nach oben

Erschienen in:

2017 | OriginalPaper | Buchkapitel

21. Data Protection in the TPP: More Emphasis on the “Use” Than the “Protection”

verfasst von : Nohyoung Park

Erschienen in: Paradigm Shift in International Economic Law Rule-Making

Verlag: Springer Singapore

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

It is very significant for the TPP, being a free trade agreement, to have explicit provisions on data protection, if it is ultimately effective. The TPP recognizes the importance of personal data in the digital economy. However, it is a pity that the TPP has provisions on data protection which do not aim at a higher standard among the Parties, as the use of personal data is significantly emphasized over the protection of personal data. It is further disappointing for the TPP to make substantial obligations less obligatory by using the words like ‘should’ and ‘shall endeavor to’. Although the TPP’s fate is still uncertain as a result of President Trump’s decision of withdrawal, its provisions on data protection seem to revive in any future trade agreement which aims to legalize a free trade in data including personal data. In conclusion, it may be understandable that the degree of data protection is not at the same level with the degree of force accorded to the use of personal data in the TPP, as it is not a data protection or privacy agreement per se. Nevertheless, in order to create and further develop the digital economy, data protection should be on the same level as the use or trade in data including personal data.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel The Regulation of Digital Trade in the TPP: Trade Rules for the Digital Age

Nächstes Kapitel Digital Copyright in the TPP

See the letter from the USTR Robert E. Lighthizer to Senator Charles E. Schumer on May 18, 2017, available at https://ustr.gov/sites/default/files/files/Press/Releases/NAFTA%20Notification.pdf.

Those provisions on digital economy include Article 14.8 (Personal Information Protection), Article 14.11 (Cross-Border Transfer of Information by Electronic Means), Article 14.13 (Location of Computing Facilities), Article 14.14 (Unsolicited Commercial Electronic Messages), Article 14.16 (Cooperation on Cybersecurity Matters), and Article 14.17 (Source Code).

For another analysis of the matter, see Graham Greenleaf, ‘The TPP Agreement: An Anti-Privacy Treaty for Most of APEC’, [2015] 138 Privacy Laws & Business International Report 21–23.

For a general description of the UNGGE, see www.un.org/disarmament/topics/informationsecurity/.

The White House, ‘FACT SHEET: President Xi Jinping’s State Visit to the United States’, (2015), available at www.whitehouse.gov/the-press-office/2015/09/25/fact-sheet-president-xi-jinpings-state-visit-united-states.

The Leaders of the G7, meeting in May 2016, committed “to promote a strategic framework of international cyber stability consisting of the applicability of existing international law to state behavior in cyberspace, the promotion of voluntary norms of responsible state behavior during peacetime, and the development and the implementation of practical cyber confidence building measures between states,” as affirmed by the UNGGE. They also recognized that “states may exercise their inherent right of individual or collective self-defense as recognized in Article 51 of the United Nations Charter and in accordance with international law, including international humanitarian law, in response to an armed attack through cyberspace.” For the text of the “G7 Principles and Actions on Cyber”, see www.mofa.go.jp/files/000160279.pdf.

The Leaders of the G20, meeting in November 2015, noted “the key role played by the United Nations in developing norms”, affirmed that international law, and in particular the UN Charter, is applicable to state conduct in the use of ICTs and committed themselves to the view that all states should abide by norms of responsible state behaviour in the use of ICTs in accordance with UN resolution A/C.1/70/L.45. For the text of the G20 Leaders’ Communiqué, see http://g20.org.tr/g20-leaders-commenced-the-antalya-summit/.

The Heads of State and Government of the member countries of the North Atlantic Alliance in the Wales Summit of September 2014 declared in particular that “[o]ur policy also recognises that international law, including international humanitarian law and the UN Charter, applies in cyberspace. …We affirm therefore that cyber defence is part of NATO’s core task of collective defence. A decision as to when a cyber attack would lead to the invocation of Article 5 would be taken by the North Atlantic Council on a case-by-case basis.” For the text, see www.nato.int/cps/en/natohq/official_texts_112964.htm.

The UNGA in its Resolution (A/RES/70/237), adopted on 23 December 2015, welcomed “the conclusion of the Group of Governmental Experts in its 2013 report that international law, and in particular the Charter of the United Nations, is applicable and essential to maintaining peace and stability and promoting an open, secure, stable, accessible and peaceful information and communications technology environment”.

Although information appears to include data in the definition of personal information, there is no clue to differentiate the two concepts in the TPP. The word ‘personal information’ is more used in the US, Korea and Japan, while the word ‘personal data’ is generally used in the European Union. This chapter uses the two words with the same meaning.

For example, the General Data Protection Regulation of the European Union (GDPR) defines personal data as “any information relating to an identified or identifiable natural person”. (Article 4(1)).

On the contrary, the GDPR, to be applicable in May 2018, protects personal data in the context of human rights. For example, it protects “fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data”. (Article 1.2).

Brunei and Vietnam are to implement such a legal framework. (A Note to Article 14.8).

Michael Geist, ‘The Trouble with the TPP, Day 11: Weak Privacy Standards’ (2016), available at www.michaelgeist.ca/2016/01/the-trouble-with-the-tpp-day-11-weak-privacy-standards/.

As the word ‘should’ is used, there is no obligation imposed on the Parties to the TPP.

For the text of the OECD Guidelines, see www.oecd.org/sti/ieconomy/oecd_privacy_framework.pdf/.

The so-called “108 Convention” is open to non-Member States as well as to the Member States of the COE. It is now under a revision process in the name of modernization. For the text of the 108 Convention, see https://rm.coe.int/CoERMPublicCommonSearchServices/DisplayDCTMContent?documentId=0900001680078b37.

See the APEC, Privacy Framework 3 (2005).

As the words ‘should’ and ‘encourage’ are used, there is no obligation imposed on the Parties to the TPP.

The CBPR system was endorsed by the APEC leaders in 2011, and it is a voluntary accountability-based system to facilitate privacy-respecting data flows among APEC economies. See www.cbprs.org/GeneralPages/About.aspx. Mexico, Japan and Canada joined the CBPR system following the US. The first three countries are the Parties to the TPP. Korea is also expected to join the CBPR system soon. See KBS Radio, ‘S. Korea joins APEC Cross-Border Privacy Rules’, (12 June 2017), available at http://world.kbs.co.kr/english/news/news_In_detail.htm?No=127956&id=In.

The European Commission declared that it would actively engage a dialogue on adequacy with key trading partners in East and South-East Asia, starting from Japan and Korea in 2017, as Japan and Korea have recently adopted or modernised their legislation to put in place comprehensive data protection regimes. European Commission, ‘Communication from the Commission to the European Parliament and the Council: Exchanging and Protecting Personal Data in a Globalised World’, Brussels, 10.1.2017, COM (2017) 7 final.

Although the word ‘shall’ is used, the word ‘endeavour to’ would make the Parties to the TPP less obliged to do so.

See the APEC, Privacy Framework 34 (2005).

Although the word ‘shall’ is used, the word ‘endeavour to’ would make the Parties to the TPP less obliged to do so.

As the word ‘should’ is used, there is no obligation imposed on the Parties to the TPP.

For example, the attack against data including personal data may be assimilated to the one against people and physical goods so as to invoke the application of jus ad bellum and jus in bello. See Michael N. Schmitt, ‘Rewired warfare: rethinking the law of cyber attack’, (2014) 96 International Review of the Red Cross 204.

Maryant Fernández Pérez, ‘Data protection and privacy must be excluded from TTIP’, European Digital Rights (2015), available at https://edri.org/data-protection-privacy-ttip/.

Titel: Data Protection in the TPP: More Emphasis on the “Use” Than the “Protection”
verfasst von: Nohyoung Park
Verlag: Springer Singapore
Buch: Paradigm Shift in International Economic Law Rule-Making
Print ISBN: 978-981-10-6730-3

Electronic ISBN: 978-981-10-6731-0

Copyright-Jahr: 2017
DOI: https://doi.org/10.1007/978-981-10-6731-0_21