2nd Place, High School Essay Contest 2022
From 1999 to 2019, the world underwent a 1125% increase in the percent of the global population using the internet[1].This usage has allowed global society to become increasingly globalized, giving individuals the ability to shop, browse, and watch international content in a blink of an eye. Through the devices that they now spend hours a day on, billions of people around the world unwittingly share tremendous amounts of personal information ranging from details such as favorite type of red cotton shirt to more private information such as credit card and sexual orientation[2].This covert collection of information (though extremely valuable for corporations as well as governmental entities looking to identify customers and surveil a population) raises fundamental human rights concerns about privacy in the digital age. Furthermore, in a world undergoing rapid globalization, it is hard to ensure data privacy when each country has different regulations (if any) regarding data collection. Though previously covered by the UN Conference on Trade and Development (UNCTAD), this topic has grown to encompass more sectors than the entity can cover; it has become a question of national sovereignty, economics, country development, and human rights[3]. Thus, to adequately tackle this pressing issue, a multilateral institution must be formed to set universal norms regarding data collection and address any nation-to-nation discrepancies surrounding user privacy.
Currently, 71% of countries have some sort of legislation regulating the protection of data[4]. Though this number seems quite high, it is not representative of the inconsistencies in regulation across the world. In Africa and Asia, only 61% and 57%, respectively, of nations have any sort of data privacy laws. Similarly, in the least developed countries, the number drops to a staggering 48%[5]. This makes sense: countries where digital access is limited primarily to those who profit from data collection (governments and businesses) will have less of a need to regulate (as regulations can correlate with a disincentive to invest[6]). However, as these entities work towards development, their constituency will have more and more access to an unregulated platform. Structures and supports will have to be created to protect a population’s private information without disturbing economic growth. This is a tricky line to toe, but it has been done before. The European Union’s General Data Protection Regulation (GDPR) is the most effective example; by enforcing extreme fines on any violator of the GDPR, the dense legislature entices corporations and governments to comply with it at the risk of losing a valuable sector[7](some reports listing this as a loss of billions of dollars in economic activity[8]). However, the GDPR is not a one-size-fits-all model as it relies on companies’ interest in an already-wealthy consumer base. How, thus, can effective data privacy laws apply to countries with different levels of economic influence?
Even with national regulations in countries undergoing all stages of development, country-to-country inconsistencies remain a major issue in the fight for data privacy. Either willingly or unwillingly, countries can isolate themselves from the global market or, on the contrary, become much more aggressive. In 2017, both China and Russia passed data privacy legislation that at once prioritized domestic industries at the expense of international corporations while also creating a loophole through which said-domestic industries could access American consumer data[9]. The US’s reliance on state data privacy regulations instead of federal regulations created inconsistencies between regions that these foreign governments could take advantage of[10]. Though increased regulations on data collection will generally help protect the fundamental right of privacy for global citizens, inconsistencies like these are unproductive and can lead to international disputes, loopholes, as well as distrust in government data laws.
A multilateral body is needed to address all of these concerns, set a universal standard by which countries will base their data privacy laws, and regulate the development of the issue.
As an international body, this entity will have one delegation from every participating country. (Much like the UN, countries will be expected to join or face avoidable complications such as tariffs as well as loss of input in international forums.) As shown by the attempted implementation of the GDPR in national legislatures around the world, universal standards must be made with all types of countries in mind; if not, they will not be enforceable across populations with different levels of internet usage (ultimately defeating their purpose)[6]. Having every country equally represented will allow discussions to avoid being centered around global superpowers, but rather engage underdeveloped and developing countries’ perspectives as well. Alongside this, equal representation will allow the global community to fairly deal with conflicts that arise in this domain. Therefore, when an American company violates a foreign law, in the case of Amazon’s 2021 violation of the GDPR[11], or Russian hackers attempt to steal Dutch data[12], tensions will be assuaged quickly.
In the discussion of universal laws, mandates, and even standards, the complicated rebuttal of state sovereignty is oftentimes brought up[13]. This new entity will draw influence from its ability to appease members’ concerns regarding this by only establishing certain criteria countries have to meet to be considered adequately safe and certain recommendations to solving global conflict. After global and equitable discussion, the new entity will create general standards by which member states must follow; however, it will not draft legislature for the states, address country-specific nuances, nor decide how to implement these standards. As such, member states will have adequate control over data privacy in their country (respecting their sovereignty) while also making the globe a more humane place.
As the internet develops rapidly, the world needs structures in place to develop with it. A multilateral institution dedicated to the most important concern this causes, privacy violations, is needed to usher the countries of today into a more equitable and secure future.
Works Cited:
Cooper, Anderson. “Yuval Noah Harari on the Power of Data, Artificial Intelligence and the Future of the Human Race.” CBS News, CBS Interactive, 2021, www.cbsnews.com/news/yuval-noah-harari-sapiens-60-minutes-2021-10-31/.
Crerar, Pippa, et al. “Russia Accused of Cyber-Attack on Chemical Weapons Watchdog.” The Guardian, Guardian News and Media, 4 Oct. 2018, www.theguardian.com/world/2018/oct/04/netherlands-halted-russian-cyber-attack-on-chemical- weapons-body.
“Data Protection and Privacy Legislation Worldwide.” UNCTAD, 2021, unctad.org/page/data-protection-and-privacy-legislation-worldwide.
Hosein, Gus. “Privacy and Developing Countries.” Office of the Privacy Commissioner of Canada, 28 Mar. 2013, www.priv.gc.ca/en/opc-actions-and-decisions/research/explore-privacy-research/2011/hosein_20 1109/.
Leggett, Theo. “Amazon Hit with $886M Fine for Alleged Data Law Breach.” BBC News, BBC, 30 July 2021, www.bbc.com/news/business-58024116.
McCann, et al. The Cost of Data Inadequacy – University College London. UCL European Union, 2020, www.ucl.ac.uk/european-institute/sites/european-institute/files/ucl_nef_data-inadequacy.pdf.
National Counterintelligence And Security Center. Foreign Economic Espionage in Cyberspace. Director of National Intelligence, www.dni.gov/files/NCSC/documents/news/20180724-economic-espionage-pub.pdf.
Pisa, Michael, et al. “Why Data Protection Matters for Development: The Case for Strengthening Inclusion and Regulatory Capacity.” Center For Global Development, 6 Dec. 2021, www.cgdev.org/publication/why-data-protection-matters-development-case-strengthening-inclus ion-and.
UN Conference on Trade and Development. “Data and Privacy Unprotected in One Third of Countries, despite Progress.” UNCTAD, 2020, unctad.org/fr/node/2393.
UN Sixth Committee. “Developing Rule of Law at National Level Falls under State Sovereignty, Speakers Tell Sixth Committee, as Debate Continues | Meetings Coverage and Press Releases.” United Nations, United Nations, 2018, www.un.org/press/en/2018/gal3570.doc.htm.
Wolford, Ben. “What Is GDPR, the EU’s New Data Protection Law?” GDPR.eu, gdpr.eu/what-is-gdpr/.
The World Bank. “Individuals Using the Internet (% of Population).” Data, 2020, data.worldbank.org/indicator/IT.NET.USER.ZS.
References:
[1]The World Bank
[2]Cooper
[3]Hosein
[4]UN Conference on Trade and Development [5]UN Conference on Trade and Development [6]Pisa, Nixon, Nwankwo
[7]GDPR.EU
[8]McCann, Patel, Ruiz
[9]National Counterintelligence and Security Center [10]Blunt
[11]Leggett
[12]Crerar, Henley, Wintour
[13]UN Sixth Committee