10 minute read
Free Trade Agreements
For example, state restrictions, such as mandatory data localisation, can be considered a non-tariff barrier to trade (NTB) in the digital economy. Regulations on cross-border data exchange in trade agreements can reduce such barriers to a necessary minimum. Similarly, international rules on data protection can help to create a reliable, open and trustworthy environment for cross-border economic exchange. In its Communication 374 (2019), the European Commission correctly stated that negotiations on data protection and trade are separate, but can be complementary. 2
Free trade agreements
EU-MERCOSUR-FTA
After long negotiations (the negotiating mandate dates back to 1999), the parties agreed in principle on the text of a trade agreement between the EU and the MERCOSUR in July 2019. However, it is not yet clear when the agreement can be signed by the negotiating parties, given the current resistance in some EU Member States.
It will regulate market access for certain services sectors. The rules on electronic commerce and telecommunications services can be found in the services chapter of the agreement. They aim to remove unjustified barriers to e-commerce, provide legal certainty for businesses, and ensure a safer online environment for consumers. The chapter contains binding rules prohibiting customs duties on electronic transmissions. The Parties agreed on provisions aimed at preventing excessive authorisation procedures, ensuring the legal validity and effectiveness of electronic contracts, and preventing the spread of data waste ("spam"). A separate chapter on cross-border data transfer, processing and localisation is not included. The article on general exceptions allows all parties to introduce and enforce measures to protect private data, provided that such measures do not result in arbitrary and unjustified discrimination.
Horizontal chapter on data exchange for the European Commission
Since summer 2018, the EU Commission has been negotiating chapters on digital trade in free trade agreements with third countries such as Australia, New Zealand, Chile and Indonesia. Part of such a chapter are provisions on data exchange.3 This represents an important development in terms of trade law. With regard to a definition of the term "personal data", the EU Commission is guided in this context by the existing definitions of the OECD and the Council of Europe (see below). This can be seen by looking at Article 6 IV of the EU negotiating text on a free trade agreement with Australia within the digital chapter.
Content of the chapter: 4
The principle of the EU's approach is that data should circulate freely between the partners in the EU trade agreement. The circulation of data must not be restricted by four listed groups of cases (see also Article 5(1)). These are:
2 COM (2019) 374: “Whereas dialogues on data protection and trade negotiations must follow different tracks, they can complement each other. “ 3 http://trade.ec.europa.eu/doclib/docs/2018/july/tradoc_157130.pdf 4 https://trade.ec.europa.eu/doclib/docs/2018/december/tradoc_157570.pdf; Text of the EU Commission's proposal for a free trade agreement with Australia. The texts proposed for the negotiations with New Zealand, Indonesia and Chile are similar.
- The obligation to use computer equipment or network elements within the territory of the trading partner;
- provisions that would require the localisation of data in the other party's territory for storage or processing;
- prohibition of the storage or processing of data in the territory of the other party;
- prohibition from making the cross-border transfer of data dependent on the use of data processing facilities or network elements located in the territory of the party, or on the localisation requirements in the territory of the party.
Should similar trade-restrictive measures be added at a later stage, for example because they were developed or introduced at a later stage, they would not be covered by the ban, as they are not included in the exhaustive list. The EU and its trading partners would then have to meet again and agree accordingly on the inclusion of the trade defence measure (Article 5(2)).
In addition, the EU's model chapter contains an exception for the protection of personal data and privacy. Each Party may therefore adopt "safe harbours" to protect personal data and privacy, even if these may be contrary to the above categories of cases.
Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP)
This agreement5 was signed by Canada, Australia, Brunei, Chile, Japan, Malaysia, Mexico, New Zealand, Peru, Singapore and Vietnam. The agreement between Canada, Australia, Japan, Japan, Mexico, New Zealand and Singapore entered into force on 30 December 2018. On 14 January 2019, Vietnam joined. The United States also initially joined the negotiating parties, but withdrew from the negotiations after Donald Trump's presidential election. The United States is therefore not part of this agreement.
In its chapter on electronic commerce, the agreement protects the cross-border flow of personal data and prohibits, in principle, government coercion to locate data (Article 14.13). With regard to the prohibition of data localisation and the freedom of data circulation, exceptions remain possible, in particular if the measure is necessary to achieve a legitimate public interest. In this context, a prohibition of discrimination and the principle of proportionality of the state measure apply.
USMCA – The FTA in North America between the U.S., Mexico and Canada (NAFTA 2.0)
The USMCA trade agreement6 between the US, Canada and Mexico, which entered into force on 1 July 2020, replaces NAFTA ("North American Free Trade Area"). The chapter on "digital trade" prevents restrictions on cross-border information transfer - with exceptions that are necessary for legitimate policy objectives (Article 19.11). As in the CPTPP area, the principle of non-discrimination and the principle of proportionality of the state measure apply.
The data localisation rules prohibit making the use of local computer facilities, or the establishment of such facilities, a condition of doing business in the country (Article 19.12). The Agreement does not provide for an exception to this rule. Therefore, the USMCA restricts national measures and laws more than the CPTPP.
5 https://www.mfat.govt.nz/assets/CPTPP/Comprehensive-and-Progressive-Agreement-for-Trans-Pacific-Partnership-CPTPPEnglish.pdf 6 https://ustr.gov/trade-agreements/free-trade-agreements/united-states-mexico-canada-agreement/agreement-between
BDI’s position on the approach of the EU, CPTPP und USMCA
EU FTAs must include comprehensive and ambitious chapters on digital commerce, including rules on data flows. The BDI therefore welcomes in principle the fact that such chapters are being negotiated. It is important that the EU maintains this course and that the rules are developed in a modern way.
The EU must create a regulatory framework that enables cross-border data flow and, at the same time, ensures that cross-border data flow is subject to the highest security standards. The EU should advocate strong standards for digital commerce worldwide, which go hand in hand with trade liberalisation. These chapters should remove the barriers to digital commerce, ensure cross-border data flow and minimise government-imposed data localisation.
In principle, the approach proposed by the EU seems somewhat rigid and inflexible. The list approach drawn up by the EU Commission does create a certain degree of legal certainty for the four groups of cases mentioned. However, technology is evolving rapidly, and the regulatory framework should be able to follow these rapid developments. The EU’s proposal only partially succeeds in doing this, as the legal adaptation provided for in Article 5 II may be slow, or even impossible. The review and renegotiation of the groups of cases provided for in Article 5 II depends on the goodwill and willingness to compromise of the contracting parties and may take a long time. It would make more sense if the EU's list of banned measures were not exhaustive (marked in the text, i.a., with "in particular") in order to cover similar trade disruptive measures which are comparable in their effect to the four groups of cases already mentioned. In order to provide the necessary legal certainty, it is important that the conditions for comparability are high, to avoid an unnecessary extension of the scope.
There is also a risk that the full regulatory freedom to protect personal data and privacy will mean that the agreements cannot be used effectively to prevent restrictions on cross-border data traffic and localisation constraints in the partner countries. Practically any restrictions could be justified on the pretext of these protective interests. Against this background, the BDI proposes this alternative wording for the exception for the protection of personal data and privacy in the EU model chapter:
- "State measures restricting the cross-border transfer of personal data,
- must not be arbitrary,
- must be proportionate
- and may not be used for purposes other than data protection".
Moreover, the texts from the USMCA and the CPTPP are older than the EU proposal. It would have been perfectly possible for the EU to use the Pacific texts as a basis for setting strong common standards in global fora. The BDI regrets that this did not happen.
If the regulations of these important economic areas cannot be clearly harmonised, the mechanisms underlying the texts should be interoperable, at least regarding minimum standards. In this respect, the BDI welcomes the fact that the G20 representatives have recognised this problem and in their "Osaka Declaration" of June 2019, expressly declare themselves in favour of these interoperable mechanisms in order to make cross-border data exchange as fluid as possible worldwide. The G20 countries should draw up a concrete work plan for this purpose and work hard to reach agreements to this effect.
However, the fact that the EU uses existing OECD and Council of Europe definitions for the definition of personal data is to be welcomed. Such an approach provides important clarity and avoids unnecessary complexity.
The data exchange rules in the USMCA and CPTPP are more flexible than the EU proposal. General principles of law (including the principles of arbitrariness and proportionality) are largely respected, which is positive. The two agreements are very similar, and in some cases identical, in terms of cross-border data transfer and data localisation issues. The agreements are finely balanced and clearly set out the principle and exception. Since German industrial companies are based in both North America and the Asia-Pacific Economic Area, and conduct business in the region, this is very important, particularly for reasons of legal certainty.
The multilateral level of trade policy – the WTO
At WTO level, there are numerous legal instruments dealing with trade policy issues related to the data economy. These include in particular the WTO Agreement on Trade Facilitation (WTO TFA), the WTO Agreement on Trade in Services (GATS), the customs moratorium on electronic transmissions and the WTO Agreement on Information Technology (ITA). Apart from the WTO TFA, which was agreed by WTO members in 2013, all WTO agreements falling into the category described above were negotiated in the early 1990s. Given the mass of data that circulates worldwide today, and its economic importance , the question therefore arises whether these WTO agreements are sufficient.
WTO members have recognised the problem and launched a working programme on e-commerce in 1998.7 Even though the WTO puts e-commerce on the agenda of every ministerial conference, unfortunately little progress has been made so far. Consequently, many WTO members have focused on the bilateral and plurilateral or regional initiatives described above in order to develop, in a small circle, trade policy instruments which can provide viable solutions for the data economy, particularly in the field of e-commerce.
In addition, since the second WTO Ministerial Conference in 1998, there has been a WTO moratorium on the non-customs clearance of data transfers (electronic transmissions) across national borders. This moratorium has so far been extended in good time every two years and will now apply until the next (twelfth) Ministerial Conference.8 The conference was supposed to have taken place in June 2020, but has now been postponed for an indefinite period (probably until summer 2021) due to the COVID-19 pandemic. If the agreement is not renewed by the WTO General Council, new burdens and conflicts in world trade could arise. Customs clearance would be complex, costly for business and consumers and politically controversial. In addition, the European Centre for International Political Economy (ECIPE) concludes in a study9 from 2019 that the benefits of a state through customs revenues on data flow would be turned into a financial disadvantage through a decline in economic performance. For these reasons, the BDI and international business associations such as the International Chamber of Commerce (ICC) are in favour of agreeing a permanent exemption from customs duties on electronic data transfers. This would create confidence and planning security for business and consumers and put a stop to protectionism.
After a ban on customs clearance of data transfers was already included in 59 bilateral and regional free trade agreements according to an ICC investigation, plurilateral progress on e-commerce was made at WTO level in January 2019. The EU and 48 other members, including China and the United States, have set themselves the objective of deepening cooperation on e-commerce and achieving
7 https://www.wto.org/english/tratop_e/ecom_e/ecom_e.htm 8 https://www.wto.org/english/news_e/news19_e/gc_10dec19_e.htm 9 https://ecipe.org/publications/moratorium/
