Published on Let's Talk Development

Privacy law and services trade: Resolving the conflict

This page in:

The EU’s new General Data Protection Regulation (GDPR) recently went into effect. You have probably received emails regarding your data resident on email servers and applications. And while the media focus has also remained on data concerns with Facebook and other personal data, the impact of the GDPR on developing countries has received little attention.  Their exports of data-based services rely on the free flow of data across borders. Strengthened regulation can make international data transfers more difficult. And traditional trade rules and regulatory cooperation cannot resolve this conflict.

Our recent paper describes and assesses three types of responses to this challenge. In addition, in a recent VoxEU column we argue that the way forward would be to design trade rules that reflect the bargain struck in the EU-US Privacy Shield. Data destination countries would promise to protect the privacy of foreign citizens in return for source countries promising not to restrict data flows. And in an opinion piece for the Indian Express we discuss privacy challenges particularly for developing countries like India. 


Aaditya Mattoo

Chief Economist, East Asia and Pacific Region, World Bank

Joshua Meltzer

Senior Fellow, Brookings Institution

Join the Conversation

The content of this field is kept private and will not be shown publicly
Remaining characters: 1000