Are the TISA Trade Talks a Threat to Net Neutrality, Data Protection, or Privacy?

(Originally published at and cross-posted from CircleID)

On December 17th a US proposal for online commerce in a major trade negotiation, the Trade in Services Agreement (“TISA”)^[1] leaked. A flurry of press releases and opinion pieces claim that TISA is a threat to the Internet. The headlines are lurid: “TISA leak: EU Data Protection and Net Neutrality Threatened” and “Leaked TISA text exposes US threat to privacy, civil rights”. Yet the authors of these screeds are far removed from the negotiations and not actively following them; their comments generally assume the 8-month-old text from one country is a reliable base to use to make assumptions about the end result of unfinished negotiations involving more than 40 countries. Because I’ve spent years in Geneva regularly meeting with and advising negotiators on the networked economy^[2] I have a very different perspective. Frankly, I believe most commenters have got the main issues wrong and largely missed the significance of the worst feature of the proposal – the extremely broad national security exception.

Assertion 1: The US (and/or TISA itself) is out to undermine privacy protections worldwide.

This is based on the assumption that because the leaked proposal doesn’t provide safeguards for data protection the US doesn’t want any in TISA.

It was agreed more than two years ago^[3] that TISA would be a “GATS+”^[4] or “GATS 2.0” agreement and would ‘carry forward’ that agreement’s exceptions^[5], which allow countries to preserve their right to deal with data protection/privacy, national security, and the like to ensure that national law in these areas is not inadvertently overridden by world trade agreements. If TISA were to provide anything contrary to GATS it could result in cases against TISA countries in the dispute settlement system^[6] of the WTO. There’s no way any country would put themselves in that position.

Why didn’t the US include all the exceptions in the proposal? That’s for them to say but an obvious answer is that given the above they didn’t need to.

I can tell you the approach TISA will take on privacy is far from settled. Some countries believe that TISA should just mutually recognise that whatever privacy protections parties have is accepted as adequate by the others.^[7] Others are not satisfied with that approach and are looking for more positive privacy provisions.^[8]

Assertion 2: The obligations the US proposes on data and hardware localisation and the free flow of data undermine consumer rights, privacy and data protection. 

The proposal would make unrestricted free flow of data obligatory and ensure countries may not oblige network infrastructure, servers, or data to be hosted locally nor block services from other countries except in limited circumstances. Commentators make various arguments against this but they miss the context: This was the first truly detailed proposal made in TISA related to online commerce and was made before provisions in many areas of TISA was even close to final. That means all the other countries would know this was a starting, not an ending, position; “horizontal” provisions like this are always subject to changes as the ‘sectoral’^[9] chapters are finalised.

I think the right question to ask is: Are these principles the right place to start? I believe they are for many reasons, but lets take just one: free expression and civil liberties.

Commentators have suggested the proposal would undermine both because countries can better protect their nationals’ data if it is kept locally. However, data security is not defined by geography but by legal protections and the sophistication of the software, hardware, and procedural mechanisms that secure it. Would you rather have your data hosted in China, or Switzerland?

Freedom House’s 2014 edition of their “Freedom on the Net” report highlights local hosting requirements as one of the biggest threats to users and increasing regulation of online media as a key reason for the decline in Internet Freedom.

Free flow of data benefits trade^[10] but also everyone else. Why wouldn’t we want to set a precedent that data should flow openly by default and hardware and network infrastructure should be sited where best able to ensure network efficiency, and then look at the scenarios where that default position should be amended?^[11]

Assertion 3: The US offer endangers net neutrality. 

This is based upon the US proposal conditioning access to online services and applications is “… subject to reasonable network management…”^[12] which is assumed to mean the US wants to undermine network neutrality. The argument has three flaws:

1. The US has yet to decide internally on net neutrality so nobody should be surprised it didn’t propose one 8 months ago.
2. ‘Reasonable’ as a term has meaning in the trade context as in international law more broadly;^[13] it is no blank cheque;
3. As engineers will tell you, network management does not equal net neutrality.^[14]

The net neutrality debate is quite mature in the US but in much of the rest of the world it is just getting underway.^[15]

Assertion 4: The US is the world’s most powerful country, therefore what it proposes will be agreed. 

This idea is always popular and while it might have been largely true for part of the last century – and I’m quite sure US negotiators would love for it to be true today – it isn’t, especially in a negotiation with many countries involved. The largest economy in the negotiations is the EU, not the US.

The Real Problem: The proposed national security exception.

I was deeply disappointed to see that the criticism of the US proposal mostly misses what I see as its worst feature: the very broad national security exception. I heard negative feedback from TISA countries within days of them receiving the proposal – and was given to understand that the exception so broad it makes all commitments on the Internet optional.^[16] Trade agreements always have a national security exception but the trend is for them to keep expanding, primarily due to US insistence.^[17] Countries are increasingly resorting to digital protectionism^[18] using national security as the rationale, in large part reacting to the Snowden revelations. Proposing a broad exception is a strategic mistake, not just for trade, but for free expression and human rights online more broadly.

Moving forward

I believe that trade policy can play a profoundly beneficial role in protecting a permissionless-innovation and human-rights centric Internet. The great tragedy is the debate on such critical issues is driven largely by suspicion and doubt because it is based on a leak instead of a more open discussion of the concepts the leaked proposal contains. Doubly unfortunate is that US trade officials won’t be able to comment on their proposal because if they were to do so they’d be breaking federal law, risk being fired, and could face prosecution with penalties that could include a prison sentence.^[19] Similarly, the other countries won’t discuss the proposal publicly either because the US considers the proposal so secret. This is all ludicrous. Such extreme secrecy is as obsolete as it is counterproductive: look at Switzerland, who publish their trade offers in a timely manner for all to see^[20] without it constraining their freedom to negotiate extensive free trade agreements worldwide.

Perhaps on the need for a fundamental rethink of secrecy in trade talks we will find one thing we can all agree on.

Nick Ashton-Hart is the Executive Director of the Internet & Digital Ecosystem Alliance, and the senior permanent representative connected to the for-profit technology sector to the UN, its member-states, and the international organisations resident in Geneva. He has been an active part of multilateral policy development starting with the sustainable development agenda for the world’s cities (HABITAT 11) in 1992, has been an active part of the Geneva community for 14 years and a resident of it for the past eight.  He came to international policy from a successful private-sector career in both the entertainment and ICT sectors.

^[1] The most complete description of TISA, its structure, and the negotiating path is from the Swiss State Secretariat for Economic Affairs (SECO) in 4 languages, available here. Switzerland is also refreshingly open about its positions; you can retrieve their TISA proposals at the bottom of the page.

^[2] Though always couched so as to avoid being accused of violating confidences (which can make conversations maddening, surreal, amusing – and sometimes all three at once).

^[3] And has been widely acknowledged in interviews and public statements by the negotiating states. For an excellent overview of what several trade Ambassadors in Geneva think of TISA, as well as a good overview of how TISA came about and why, a video of a presentation on TISA at an ICTSD event makes good viewing.

^[4] GATS is the General Agreement on Trade in Services, part of the WTO agreements. The exceptions referenced are in Articles XIV and XIVBis.

^[5] See supra note 4.

^[6] A form of international court that allows parties to the WTO agreements to seek redress on other countries that breach their obligations. Its decisions are binding. More information is here.

^[7] Use of a GATS-like exception would be a key element of this approach. Whatever you may think of this approach – which is the one most of industry supports, for what it is worth – it has a long pedigree. An excellent overview of the exceptions and their use in disputes in trade law for non-specialists can be found on the Social Science Research Network, A. Mitchell and D Ayres, “General and Security Exceptions Under the GATT and the GATS,” 2011.

^[8] On 27th November the US sent a note to all WTO members proposing discussions on electronic commerce that explicitly include the importance of data protection, a suggestion made by another TISA country, Australia, as long ago as 2012 (DOC). A flavour of the interest of many TISA members in strong data protection can be easily seen in the summary of a WTO Trade in Services Council meeting in November 2012, here.

^[9] It is a feature of trade agreements like this that different ‘sectors’ have their own sections in the agreements. An example of a sector is ‘Financial Services’ or ‘Professional Services’ – and the leak has a section on the latter immediately after the US proposal which is separate from it.

^[10] For an analysis of the commercial damage data localisation requirements cause see “The Costs of Data Localisation: Friendly Fire on Economic Recovery,” European Centre for International Political Economy (ECIPE), 2014.

^[11] For an excellent resume on the harms data localisation efforts and related proposals can do to the Internet, see “Technological Sovereignty: Missing the Point? An Analysis of European Proposals after June 5 2013”, Transatlantic Dialogues on Security and Freedom in the Digital Age, 24 November 2014, at . A video recording of a panel discussion on the subject is available here.

^[12] Italics inserted by the author for emphasis.

^[13] For the lawyers: See B. Cheng, “General Principles of Law as applied by International Courts and Tribunals” (Stevens and Sons, Ltd., 1953), Chapter 4, in particular, p. 125. Also see Jennings and Watts (eds.), Oppenheim’s International Law, 9th ed, Vol. I (Longman’s, 1992), pp. 407-410, Border and Transborder Armed Actions Case, (1988) I.C.J. Rep. 105; Rights of Nationals of the United States in Morocco Case, (1952) I.C.J. Rep. 176; Anglo-Norwegian Fisheries Case, (1951) I.C.J. Rep. 142

^[14] For an excellent and comprehensive discussion of the two concepts from a computer science perspective see the online resource maintained by Professor Scott Jordan of the University of California Irvine Computer Science Department entitled “Net Neutrality”, available here.

^[15] For that reason I expect that TISA won’t have much to say on the subject though I hope I’m proven wrong; I think a positive obligation in TISA for countries to respect that principle would be a phenomenal benefit.

^[16] I want to be clear that these impressions were conveyed in a manner that ensured no negotiator could be accused by the US of breaking the veil of confidentiality. I won’t go into detail for obvious reasons.

^[17] The US was a main demandeur of the original GATS national security exception and its bilateral trade deals show a clear trend for them to become more and more expansive. For an example see the US-Korea FTA 2003, Article 23(2) at  with the US proposal as leaked and GATS Article XIVbis. The trend is very clear.

^[18] For an excellent overview of why this problem is so significant – including to consumers – I recommend Chandler, A., The Electronic Silk Road: How the Web Binds the World Together in Commerce, Yale University Press, 2013. For those who want a quicker read, See S. Donnan, “Digital Trade: Data Protectionism,” Financial Times, 4th August 2014.

^[19] As an example of the seriousness with which the current US Administration views disclosure of classified information, the only person yet imprisoned over U.S. torture allegations is John Kiriakou, for disclosing the programs to the press see inter alia, coverage by The Verge.

^[20] See note 1 for an example of Swiss openness as it relates to TISA. Harvard University’s Global Trade Negotiations Home Page on Switzerland gives a good resume of the Swiss approach to globalised trade.