Book Symposium The Electronic Silk Road: New Trade Rules for Cross-Border Flows of Information?

[Joost Pauwelyn is Professor of International Law at the Graduate Institute of International and Development Studies in Geneva]

The Electronic Silk Road is a fantastic read, literally bridging Bangalore with Silicon Valley, showing us how the activity of trade has dramatically changed and how these changes require us to think about “Trade 2.0” rules.  Prof. Chander discusses both private and public law issues, domestic and international rules.

I want to focus my comments on international trade law rules, of the WTO type, that is, the rules imposed by treaty on governments, which generally prevent governments from doing certain things (e.g. prevent them from restricting trade or enacting domestic laws that discriminate against foreigners). When discussing “rules” and the internet, internet companies get nervous: they assume that the rules will limit them and thereby limit innovation.  The rules I am talking about here are limiting what governments can do and, in general, are there to protect or enable (not restrict) internet-reliant companies.  Although Silk Road describes in detail what has changed and sets out basic principles as to how rules could respond to these changes, I was, at times, missing a level of detail allowing us to make progress on the ground.

I see two main types of governmental actions that need curtailing by trade rules. First, governments restricting the flow or storage of data across/outside their territorial borders (e.g. a country requiring that Google or Citibank store all of its data within the country, or a country stopping or censoring the flow of information/network connection coming from/going abroad).  Second, governments taking, or eavesdropping on, information stored or transferred by companies or individuals in (or even outside) their territory (e.g. a country forcing Facebook to hand over certain data or “spying” on data transferred over the internet).

Are today’s WTO rules able to reign in these two types of government interventions with the toolbox of either rules on “trade in goods” or “trade in services”?  Prof. Chander calls for two broad principles: technological neutrality and dematerialization, both basically stating that governments should, in principle, not make a distinction between trade that happens online (brick & mortar) and trade that happens offline.  To this one could add current WTO obligations of transparency and publication of governmental measures:  openness and clarity in and of themselves can be powerful incentives for more reasoned policy-making (be it forcing China to be clearer, more rational about its censorship policy, or forcing the US NSA to be upfront with the criteria it operates under; both, of course, to the extent these policies affect foreign trade).

The first question is, however, whether with many of the data transfer/intervention measures referred to above, we are still speaking of a “good” or a “service” (or rather an entirely new class of “things” namely “information”) and, even if so, whether any “trade” in that good or service is occurring (for example, in most cases, the consumer of the data, say, a person doing a search on Google or taking a MOOC on Coursera, is not directly paying anything for this data)?  Of course, we could try to reframe the governmental intervention as something that, in any event, “affects” the supply of a good or a service upstream or downstream (e.g. restricting Google can translate in an upstream restriction on trade in advertising services or a downstream restriction on the online sale of garden furniture or education services).  We could also argue that although no cash is paid for the data, some exchange/supply or consideration is at play:  GATS defines “trade in services” as “the supply of a service” with cross-border elements (four modes), further defining “supply” as something that “includes the production, distribution, marketing, sale and delivery of a service”, so that payment does not seem a prerequisite.  But will these attempts to “square a circle”, i.e., reshape new internet problems using old WTO classifications, be able to capture the essential and solve the problems on the ground?  Do we need cross-cutting, general principles on “cross-border flows of information” (as in the 2011 EU-US Trade Principles for ICT Services) or will the sector-specific, positive list approach in, for example, GATS suffice to foster ICT innovation?  I doubt that the latter can be the case …

The second question is whether Prof. Chander’s principles of technological neutrality/dematerialization are already encapsulated in today’s WTO rules and jurisprudence, as he seems to believe.  At p. 155, for example, he writes that

“to demand higher standards for electronically provided services than services delivered in person is to engage in outright discrimination. Such discrimination would likely violate the GATS national treatment commitment because foreign suppliers would be at a natural disadvantage in supplying face-to-face services because they are less likely to have representatives on the ground”.

This was, indeed, Antigua’s original claim in the US-Gambling dispute, a claim of discrimination between online gambling services from Antigua and domestic brick and mortar gambling supplies in e.g. Las Vegas.  But that is, however, not how the WTO pursued the case.  Instead of comparing (foreign) internet suppliers to (local) brick and mortar suppliers (and asking whether they are, for regulatory purposes, “like”), if anything, the Appellate Body only compared foreign as against domestic internet suppliers (under the GATS Art. XIV public morals exception).  Rather than being technologically neutral, the underlying assumption was almost that online and offline gambling are by nature very different (one raising public morals concerns, the other not).  It is this type of categorical assumption that Prof. Chander rightfully attacks.  Take another example:  Australia is certainly correct to worry about the privacy of the health information of its citizens.  But to ban storage of this information abroad, merely because it is abroad, is hardly the right response.  Companies within Australia may be extremely bad at securing privacy; conversely, the most secure and cost-effective system to protect privacy may well include some storage or occasional transfer of the data abroad, e.g., in Switzerland.  It is not a matter of online or offline, or within or outside a country’s territory.  What must be looked at is the objective aimed at and how to achieve this objective (is the measure/restriction “necessary”, the “least trade restrictive” to achieve a country’s goal or are there “less trade restrictive” alternatives that can achieve or even surpass that goal?).  If not, it is too easy to fall into the next generation of protectionist policies.  Brazil’s outcry and reaction to the NSA spying scandal (“let’s keep all our data inside Brazil, set up our own internet or build direct fiber cables between Brazil and the rest of the world, bypassing the US) is another example.  Better to find ways to protect data or to agree on rules or procedures between countries than to spend billions on setting up “territorial schemes” which are not a guarantee either and can be very inefficient.

At p. 171, Prof. Chander addresses the crucial question of “where does an event in cyberspace occur”:  “Is the provider, like a foreign sales representative, traveling (virtually) crossborder into the country of the consumer? Or is the consumer, like a tourist aboard a cruise ship, traveling (virtually) to the country of the provider?”.  On his view, the WTO has opted for the former approach (supplier virtually traveling abroad):  “In the case of United States—Gambling … the WTO Appellate Body presumed without discussion that offering online gambling services is the equivalent of the provider traveling crossborder”.  To the extent the WTO thereby agrees that the country of destination/consumption (here, the United States) can regulate the activity, this is correct and important.  Yet, in “trade in services” lingo, supplying gambling services online from Antigua to a consumer in the United States is a “mode 1 cross-border supply”: the fiction is not that the “provider travels crossborder” but rather that “the supplier” stays in Antigua (the company is incorporated there, and has no branch in the US) and that it is “the service” that crosses the border from Antigua into the United States (although placing a bet in the US may not involve any cross-border data transfer with Antigua).  Again, the way trade in services agreements (be it GATS, services chapters in FTAs or the plurilateral TISA under negotiation) classify “trade in services” remains very much linked to the idea of physically supplying a service from one country to one other country, with either “the service” crossing the border (mode 1), the consumer physically traveling to the place where the supplier is located (mode 2) or the supplier setting up a physical “commercial presence” (mode 3), or sending a “natural person” (mode 4), to the country of consumption.  This focus on the physical is a far cry from the “dematerialization” that Prof. Chander calls for.  Bottom line:  will we really be able to address today’s governmental interventions restricting the internet within the existing WTO-inspired, pre-internet frameworks, or do we need new horizontal rules & exceptions on “cross-border flows of information”?