IGF 2023 WS #224 Opportunities of Cross-Border Data Flow-DFFT for Development

    Time
    Monday, 9th October, 2023 (06:15 UTC) - Monday, 9th October, 2023 (07:45 UTC)
    Room
    WS 4 – Room B-1
    Subtheme

    Data Governance & Trust
    Cross-border Data Flows and Trust
    Data Free Flow
    Data Localization, Data Residency, and Data Sovereignty
    Data Privacy and Protection

    Organizer 1: ATSUSHI YAMANAKA, 🔒Japan International Cooperation Agency
    Organizer 2: Kathleen McGowan, Digital Impact Alliance
    Organizer 3: Jean-Jacques Sahel, 🔒Google
    Organizer 4: Chrissy Martin Meier, UN Foundation
    Organizer 5: Priya Vora, Digital Impact Alliance

    Speaker 1: Hon. Neema Lugangira, Government, African Group
    Speaker 2: Jean-Jacques Sahel, Private Sector, Asia-Pacific Group
    Speaker 3: Jean Philbert Nsengimana, Private Sector, African Group
    Speaker 4: Mayumi Miyata, Government, Asia-Pacific Group
    Speaker 5: Kathleen McGowan, Civil Society, Western European and Others Group (WEOG)

    Additional Speakers

    Opening Remark. Tojima Hitoshi (Mr.), Chief Digital Officer, Japan International Cooperation Agency (JICA)
    Speaker 1. Gordon Kalema (Mr.), Director General, Ministry of ICT and Innovations, Rwanda (in lieu of Hon. Lugangira, Neema)

    Moderator

    ATSUSHI YAMANAKA, Government, Asia-Pacific Group

    Online Moderator

    Chrissy Martin Meier, Civil Society, Western European and Others Group (WEOG)

    Rapporteur

    Priya Vora, Civil Society, Western European and Others Group (WEOG)

    Format

    Round Table - 90 Min

    Policy Question(s)

    1. How can we ensure free flow of trusted data without compromising privacy and national security? What would be the governance frameworks necessary for that? How could different stakeholders involve in the development of best practices to enable free flow of trusted data? 2. How could development partners, private sectors, and civil societies/academia support developing countries to create conducive mechanisms to take advantage of cross-border data flow? 3. Should the concept and mechanism of free flow of trusted data beyond national boundary be incorporate into the discussion of DPI? If so, how best could the multi-stakeholder communities support that?

    What will participants gain from attending this session? Participants of the workshop will gain insights into current global debates over challenges and opportunities, as well as operationalizing free flow of secured data beyond national border from subject matter experts and practioners from Asia-Pacific, Africa, and Global regions. The workshop participants will also have an opportunity to join and provide inputs into the discussions about how could government, private sectors, civil societies, and development partners could support developing countries to maximize the opportunities brought about by the free flow of secured data beyond national border. Moreover, the participants could also receive expert perspectives of whether the concept of the DFFT should or could be incorporated into the current global discussion of expanding Digital Public Goods and Digital Public Infrastructure, and if so how the different stakeholders could support the initiative.

    Description:

    It is widely recognized that the free flow of trusted data is key to facilitate socio-economic-political transformation and to advance well-being for all. It is important that countries capitalize the benefits of cross-border data flows such as adding values for commerce/trade, enhancing health-care services, taking advantages of computing and storage prowess of global cloud environment, securing critical national data against cyber-attacks (as in the case of Ukraine), utilizing data to mitigate global challenges such as climate changes, etc. The concept of enabling such free flow of secured data, the DFFT was introduced by Japan at G-20 Osaka summit and the global discussions to operationalizing the concept is ongoing. It also became a major action item at this year’s G7 Digital &Tech Ministers’ Meeting which called for operationalizing the DFFT across different sectors and across IOT devices. Some countries, however, are hesitant about enabling cross-border data transactions out of concern for data privacy, data security, data oligopoly, and even data colonization. These countries worry about placing domestically collected data outside of their boundaries as they may not exert proper jurisdiction for the data. It is important to create proper safeguarding mechanism and institutions to allow the operationalization of the DFFT. The workshop will invite experts from the Government, private sector, international organization, and civil society of from both developed and developing countries. It will focus on the opportunities and challenges of cross border data flow to allow co-creation and co-development between developed countries and developing countries, roles of different stakeholders such as government, private sectors, civil societies, and development partners to support operationalizing the DFFT, discuss how to capitalize the DFFT for development, etc. It is hoped that these discussions will become valuable inputs to support to operationalization of the DFFT in multilateral, multi-stakeholder, and multi-disciplinary ways.

    Expected Outcomes

    The Workshop expects to receive valuable multi-stakeholders inputs to support operationalization of the DFFT. It will facilitate the understanding of the challenges and opportunities of trusted data flow beyond national border by the participants, which would contribute to shaping potential norms for cross-border data flows to enable socio-economic development and co-creation among different stakeholders. The Workshop is also expected to shape idea for support initiatives for the developing countries which may include implementing capacity building initiatives for developing countries, creating policy recommendations for the government and stakeholders to pursue, and initiating other initiatives to operationalizing the DFFT which would benefit IGF communities as a whole.

    Hybrid Format: The workshop will have an onsite moderator and an online moderator to facilitate the workshop. These moderators are responsible for moderating the onsite and online speakers and attendees. Both these moderators will ensure all speakers and participants, regardless of their modes of participation, will have opportunities and be encouraged to engage, raise questions and provide inputs at the workshop. The workshop will commence with speaker presentations; upon completion the facilitator will ask policy questions which will facilitate active discussions. In order to ensure both offline and online participants to actively engage in the discussions, the workshop will secure ample time (Q&A session will be 30 minutes+) to ask questions to the speakers and provide inputs to the discussion. Online participants will be encouraged and given priority to pose questions. The onsite and online moderator will summarize the findings and recommendations of the workshop and compile future actions.

    Key Takeaways (* deadline at the end of the session day)

    Two Key Takeaways: 1) To make the power of data work for development, we need to develop trusted and secure ways to share data across borders. 2) In order to create best practice or norms on cross border data transactions, it is critical that the developing countries need to participate in the discussions and create the norms together.

    Call to Action (* deadline at the end of the session day)

    Two key Call for actions 1) Invite developing countries into the discussion of norm creation and sharing of best practices to enable DFFT. 2) Use multistakeholder approach to create regulatory and non-regulatory approaches to allow for data flow while protecting privacy.

    Session Report (* deadline 9 January) - click on the ? symbol for instructions

    IGF 2023 WS #224 Opportunities of Cross-Border Data Flow-DFFT for Development

    Monday, 9 October

    In-person moderator: ATSUSHI YAMANAKA, JICA
    Online moderator: Chrissy Martin Meier, Digital Impact Alliance

    Speakers:
    Jean-Jacques Sahel, Google
    Jean Philbert Nsengimana, Africa Center for Disease Control and Digital Impact Alliance
    Mayumi Miyata, JICA
    Kathleen McGowan, Digital Impact Alliance

    Gordon Kalema (Mr.), Director General, Ministry of ICT and Innovations, Rwanda

    Background

    • Since 2019, the Gov of Japan has been at the forefront of promoting digital free flows with trust (DFFT)
    • As the global community discusses “the internet we want,” there is a clear need to also discuss the “data ecosystem we want.”
    • Both the opportunities and challenges related to securely and fairly unlocking data is quite similar across countries, and no country or economic bloc has figured it out.
    • Data is a powerful resource that can accelerate process to the SDGs, but only if shared/transferred/transacted securely. We need to be mindful of the challenges including sovereignty, cybersecurity, and personal data protection.
    • Economies rely on the free flow of information –to communicate, inform ourselves and transact across borders      even during massive challenges like the pandemic, they enabled us to keep our economic and social lives going.
    • Integrating DFFT principles will be critical to ensure that digital public infrastructure (DPI) unlocks data that can be used to solve real challenges both within borders but also transnational challenges such as disease and climate change.

    Opportunities

    • DFFT has tremendous potential to accelerate development for all types of countries, particularly those trying to close gaps such as financial inclusion and access to critical services that foster not just resilience but the opportunity to thrive. This potential grows even larger when looking at cross-border data flows.
    • Socio-economic activities in the digital society can be accelerated with active participation in the data distribution market.
    • DFFT is extremely important in Africa for three reasons:
      • Africa is uniting in a continental free trade zone (AfCFTA), and digital infrastructure that is border agnostic is the only way to unite these countries to achieve one digital market.
      • There are many state and non-state actors who are ready to exploit Africa’s data: the only way to protect this data is by engaging multiple stakeholders who can help to safeguard data and to balance protection and openness. Particularly true with health data.
      • Africa’s Governments must be equally involved in leading the conversation on data governance in fora such as IGF, especially since multilateral, multistakeholder fora like IGF involve not just government voices but also those of civil society and the private sector.
    • DFFT is enabled by interoperable standards and certifications systems. The beauty of these systems is that they can be applied anywhere in the world, supporting small businesses and reinforcing trust regardless of country.    
    • We shouldn’t have separate systems/regimes for different types of countries but rather interoperable systems based on similar elements.

    Action areas

    Unlocking existing data by increasing trust

    • Huge potential to unlock data by freeing stranded assets – data locked behind a paywall or on a Government server.
    • The biggest challenge to unlocking data is trust – not scarcity. Data is not finite – it is infinitely reusable and thus there shouldn’t be an incentive to hoard.
    • Trust deficits can be addressed through new models that give data holders confidence to share.
    • We need to move away from the current paradigm of data winners and losers by removing artificial barriers and establishing trust frameworks.
    • There are products that have privacy by design, which set a model for balancing openness and privacy. Companies need Governments, civil society, and industry to help overcome the trust deficit and enable data flows and access to information across borders.
    • We need interoperable privacy frameworks, risk-based cybersecurity policies, and privacy-based standards. This is already happening in some countries. Even though the world looks divided in three blocks, it is feasible to come to a certain common ground. Cybersecurity is a good example.
    • There has been some progress in developing the rules and tools to promote trust, but it’s still limited to contracts or bi-lateral agreements. We need new models to make trusted data sharing the norm, rather than the exception. This includes mechanisms that include not just multiple Governments, but multiple stakeholders.
    • Global cross-border privacy rules are one example of the type of new collaborations we need to promote trust and reduce compliance costs.

    The role of national Governments

    • The data space is still uncertain for most people – everyone is learning. There is a role for everyone in tackling this uncertainty, including the Government.
    • When developing policies, Governments need to remember that we are working with people – people first before policies.
    • There also needs be a mind shift away from the false choice between data localization or not, but which data to share and how. It’s not just regulatory approach, but an overall multi-faceted strategy.
      • For example, in Rwanda, the Data Protection law was just a start. It needed to be followed by implementation measures, including a Data Protection Office, with staff who understand that their job is to allow for data flow while protecting privacy (rather than trying to ‘protect data’).

    Bringing in other stakeholders

    • Development partners can help their client Governments to better understand the risks and benefits, as well as furnish capacity to manage, so they don’t have to blindly block everything or shift to total data localization.
    • We need more discussions, multi-stakeholder dialogue. We need to be asking the privacy sector, more often, how they can help.
    • Deliberate focus on promoting more innovation within each country, engaging all types of actors to develop transformative tools to promote consent, etc.