Businesses engaged in international trade depend on digital networks to manufacture products, manage global value chains, and provide cutting-edge services. Many of these services are today provided via globally distributed cloud computing platforms. In a recent report, the U.S. International Trade Commission (ITC) found that in 2015, 70 percent of all global Internet traffic went through cloud data centers – a more than twofold increase since 2011. Firms of all sizes across all sectors are leveraging cloud computing to enable machine learning, drive the Internet of things, and achieve the efficiencies necessary to compete in a global economy. Meanwhile, global e-commerce, which the ITC defines as the sale of goods and services over the Internet, is now worth $28 trillion, increasing by 44 percent over the past five years; business-to-business e-commerce makes up more than 86 percent of this total global e-commerce value.
But digital trade is under threat from a growing number of laws and regulations that block the flow of data across borders, impede the provision of services such as cloud computing, or otherwise restrict the ability of firms to take advantage of best-in-class digital services. Some of these government actions are explicitly protectionist, while others impose unnecessary burdens on digital trade in seeking to address legitimate public policy goals.
In December 2017, the United States joined 70 other WTO Members in initiating exploratory work on possible future negotiations on these issues. The Trump Administration intends to use these discussions as a valuable forum to develop commercially meaningful rules that address restrictions on digital trade, and will work with like-minded WTO Members who share the Administration’s interest in moving forward on digital trade issues within the WTO.
The key barriers to digital trade identified in the 2018 NTE include:
- China’s Restrictions on Cross-Border Data Flows and Data Localization Requirements: China’s 2017 Cybersecurity Law and 2015 National Security Law prohibit or severely restrict routine cross-border transfers of information and impose data localization requirements on companies in “critical information infrastructure sectors.”
- China’s Restrictions on Leased Lines and VPNs: In 2017, China issued a circular that imposes severe restrictions on the use of leased lines and virtual private networks (VPNs), which are commonly used in the course of supplying a wide range of services to ensure the security and confidentiality of information transferred across borders.
- China’s Cloud Computing Restrictions: China severely restricts investment in cloud computing services, which affects companies that supply cloud computing services and those that need to source such services. In addition, the 2017 circular on leased lines and VPNs effectively prohibits the use of leased lines and VPNs in providing cloud computing services on a cross-border basis.
- China’s Web Filtering and Blocking: China continues to engage in extensive blocking of legitimate websites. China currently blocks 12 of the top 30 global sites and up to 3,000 sites in total, affecting billions of dollars in potential U.S. business.
- EU Member States’ News Aggregation Fees: Certain European Union Member States have instituted measures that require online aggregation services—platforms providing news text and images excerpted from linked sources—to remunerate or obtain authorization from the original sources for the use of such content. These measures impose financial and operational burdens on U.S. firms that help drive traffic to publishing sites.
- Indonesia’s Data Localization Requirements: Indonesia requires providers of a “public service” to establish local data centers and disaster recovery centers in Indonesia. Other regulations require local storage and processing of certain personal data and financial data.
- Indonesia’s Barriers to Internet Services: In 2017, Indonesia proposed new regulations that would require providers of “over the top” (OTT) services to register with the government, identify permanent local representatives, and open bank accounts in Indonesia. The proposed regulations include a broad definition of OTT services that may cover every service provided via the Internet.
- Indonesia’s Tariffs on Digital Products: Indonesia is reportedly moving forward with plans to impose duties on digital products such as digital music, e-books, and apps. Imposition of duties on digital products would likely raise concerns regarding Indonesia’s longstanding WTO commitment—renewed on a multilateral basis in December 2017—not to impose duties on electronic transmissions.
- Korea’s Restrictions on Cross-Border Transfer of Location-Based Data: Korea restricts the export of location-based data, disadvantaging international suppliers that incorporate services such as traffic updates and navigation into their products. Korea is the only market in the world that USTR is aware of maintaining such restrictions.
- Nigeria’s Data Localization Requirements: Nigeria requires businesses to store all data concerning Nigerian citizens in Nigeria. Nigeria also requires businesses to host all government data locally unless officially exempted. These requirements discriminate against foreign businesses that distribute their data storage and processing globally.
- Russia’s Data Localization Requirements: Russian law requires that certain data on Russian citizens collected electronically by companies be processed and stored in Russia. Many U.S. companies face a choice between withdrawing from the Russian market and operating under significant legal uncertainty.
- Thailand’s Web Blocking: Thailand recently expanded its authority to regulate online content, and, over the past year, the Thai government has greatly increased the number of social media posts that it has blocked. The new rules afford no mechanism for appealing or otherwise challenging these decisions.
- Turkey’s Data Localization Requirements: Turkey limits transfers of personal data out of Turkey and, in many cases, requires firms to store data on Turkish citizens within Turkey. A separate law requires all suppliers of electronic payment services, including those that are Internet-based, to maintain primary and secondary information systems within Turkey.
- Vietnam’s Restrictions on Online Advertising: Vietnam requires advertisers to contract with a local services supplier as a condition of placing advertisements on foreign websites targeting Vietnam. This requirement is burdensome and impractical, given that the online advertising market typically functions through automated, real-time auctions for ad space.
- Vietnam’s Data Localization Requirements: Vietnam is currently debating a draft law on cybersecurity that contains many provisions that could serve as barriers to digital trade, including data localization rules and requirements to obtain consent to transfer personal information across borders. Such requirements place extra burdens on foreign firms operating in Vietnam.