Home / Blogs

Are the TISA Trade Talks a Threat to Net Neutrality, Data Protection, or Privacy?

Nick Ashton-Hart

On December 17th a US proposal for online commerce in a major trade negotiation, the Trade in Services Agreement ("TISA")1 leaked. A flurry of press releases and opinion pieces claim that TISA is a threat to the Internet. The headlines are lurid: "TISA leak: EU Data Protection and Net Neutrality Threatened" and "Leaked TISA text exposes US threat to privacy, civil rights". Yet the authors of these screeds are far removed from the negotiations and not actively following them; their comments generally assume the 8-month-old text from one country is a reliable base to use to make assumptions about the end result of unfinished negotiations involving more than 40 countries. Because I've spent years in Geneva regularly meeting with and advising negotiators on the networked economy2 I have a very different perspective. Frankly, I believe most commenters have got the main issues wrong and largely missed the significance of the worst feature of the proposal — the extremely broad national security exception.

Assertion 1: The US (and/or TISA itself) is out to undermine privacy protections worldwide. This is based on the assumption that because the leaked proposal doesn't provide safeguards for data protection the US doesn't want any in TISA.

It was agreed more than two years ago3 that TISA would be a "GATS+"4 or "GATS 2.0" agreement and would 'carry forward' that agreement's exceptions5, which allow countries to preserve their right to deal with data protection/privacy, national security, and the like to ensure that national law in these areas is not inadvertently overridden by world trade agreements. If TISA were to provide anything contrary to GATS it could result in cases against TISA countries in the dispute settlement system6 of the WTO. There's no way any country would put themselves in that position.

Why didn't the US include all the exceptions in the proposal? That's for them to say but an obvious answer is that given the above they didn't need to.

I can tell you the approach TISA will take on privacy is far from settled. Some countries believe that TISA should just mutually recognise that whatever privacy protections parties have is accepted as adequate by the others.7 Others are not satisfied with that approach and are looking for more positive privacy provisions.8

Assertion 2: The obligations the US proposes on data and hardware localisation and the free flow of data undermine consumer rights, privacy and data protection.

The proposal would make unrestricted free flow of data obligatory and ensure countries may not oblige network infrastructure, servers, or data to be hosted locally nor block services from other countries except in limited circumstances. Commentators make various arguments against this but they miss the context: This was the first truly detailed proposal made in TISA related to online commerce and was made before provisions in many areas of TISA was even close to final. That means all the other countries would know this was a starting, not an ending, position; "horizontal" provisions like this are always subject to changes as the 'sectoral'9 chapters are finalised.

I think the right question to ask is: Are these principles the right place to start? I believe they are for many reasons, but lets take just one: free expression and civil liberties.

Commentators have suggested the proposal would undermine both because countries can better protect their nationals' data if it is kept locally. However, data security is not defined by geography but by legal protections and the sophistication of the software, hardware, and procedural mechanisms that secure it. Would you rather have your data hosted in China, or Switzerland?

Freedom House's 2014 edition of their "Freedom on the Net” report highlights local hosting requirements as one of the biggest threats to users and increasing regulation of online media as a key reason for the decline in Internet Freedom.

Free flow of data benefits trade10 but also everyone else. Why wouldn't we want to set a precedent that data should flow openly by default and hardware and network infrastructure should be sited where best able to ensure network efficiency, and then look at the scenarios where that default position should be amended?11

Assertion 3: The US offer endangers net neutrality

This is based upon the US proposal conditioning access to online services and applications is "… subject to reasonable network management..."12 which is assumed to mean the US wants to undermine network neutrality. The argument has three flaws:

  1. The US has yet to decide internally on net neutrality so nobody should be surprised it didn't propose one 8 months ago.
  2. 'Reasonable' as a term has meaning in the trade context as in international law more broadly;13 it is no blank cheque;
  3. As engineers will tell you, network management does not equal net neutrality.14

The net neutrality debate is quite mature in the US but in much of the rest of the world it is just getting underway.15

Assertion 4: The US is the world's most powerful country, therefore what it proposes will be agreed

This idea is always popular and while it might have been largely true for part of the last century — and I'm quite sure US negotiators would love for it to be true today — it isn't, especially in a negotiation with many countries involved. The largest economy in the negotiations is the EU, not the US.

The Real Problem: The proposed national security exception.

I was deeply disappointed to see that the criticism of the US proposal mostly misses what I see as its worst feature: the very broad national security exception. I heard negative feedback from TISA countries within days of them receiving the proposal — and was given to understand that the exception so broad it makes all commitments on the Internet optional.16 Trade agreements always have a national security exception but the trend is for them to keep expanding, primarily due to US insistence.17 Countries are increasingly resorting to digital protectionism18 using national security as the rationale, in large part reacting to the Snowden revelations. Proposing a broad exception is a strategic mistake, not just for trade, but for free expression and human rights online more broadly.

Moving forward

I believe that trade policy can play a profoundly beneficial role in protecting a permissionless-innovation and human-rights centric Internet. The great tragedy is the debate on such critical issues is driven largely by suspicion and doubt because it is based on a leak instead of a more open discussion of the concepts the leaked proposal contains. Doubly unfortunate is that US trade officials won't be able to comment on their proposal because if they were to do so they'd be breaking federal law, risk being fired, and could face prosecution with penalties that could include a prison sentence.19 Similarly, the other countries won't discuss the proposal publicly either because the US considers the proposal so secret. This is all ludicrous. Such extreme secrecy is as obsolete as it is counterproductive: look at Switzerland, who publish their trade offers in a timely manner for all to see20 without it constraining their freedom to negotiate extensive free trade agreements worldwide.

Perhaps on the need for a fundamental rethink of secrecy in trade talks we will find one thing we can all agree on.

1 The most complete description of TISA, its structure, and the negotiating path is from the Swiss State Secretariat for Economic Affairs (SECO) in 4 languages at http://www.seco.admin.ch/themen/00513/00586/04996/index.html?lang=en. Switzerland is also refreshingly open about its positions; you can retrieve their TISA proposals at the bottom of the page.

2 Though always couched so as to avoid being accused of violating confidences (which can make conversations maddening, surreal, amusing — and sometimes all three at once).

3 And has been widely acknowledged in interviews and public statements by the negotiating states. For an excellent overview of what several trade Ambassadors in Geneva think of TISA, as well as a good overview of how TISA came about and why, a video of a presentation on TISA at an ICTSD event makes good viewing: https://www.youtube.com/watch?v=uBYDNZVmYR4#t=36m10s.

4 GATS is the General Agreement on Trade in Services, part of the WTO agreements. The text is online here: http://www.wto.org/english/docs_e/legal_e/26-gats_01_e.htm. The exceptions referenced are in Articles XIV and XIVBis.

5 See supra note 4.

6 A form of international court that allows parties to the WTO agreements to seek redress on other countries that breach their obligations. Its decisions are binding. More information is here: http://www.wto.org/english/thewto_e/whatis_e/tif_e/disp1_e.htm.

7 Use of a GATS-like exception would be a key element of this approach. Whatever you may think of this approach — which is the one most of industry supports, for what it is worth — it has a long pedigree. An excellent overview of the exceptions and their use in disputes in trade law for non-specialists can be found on the Social Science Research Network, A. Mitchell and D Ayres, "General and Security Exceptions Under the GATT and the GATS," 2011, http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1951549.

8 On 27th November the US sent a note to all WTO members proposing discussions on electronic commerce that explicitly include the importance of data protection, a suggestion made by another TISA country, Australia, as long ago as 2012 (DOC). A flavour of the interest of many TISA members in strong data protection can be easily seen in the summary of a WTO Trade in Services Council meeting in November 2012, here: https://docs.wto.org/dol2fe/Pages/FE_Search/DDFDocuments/98384/Q/S/C/M111.pdf

9 It is a feature of trade agreements like this that different 'sectors' have their own sections in the agreements. An example of a sector is 'Financial Services' or 'Professional Services' — and the leak has a section on the latter immediately after the US proposal which is separate from it.

10 For an analysis of the commercial damage data localisation requirements cause see "The Costs of Data Localisation: Friendly Fire on Economic Recovery," European Centre for International Political Economy (ECIPE), 2014 at http://www.ecipe.org/media/publication_pdfs/OCC32014__1.pdf.

11 For an excellent resume on the harms data localisation efforts and related proposals can do to the Internet, see "Technological Sovereignty: Missing the Point? An Analysis of European Proposals after June 5 2013", Transatlantic Dialogues on Security and Freedom in the Digital Age, 24 November 2014, at http://www.digitaldebates.org/tech_sovereignty/. A video recording of a panel discussion on the subject is available here: http://www.newamerica.net/events/2014/digital_borders_and_technological_sovereignty.

12 Italics inserted by the author for emphasis.

13 For the lawyers: See B. Cheng, "General Principles of Law as applied by International Courts and Tribunals" (Stevens and Sons, Ltd., 1953), Chapter 4, in particular, p. 125. Also see Jennings and Watts (eds.), Oppenheim's International Law, 9th ed, Vol. I (Longman's, 1992), pp. 407-410, Border and Transborder Armed Actions Case, (1988) I.C.J. Rep. 105; Rights of Nationals of the United States in Morocco Case, (1952) I.C.J. Rep. 176; Anglo-Norwegian Fisheries Case, (1951) I.C.J. Rep. 142

14 For an excellent and comprehensive discussion of the two concepts from a computer science perspective see the online resource maintained by Professor Scott Jordan of the University of California Irvine Computer Science Department entitled "Net Neutrality" at https://www.ics.uci.edu/~sjordan/research/net neutrality.html.

15 For that reason I expect that TISA won't have much to say on the subject though I hope I'm proven wrong; I think a positive obligation in TISA for countries to respect that principle would be a phenomenal benefit.

16 I want to be clear that these impressions were conveyed in a manner that ensured no negotiator could be accused by the US of breaking the veil of confidentiality. I won't go into detail for obvious reasons.

17 The US was a main demandeur of the original GATS national security exception and its bilateral trade deals show a clear trend for them to become more and more expansive. For an example see the US-Korea FTA 2003, Article 23(2) at http://www.ustr.gov/sites/default/files/uploads/agreements/fta/korus/asset_upload_file476_12722.pdf with the US proposal as leaked and GATS Article XIVbis http://www.wto.org/english/docs_e/legal_e/26-gats_01_e.htm#articleXIVb. The trend is very clear.

18 For an excellent overview of why this problem is so significant - including to consumers - I recommend Chandler, A., The Electronic Silk Road: How the Web Binds the World Together in Commerce, Yale University Press, 2013. For those who want a quicker read, See S. Donnan, "Digital Trade: Data Protectionism," Financial Times, 4th August 2014 at http://www.ft.com/cms/s/0/93acdbf4-0e9b-11e4-ae0e-00144feabdc0.html.

19 As an example of the seriousness with which the current US Administration views disclosure of classified information, the only person yet imprisoned over U.S. torture allegations is John Kiriakou, for disclosing the programs to the press see inter alia http://www.theverge.com/2014/12/9/7362757/the-man-who-fought-cia-torture-is-still-in-prison-john-kiriakou.

20 See note 1 for an example of Swiss openness as it relates to TISA. Harvard University's Global Trade Negotiations Home Page on Switzerland gives a good resume of the Swiss approach to globalised trade: http://www.cid.harvard.edu/cidtrade/gov/switzerlandgov.html.

By Nick Ashton-Hart, Associate Fellow, Geneva Centre for Security Policy The views expressed in this article are his alone. Find him on Twitter at @nashtonhart. Visit Page
Follow CircleID on
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

To post comments, please login or create an account.

Related

Topics

DNS Security

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign