In this month's newsletter, we outline how Connected Risk will transform Regulation
Dealing with the risk of Digital Protectionism
20 June 2018 | Press Article
Published in Insurance Day
The title of this week’s Airmic conference is: “The future is now.” The conference theme is that technology is developing so fast that businesses can simultaneously be disruptors and disrupted. Corporates need to embrace strategic connected opportunities, adapt their skillset and achieve operational excellence, says Airmic. Against this backdrop, the spectre of corporate data risks and new European data protection regulation looms large.
Risks abound in the current data regulatory environment, particularly the growing digital "arms race" between (re)insurers and corporates as they seek to adopt the latest new technology, without truly understanding what their relationship is with the data that they hold.
What is also interesting, however, are the potential geopolitical implications of the EU inspired regulation. In the wake of the General Data Protection Regulation, which went live on 25th May 2018, could the EU’s impending regulation also help to drive a growing protectionist mentality? Is data going global or going local? What is becoming clear is that today’s connected digital age poses potential threats posed to business resilience, national security and critical infrastructure.
In theory, the EU regulator has the power to levy huge fines on U.S. (or other regions) businesses, healthcare providers, charities, individuals and other institutions that fail to comply. It will be interesting to see the reactions of the current U.S. Government administration if/when the fines land on the American desktops of corporate CEOs in 2018 or more likely 2019.
According to an article in AdWeek: “A protectionist mind-set that has been brewing politically worldwide for quite some time is suddenly at the doorstep of every digital platform and global brand. Marketing players are now making locally-minded data moves that stand to hurt companies of all types; though the business ramifications have yet to be appropriately recognized.”
Certain governments already have data localization laws in place. Russia, for example, enforces data localization laws so that citizens’ datasets have to remain in the country. Enforcing its laws, Russia has banned access to LinkedIn since 2016 and threatens to block Facebook in 2018 unless it agrees to comply with the data localization laws.
We are living in a period where Artificial Intelligence can deliver smart business tools and predictive data, in which the connected risk is that digital protectionism could hinder progress with negative impacts. One example that is cited if all data must be stored locally, then A.I. systems might draw only from data silos in each country, with the effect of creating seemingly nationally-biased “intelligence.”
We live in a world of global data flows but the regulatory response is fragmented and the definitions of personal data vary. GDPR is part of the EU’s attempt to catch up with technological advances that have exploded into millennial public consciousness. It is astonishing to think that when the previous EU data directive was adopted, both Google and Facebook were just twinkles in their parent's eyes! GDPR has ultimately been created to protect EU residents’ privacy from businesses in markets with less robust privacy protections, and in doing so will act as a catalyst to the rest of the world to conform to its standards.
Yet could GDPR be part of a wider picture of nationalist-based separatism that’s been brewing for some time? AdWeek reports: “Before Brexit rocked the political-economic landscape in 2016 and GDPR was adopted the same year, there were already signs of digital protectionism in Europe. In 2014, German Chancellor Angela Merkel momentarily proposed the idea of the EU building its own Internet to prevent email and other data from flowing through U.S. networks. That move was a direct reaction to unflattering reports of data collection by the U.S. National Security Agency.”
Nigel Cory, a trade policy analyst at the Information Technology and Innovation Foundation, said in the Privacy Adviser, “We’re seeing a growing trend, as dozens of countries are enacting these kinds of barriers to data flows, targeting a growing range of data types, including personal data, but beyond that. Whether it’s a splintering or Balkanization or whatever you call it, this presents a real risk to the global economy and innovation.”
Some data experts anticipate consumer data wars between companies that customers trust enough to compile their personal data and the companies forced to let their data go. In the new data landscape, firms will look to access data from rivals and companies with a footprint outside their vertical sector by tempting customers to transfer their data. They could do this by offering cheaper services to clients who choose to let these companies hold their personal data.
Meanwhile, the online campaign to affect the 2016 U.S. presidential election is just the start of a “dark future” where data will become weaponized by hostile states unless regulators and consumers push back, says the author of a new book on how to fix the crisis of trust in Silicon Valley. "There will be major international crises and probably was built around data," Andrew Keen says.
There is a real prospect of a hot data war at some point in the future. In the wake of the 2008 global crisis there were fears that an escalation of protectionist pressures could trigger high-intensity protectionism as a reaction to the crisis, however, those fears failed to materialise in any significant form. The new question is whether the simmering pressure cooker of international data regulation will bring together a harmonious blend of flavours or blow the lid off global digitally connected trade.
Further Reading Suggestions