmental Organization

    Rapporteur

    Meni ANASTASIADOU, Private Sector, Western European and Others Group (WEOG)

    Format

    Round Table - 90 Min

    Policy Question(s)

    What are the main challenges to address in order to overcome Internet fragmentation, and what policy elements are necessary to maintain and expand trusted cross-border data flows, and restoring the open and free-flowing nature of the Internet? How can the erosion of trust in cross-border data flows be addressed and DFFT be operationalized globally, leveraging existing international agreements and accepted principles related to trusted government access to data?

    What will participants gain from attending this session? The session will equip participants with an understanding of the challenges and risks posed by unilateral and non-compatible policy approaches to data governance to the open, free, and unfragmented Internet and the functioning of the global, interconnected digital economy. Discussions will take stock of existing initiatives that are building a foundation for global, and interoperable approaches to enable trusted cross-border data flows and data governance, paying particular attention to the protection of human rights, privacy, public safety and national security. Based on this taking stock exercise, participants will have the opportunity to share good practices and offer recommendations on horizontal, globally interoperable approaches that avoid the fragmentation of vital flows that not only sustain global trade and the economy but also the delivery of essential public and social services, building on existing multilateral agreements wherever possible.

    Speakers

    1. Mr Raul Echeberria, Executive Director, Latinamerican Internet Association (ALAI)
    2. Mr Carl Gahnberg, Director of Policy Development and Research, Internet Society
    3. Mr Wolfgang Kopf, Senior Vice President for Group Public and Regulatory Affairs, Deutsche Telecom
    4. Ms Sheetal Kumar, Head of Global Engagement and Advocacy, Global Partners Digital (GPD)
    5. Ms Nnenna Nwakanma, Board Member, International Digital Health & AI Research Collaborative (I-DAIR)
    6. Ms Maarit Palovirta, Senior Director, Regulatory Affairs, European Telecommunications Network Operators Association (ETNO), Private Sector
    7. Mr Dave Pendle, Assistant General Counsel, Law Enforcement & National Security, Microsoft

    Description:

    Amid global health, financial and geopolitical crises that pose risks to the very functioning of a rules-based multilateral system, enacting policy frameworks that enable the open, interconnected and interoperable nature of the Internet is essential. Trusted global data flows are a formidable engine for innovation, competitiveness, and growth and a powerful catalyst for socioeconomic empowerment. Nonetheless, mistrust in cross-border data transfers continues to grow due to concerns that national security, privacy or economic safety could be compromised if data transcends borders. This increasingly fuels restrictive policies and measures like digital protectionism, data mercantilism and data localization. Such approaches deepen Internet fragmentation, segregating information that underpins a broad range of socioeconomic activities and undermining cybersecurity protection. Furthermore, unilateral policies exacerbate existing divides and may result in a patchwork of conflicting regulations, discouraging individuals’, businesses,’ and governments’ participation in a global economy. Instead, horizontal, interoperable, and technologically neutral policy frameworks are needed to unlock the benefits of data while respecting fundamental human rights, including the right to privacy, and protecting public safety. This would reinforce trust in cross-border data flows, boost data-driven innovation, and tap into the potential socioeconomic benefits of data sharing. Moving towards such a solution depends largely on governments working together, with multistakeholder input, to develop interoperable policy frameworks. Notable developments that progress such frameworks include Japan’s leadership in promoting Data Free Flow with Trust (DFFT) at the 2019 G20 Summit, the OECD Declaration on Government Access to Personal Data Held by Private Sector Entities in 2022, and the G7 2023 consensus to operationalize DFFT with the establishment of the Institutional Arrangement for Partnership (IAP). This workshop will explore the causes and challenges of fragmentation in data governance approaches, take stock of existing initiatives to bridge divides and explore next steps for operationalizing data free flow with trust globally.

    Expected Outcomes

    The session will address the main challenges of Internet fragmentation, aiming to shed light on the root causes that hinder the open, sound and free-flowing architecture of the Internet. In particular, the session will uncover the impact of unilateral policy approaches to data flows, including the erosion of trust in data flows that transcend borders and regulations. The session will also lay out the framework necessary to reconcile Internet fragmentation, focusing on cross-border data flows with trust.

    Hybrid Format: Prior to the session: to ensure speakers and attendees get the most out of the session, regardless of their chosen way of participation, organizers will make use of the session’s page on the IGF website and social media channels to share preparatory material and kick-start a dialogue. A preparation call will be organised for all speakers, moderators and co-organisers so that everyone has the chance to meet and prepare for the session. During the session: the moderators are experienced in animating multistakeholder discussions and will complement each other in merging onsite and online speakers and attendees to the optimum. Onsite participants will be encouraged to connect to the online platform to stay informed and engage with discussions in the chat. Following the session: moderators will encourage participants to make use of the IGF website and social media channels to share further comments and contribute to the session’s report.

    Key Takeaways (* deadline 2 hours after session)
    The session highlighted the importance of horizontal, interoperable, and technologically neutral policy frameworks. Specific policy measures discussed included impact assessments, stakeholder commitments to prevent data fragmentation, support for encryption, and clear guidelines for government access to private sector data.
    Call to Action (* deadline 2 hours after session)
    Panellists emphasized that all stakeholders should prioritize international cooperation, common principles, and inclusive discussions to operationalize data free flow with trust and preserve the open, unfragmented essence of the Internet. Panellists called on policymakers to take a global approach that transcends regional boundaries, fostering trust, security, respecting human rights, and promoting innovation and economic growth.
    Session Report (* deadline 26 October) - click on the ? symbol for instructions

    Introduction and key takeaways

    Global data flows are an essential engine for innovation, driving competitiveness, growth and enabling socioeconomic empowerment. However, mistrust in cross-border data transfers continues to grow due to concerns that national security, privacy or economic safety could be compromised if data transcends borders, leading to restrictive policies that deepen Internet fragmentation.

    The session touched on notable developments in promoting Data Free Flow with Trust (DFFT) through the OECD Declaration on Government Access to Personal Data Held by Private Sector Entities, and the G7 establishment of the Institutional Arrangement for Partnership (IAP). Against this background, speakers took stock of the innovative and empowering role of trusted global data flows, stressing that data only has value when it is accessible, useful, and able to be transferred. The discussion shifted to the challenges and risks posed by unilateral data governance policies and data localisation measures, including negative economic consequences and potential harm to human rights through surveillance.

    To address these challenges, participants highlighted the importance of horizontal, interoperable, and technologically neutral policy frameworks – noting that sound policies that enable data flows, while addressing legitimate concerns and aligning with international human rights law standards around security, privacy and commercially sensitive information, have the potential to create trust across the entire digital ecosystem. They emphasised the value of partnerships and inclusivity in policymaking, advocating for global approaches to data flows.

    Specific technical and policy measures referenced during the deliberations included data impact assessments, the commitment of stakeholders to prevent data fragmentation, support for encryption mechanisms as an enabler of trust and security, and the formulation of clear guidelines governing government access to private sector data. There was also the recognition that leveraging data for economic growth requires investment in wider infrastructures, including knowledge, skills and capacities to harness data. The session underscored the need for international cooperation and the creation of common principles, as well as inclusive dialogue on how to operationalise data free flow with trust and safeguard the open, unfragmented nature of the Internet.

    Call to action

    The session advocated for the establishment of universally accepted guiding principles concerning government access to personal data. Any principles should reflect and uphold international human rights law and standards. The panellists urged the adoption of a comprehensive global strategy that goes beyond regional confines, with a specific focus on building trust, enhancing security, upholding human rights and spurring innovation and economic growth. Common guiding principles could ultimately lead to effective collaborative efforts, involving all stakeholders and nations, to cultivate approaches that are interoperable and legally sound. This collaboration should promote the free exchange and responsible use of data in a manner that garners trust and upholds human rights, including high privacy standards. Policymakers were encouraged to endorse cross-border data flows while ensuring that users human rights are protected through transparent safeguards that are implemented in a manner that is non-discriminatory and does not create barriers to trade.

    Further reading

    ICC Policy Primer on Non-Personal Data

    ICC White Paper on Trusted Government Access to Personal Data Held by the Private Sector