Data sovereignty
This article needs additional citations for verification. (November 2017) |
Data sovereignty is the idea that data are subject to the laws and governance structures of the nation where they are collected. The concept of data sovereignty is closely linked with
History
The
Another instance that put data sovereignty in the news was a case between
Indigenous context
Discussions of
In New Zealand, Te Mana Raraunga, a
In Canada, Gwen Phillips of the
National data sovereignty measures
Canada has enacted various data sovereignty measures, primarily on the storage of Canadian data on Canadian servers. As part of Canada's IT strategy for the years 2016–2020, data localization measures were discussed as a way to uphold citizens' privacy.[19] By using Canadian servers to store Canadian data as opposed to American servers, this would safeguard Canadian data from being subject to the US Patriot Act.[8] In 2017, it was discovered that Shared Services Canada and the Communications Security Establishment were "exploring options for sensitive data storage on U.S.-based servers" with Microsoft".[20]
Also in 2016, the EU Parliament approved its own data sovereignty measures within a General Data Protection Regulation (GDPR).[21] This regulatory package homogenizes data protection policy for all European Union members. It also includes an addendum that establishes extraterritorial jurisdiction for its rules to extend to any data controller or processor whose subjects are EU citizens, regardless of the location the holding or processing is conducted. This forces companies based outside of the EU to reevaluate their sitewide policies and align them with another country's law. The GDPR also effectively replaced the 1995 European Data Protection Directive[22] that had originally established the free movement of personal data between member state borders, and in doing so granted interoperability of such data among nearly thirty countries.
Criticism
A common criticism of data sovereignty brought forward by corporate actors is that it impedes and has the potential to destroy processes in cloud computing.[23] Since cloud storage might be dispersed and disseminated in a variety of locations at any given time, it is argued that governance of cloud computing is difficult under data sovereignty laws.[23] For example, data held in the cloud may be illegal in some jurisdictions but legal in others.[2]
Some scholars have presented the argument that data sovereignty involves the authority of the state being able to control data. This excessive power that the state and a few large corporations hold, due to their direct influence over data resources, can undermine the security of data sovereignty.[24]
According to economist and political scientist Professor Susan Ariel Aaronson, founder and director of the Digital Trade and Data Governance Hub at George Washington University,[25] "some governments are seeking to regulate the commercial use of personal data without enacting clear rules governing public sector use... The hoarding of data by nations or firms may reduce data generativity and the public benefits of data analysis."[26]
See also
- Cybersecurity
- Data governance
- Data localization
- Digital inclusion
- Digital self-determination
- Information privacy (data protection)
- Legal aspects of computing
- Network Sovereignty
- Privacy
- Privacy law
References
- ^ Maurer, Tim; Morgus, Robert; Skierka, Isabel; Hohman, Mirko (November 2014). "Technological Sovereignty: Missing the Point?" (PDF). digitaldebates.org.
- ^ S2CID 261812714.
- ^ Chander, Anupam; Sun, Haochen, eds. (2024). Data Sovereignty: From the Digital Silk Road to the Return of the State. Oxford, United Kingdom: Oxford University Press.
- ^ "Gilmore, David, DataFleets, "Google Scrapped Cloud Initiative in China, Other Markets", Bloomberg News". Bloomberg News. 8 July 2020.
- ^ Kukutai, Tahu, and John Taylor. Indigenous Data Sovereignty: Toward an Agenda. ANU Press, 2016.
- ISSN 0261-3077. Retrieved 28 November 2017.
- ^ a b Kelion, Leo (25 June 2013). "Q&A: NSA's Prism internet surveillance scheme". BBC News. Retrieved 16 November 2017.
- ^ a b c "USA PATRIOT Act Comprehensive Assessment Results". Treasury Board of Canada Secretariat. 28 March 2006.
- ISSN 0261-3077. Retrieved 30 November 2017.
- ^ Marks, Joseph (8 September 2015). "Can the US demand emails stored in Ireland?". Politico. Retrieved 30 November 2017.
- ^ ISSN 0261-3077. Retrieved 30 November 2017.
- ^ Frank, John (5 September 2016). "Our search warrant case: Microsoft's commitment to protecting your privacy". EU Policy Blog. Microsoft. Retrieved 30 November 2017.
- ^ "Microsoft drops lawsuit after U.S. government revises data request transparency rules". venturebeat.com. VentureBeat. Reuters. 24 October 2017. Retrieved 30 November 2017.
- ^ Woollacott, Emma. "Microsoft Drops Lawsuit As DoJ Reins In Use of Gagging Orders". Forbes. Archived from the original on 24 October 2017. Retrieved 30 November 2017.
- hdl:10150/624737.
- ^ )
- ^ "Te Mana Raraunga – Māori Data Sovereignty Network Charter" (PDF). Te Mana Raraunga.
- . Retrieved 16 November 2017 – via YouTube.
- ^ Treasury Board of Canada Secretariat (13 June 2016). "Government of Canada Information Technology Strategic Plan 2016-2020". canada.ca. Retrieved 16 November 2017.
- ^ Beeby, Dean (8 September 2017). "Canadian agencies discuss US 'cloud' storage of sensitive data with Microsoft". CBC News. Retrieved 30 November 2017.
- ^ "What is GDPR Hosting and How Will it Impact Your Website?". Verpex. Retrieved 17 August 2021.
- ^ Directive 95/46/EC of 1995-10-24 of the European Parliament and of the Council Directive on the protection of individuals with regard to the processing of personal data and on the free movement of such data
- ^ a b Ettling, Mike (26 December 2015). "The Cloud's Biggest Threat Are Data Sovereignty Laws". TechCrunch. Retrieved 16 November 2017.
- ISSN 1754-4750.
- ^ "Our Team Susan Ariel Aaronson" Archived 2022-09-30 at the Wayback Machine Institute for Data, Democracy & Politics, School of Media and Public Affairs, The George Washington University. Retrieved September 30, 2022.
- ^ Aaronson, Susan (3 August 2021). "Data is disruptive: How data sovereignty is challenging data governance". Hinrich Foundation. Retrieved 4 January 2022.