It is 2022 and data protection continues to be a major issue in business. For companies operating in multiple jurisdictions, there are key trends that will be important for them to keep in mind.
The growing call for international data protection collaboration
In 2021, the U.K. government proposed reforms on data protection law in its recent “Data: A New Direction” white paper, while China’s Personal Information Protection Law came into force.
Rwanda became the third East African country to get a data protection law after Uganda and Kenya. In the U.S., many states are developing their own data privacy laws, such as with the California Consumer Privacy Act.
While this progress is commendable, we have to agree that a nation-by-nation approach can only take us so far. The future is in global laws and standards for data protection.
Data sovereignty in an increasingly global technology world
Despite the need for more cross-border transfers, nations are still putting up barriers to international data transfers. This can be seen through the idea of “adequacy,” which originates from the European Union. An adequate jurisdiction is one that the EU considers to be providing an equivalent level of data protection to the level that EU legislation offers. Such a jurisdiction benefits from the free flow of data in and out of the EU.
Countries deemed inadequate must implement safeguards like standard contractual clauses (SCCs), instead. No African country has ever been handed adequacy and they also seem to want to keep personal data within their borders. This trend is dangerous since there are many countries in Africa that are working on their data protection laws and they will include data localisation provisions just like Rwanda and Kenya.
Regulation of emerging technologies
The regulation of emerging technologies, such as AI, machine learning and facial recognition
technology will be a huge priority for players in data privacy and cybersecurity. With big technology companies such as Meta investing in the Metaverse, it won’t be long before calls for their regulation pops up.
Role of regulators in the age of global technological innovation
Now more than ever is the role of regulators becoming crucial. Regulators are expected to be pro-growth and pro-innovation. They should execute their mandate while keeping in mind principles such as public safety, economic growth and competition. A wider and pro-innovation mandate by regulators may make international data flows easier. Regulators should consider collaborating with peers from other countries much more.