By identifying key players, quantifying relative influence, and assessing the competitive landscape, FP Analytics breaks down complex foreign policy issues by mapping out spheres of influence and the risks and opportunities these topics present for Insiders. LEARN MORE
Global Data Governance
Part One: Emerging Data Governance Practices
UPDATED: Feb. 23, 2021
PUBLISHED: May 13, 2020
In FP Analytics’ Power Map, 5G Explained, we detailed the complex physical infrastructure necessary to create 5G networks and broke down the issues surrounding the control of that infrastructure, setting of international standards, bandwidth ownership, and security. In Part I of this series, we examine the emerging regulatory challenges surrounding governance of the data and information that flow through not only 5G networks, but digital infrastructure globally. While 5G networks will be vast, they represent only a fraction of the interconnected computer networks that the entirety of the Internet comprises. As the Internet serves as the circulatory system allowing data to flow to connected users globally, data represents the lifeblood of this system. How it is allowed to move throughout this system has immense consequences for governments, companies, and individuals and has catalyzed governments to regulate data flows at micro and macro levels. Emerging global data governance practices are already impacting the competitive landscape for companies around the world and helping determine how individual users and organizations interact with the rapidly digitizing global economy.
Thank you for your interest. Please enjoy the Executive Summary below.
Power Maps are an exclusive benefit of the FP Insider subscription. For full access to Data Governance, contact us at insider@foreignpolicy.com.
Executive Summary
Emerging data governance trends are re-shaping the global digital economy, which currently accounts for nearly 16% of global GDP and is growing two and a half times as fast. To date, the general lack of data governance has long been a core competitive advantage for U.S. tech companies and has facilitated the rise of global Chinese competitors. This environment enabled the market dominance of companies such as Facebook, Google, Baidu, and Tencent, which rely on being able to collect troves of global data from countries all around the world.
However, new and updated national data privacy and data localization laws are fundamentally altering the way that companies can conduct businesses internationally. The recent passage of the EU’s General Data Protection Regulation (GDPR) and China’s Cybersecurity Law – two of the most comprehensive packages of data privacy regulations - have already had cascading impacts on businesses in these markets and all of their trading partners. And this is just the beginning.
Among the data governance measures, data localization represents a powerful tool for governments seeking to gain control over data - and a share of the value it generates - within their national borders. In the last few years, over seventy countries have passed new or updated data privacy laws that include some form of data localization – one of the most restrictive and costly measures. In 2017, U.S. firms cited data localization policies as their number-one impediment to digital trade – and these types of protectionist measures are only growing.
The coming era of increasingly stringent data localization and data privacy laws has the potential to erode digital giants’ competitive advantage – making operating in certain markets significantly more costly, and potentially pushing foreign firms out of some markets all together, as has already been the case in Russia and China. They also make it difficult for smaller firms to compete. While the growing layers of data regulation will impact each firm differently, understanding how data governance regimes are evolving and the explicit data-related measures that apply in each country will be critical to maintaining competitiveness within and across borders.
In Part I of FP Analytics’ Data Governance Power Map Series, we break down the rapidly evolving regulatory environment surrounding data by:
- Pinpointing emerging governance trends;
- Cataloguing specific data localization and data privacy laws by country;
- Mapping regulation and the world; and,
- Explaining the risks and potential impacts on business.
FP Analytics’ Power Map provides the most comprehensive assessment and mapping of data localization and privacy laws to date and is a tool for businesses and others seeking to understand how these evolving governance regimes are shaping our digital world.
Subscribe to FP Insider below or contact us at insider@foreignpolicy.com for full access to Data Governance.
Introduction
Increasingly, government regulation is impacting the global flow of data, with varying, interconnected factors and incentives driving this proliferation of regulation. Specifically, governments are debating what information qualifies as personal data, and how private and public entities can collect, utilize, transfer, and monetize this data. The myriad measures implemented to date reflect a delicate balance of political, economic, and social factors, influenced by government officials, private companies, and citizens. Regulators around the world face the challenge of balancing nuanced and fraught issues of access and privacy, support for economic development, and establishing a functional, cross-border framework for the international transfer and collection of compounding volumes of data. Additionally, multiple parties must ensure data security across governmental, commercial, and personal realms. Varying efforts to craft regulations that optimize for national interests and constituencies are producing an increasingly complex mix of global Internet and data regulations expressing differing visions for how digital infrastructure should ultimately function, how big data is managed, and by whom. In this Power Map series, we break down the most comprehensive and impactful of these regulations and explain what they mean for businesses and citizens in our increasingly digital world.
The Digital Economy and Drivers Behind Increasing Regulation
The massive volume of data flowing through global digital networks fueled the rise of many of the world’s largest companies, including global behemoths such as Alphabet and Tencent. It spawned multinational social media companies, such as Facebook and WeChat, allowing individuals to generate, access, and spread information at unprecedented rates. But new regulations are threatening this meteoric growth. The data collection practices upon which these companies’ business models are predicated are coming under increasing scrutiny from governments concerned about domestic and foreign companies’ collection and handling of their citizens’ data. This concern, coupled with some governments’ desire to expand their own digital economies and tax bases, is accelerating the global proliferation of data-related laws—from data localization, to privacy, to data security—as these government officials and regulators attempt to assert authority and capture value.
Key Takeaways
-
The Issue
U.S. and Chinese companies dominate the global digital landscape. The digital economy accounts for 15.5 percent of world GDP, with the combined value of Internet platform companies—such as Alphabet (Google) and WeChat—accounting for roughly 9.4 of world GDP (roughly $7 trillion, larger than the GDP of any country in the world besides the U.S. or China). The vast majority of revenues accrue to a handful of U.S. and Chinese companies whose power and influence continue to grow as they collect and monetize data from citizens around the world.
-
The Reaction
Governments’ increasing concern over foreign companies’ collection and monetization of user data is a primary driver of digital regulation. The rise of data privacy, security, and localization laws to protect citizens’ data rights and countries’ economic interests, while boosting individuals’ control over their data, is creating an increasingly complex legal and regulatory environment while raising operational and compliance costs for multinational companies operating across borders.
-
What’s at Stake
While offering some protection for domestic companies, onerous and conflicting data governance regimes and regulations risk companies’ market access and further value creation in the digital economy. Beyond threatening to create different regulatory regimes, government intervention in the market could push major tech companies to break up, or fundamentally change the rules of the Internet.
Data Localization and Its Commercial Implications
Data localization laws encompass the full range of restrictions a country places on foreign collection, storage, and transfer of its citizens’ data. Government regimes are taking different approaches to data localization; for example, Russia has the most restrictive data localization measures in place, and the U.S. is the strongest advocate for open borders with respect to data transfer. The methods that countries use to enforce and enact data localization regulations substantially impact how international companies can operate within their borders, with consequences for commercial activity both domestically and internationally.
Key Takeaways
-
The Issue
Four distinct approaches to data localization regulation and implementation largely determine how companies’ digital operations can function within a country. They include: no restrictions, conditional restrictions, local copy requirements, and local data storage mandates. Without one uniform method for regulating international data flows, multinational firms will need to adjust practices to comply with the distinct laws of each market in which they operate.
-
The Reaction
Some countries stand to benefit economically from data localization, but widespread global barriers on data transfers risk lower global growth overall. Data localization practices restrict the flow of data and raise costs for international tech companies, fragmenting markets and threatening to hinder global growth. Despite the potentially adverse economic impacts globally, data localization measures are continuing to be implemented as countries’ concerns with foreign data collection and governments’ attempts to limit their operations increase.
-
What’s at Stake
Data localization restrictions threaten to deny or limit access to major data-reliant international corporations, including in key developing markets where the majority of future growth could occur, such as India and Vietnam. On a broad scale, data localization regulations stand to seriously disrupt the free cross-border flow of data, which has enabled the rise of digital commerce for the past few decades.
Beyond Data Localization: Other Influential Data Regulations and Emerging Data Governance Practices
In addition to data localization, varying economic, political, and social factors are driving governments to craft other data governance measures. Due to each country’s unique regulatory environment, data governance practices can differ significantly globally. However, common frameworks, particularly for data privacy laws, are emerging. As with GDPR, to date, a few influential countries with significant market power are leading the way by enacting comprehensive data regulation laws.
Key Takeaways
-
The Issue
Led by the EU and China, countries with large domestic markets and significant global influence are defining data governance trends internationally. Within the past four years, the EU, China, India, and Brazil all enacted or drafted comprehensive data regulations focused on their national interests. These regulations are reshaping the global data governance landscape and are being emulated, revised, or adapted by other nations with similar interests.
-
The Reaction
Variations within and among data governance regimes are disrupting multinationals’ ability to operate in the global digital economy and raising costs. Data regulations are fundamentally dividing cyberspace into different spheres and upending businesses’ ability to operate seamlessly across borders, forcing businesses to adhere to a complex mix of often conflicting regulations in order to operate within different national borders.
-
What’s at Stake
While aiming to more effectively protect privacy, the layering of data regulations is making operating internationally in the digital economy more complicated and costly. Despite the GDPR and similar data privacy laws being enacted largely in response to the international dominance and data collection practices of large U.S. tech companies, a more complicated regulatory landscape will likely favor larger and more established firms, as they can better bear the increased legal costs and potential fines.
Navigating an Increasingly Fractured Future
The implementation of new and updated data governance regulations across the world is fundamentally changing the digital business landscape. Data localization requirements, more comprehensive and widely enforceable data privacy laws, and increased cybersecurity laws (which will be explored in Part II of this series) are creating a complicated and increasingly costly web of regulations for businesses to navigate. These factors stand to impact small businesses disproportionately, though increasing compliance costs have been a major point of contention for large businesses as well. However, with the recent adoption of comprehensive privacy laws in major e-commerce markets, data regulation is likely to continue to accelerate. While privacy laws to date have been passed to protect users’ data from being exploited by large international companies and foreign governments, there is a concurrent wave of data privacy laws around the world that are actually enabling governments to have sweeping access to user data. These laws range from China’s Cybersecurity Law (elements of which we have covered in this section) to the Patriot Act in the U.S. For individuals, the amount of data being accessed by governments through surveillance and requests to private companies is rising sharply. Simultaneously, governments are embarking on a drive to repeal cybersecurity provisions, such as end-to-end encryption as in the case of the U.S.’s EARN IT Act, in order to collect citizens’ data more effectively. In Part II of our Data Governance Power Map series, we will dive into these and other measures and how governments are increasing their data collection efforts globally, and what this means for businesses and private citizens.
Written by Christian Perez. Edited by Allison Carlson. Copyedited by David Johnstone. Design by Andrew Baughman and Jon Benedict. Development by Andrew Baughman. Art direction by Lori Kelley.

Learn more about how FP Analytics can enable your organization to act strategically through data-driven insights at ForeignPolicy.com/FP-Analytics.
References
- Agrawal, R. (2020, April 23). Why Facebook Is Betting Big on India. Foreign Policy. Retrieved April 23, 2020, from https://foreignpolicy.com/2020/04/23/facebook-betting-big-india-investment-reliance-jio/
- Albright Stonebridge Group. (2015, September). Data Localization: A Challenge to Global Commerce and the Free Flow of Information. Retrieved April 15, 2020, from https://www.albrightstonebridge.com/files/ASG%20Data%20Localization%20Report%20-%20September%202015.pdf
- Ankeny, C. (2016, April 17). The costs of data localization. Information Technology Industry Council. Retrieved March 26, 2020, from https://www.itic.org/news-events/techwonk-blog/the-costs-of-data-localization
- Basu, A., & Sherman, J. (2020, January 28). Key Global Takeaways From India’s Revised Personal Data Protection Bill. Lawfare. Retrieved April 8, 2020, from https://www.lawfareblog.com/key-global-takeaways-indias-revised-personal-data-protection-bill
- Bauer, Matthias, et al. (2016, May 10). Tracing the Economic Impact of Regulations on the Free Flow of Data and Data Localization. Centre for International Governance Innovation. Retrieved April 15, 2020, from https://www.cigionline.org/publications/tracing-economic-impact-regulations-free-flow-data-and-data-localization
- Bowman, C.M. (2015, November 17). A primer on Russia's new data localization law. Privacy Law Blog. Retrieved April 15, 2020, Retrieved April 9, 2020, from https://privacylaw.proskauer.com/2015/08/articles/international/a-primer-on-russias-new-data-localization-law/
- Brandom, Russell (2018, May 25). Everything you need to know about GDPR. The Verge. Retrieved March 25, 2020, from https://www.theverge.com/2018/3/28/17172548/gdpr-compliance-requirements-privacy-notice
- Chander, A., & Le, U. (n.d.). (2015) Data Nationalism. Emory Law Journal. 64(3), 677. https://law.emory.edu/elj/_documents/volumes/64/3/articles/chander-le.pdf
- Chivot, E., & Castro, D. (2019, June 17). What the Evidence Shows About the Impact of the GDPR After One Year. Center for Data Innovation. https://www.datainnovation.org/2019/06/what-the-evidence-shows-about-the-impact-of-the-gdpr-after-one-year/
- Congressional Research Service. (2019, March 11). Data Flows, Online Privacy, and Trade Policy. https://fas.org/sgp/crs/row/R45584.pdf
- Data Protection Commissioner v Facebook Ireland and Maximillian Schrems. (Court of Justice of the European Union July 16, 2020).
- Deloitte. (2020, April 7). Brazilian General Data Protection Act. Retrieved April 13, 2020, from https://www2.deloitte.com/br/en/pages/risk/articles/lgpd.html
- Digital Realty. (2018). Data Economy Report 2018. https://go2.digitalrealty.com/rs/087-YZJ-646/images/Report_Digital_Realty_1805_Data_Economy_Report_2018.PDF?mkt_tok=eyJpIjoiWlRJME9XTXpOalF4TURjNCIsInQiOiJ6QmNJdmtTRGUzZ1wvUHBkRFMwdEYxYU02RjRjSnJueUNqZUdUZlYzYkR1QWRyeEtEZ25GbitpVXF0dGRQMGtIcUZVNXBOaERFd1RZWVJzZ0RcL3lnVVZqbFVlSWxRREZIVlAzNzhDanM5eW5jbGQ5ZE1CT1dKSEIxcDhwbjZWSWhQIn0%3D
- Dillinger, J. (2019, September 6). List of Countries By Internet Users. WorldAtlas. Retrieved April 14, 2020, from https://www.worldatlas.com/articles/the-20-countries-with-the-most-internet-users.html
- DLA Piper. Breach notification. (n.d.). Data Protection Laws of the World. Retrieved April 13, 2020, from https://www.dlapiperdataprotection.com/index.html?t=breach-notification&c=RU
- Economy, E. (2018, July 4). The great firewall of China: Xi Jinping’s internet shutdown. Retrieved January 11, 2021, from The Guardian website: https://www.theguardian.com/news/2018/jun/29/the-great-firewall-of-china-xi-jinpings-internet-shutdown
- Emmanuel Pernot-Leplay. (2020, March 27). Data Privacy Law in China: Comparison with the EU and U.S. Approach. Retrieved April 20, 2020, from https://pernot-leplay.com/data-privacy-law-china-comparison-europe-usa/
- Federal Data Protection Act (BDSG). (n.d.). Gesetze im Internet. https://www.gesetze-im-internet.de/englisch_bdsg/
- Fernandez, D. (2018, October 2). Argentina’s new Bill on Personal Data Protection. International Association of Privacy Professionals. Retrieved April 15, 2020, from https://iapp.org/news/a/argentinas-new-bill-on-personal-data-protection/
- Foote, C. (2019, April 15). Fact of the week: The Digital Economy Grew 4.3 Times Faster than the U.S. Economy Overall from 1997 to 2017. Information Technology and Innovation Foundation. https://itif.org/publications/2019/04/15/fact-week-digital-economy-grew-43-times-faster-us-economy-overall-1997-2017
- Gabel, D. & Hickman, T. (2019). The Rapid Evolution of Data Protection Laws: Data Protection 2019. International Comparative Legal Guides International Business Reports. Retrieved April 8, 2020, from https://iclg.com/practice-areas/data-protection-laws-and-regulations/1-the-rapid-evolution-of-data-protection-laws
- GDPR Enforcement Tracker. (n.d.). List of GDPR fines. Retrieved April 9, 2020, from https://www.enforcementtracker.com/?
- GDPR.EU. GDPR Small Business Survey 2019. (2019, May) https://gdpr.eu/wp-content/uploads/2019/05/2019-GDPR.EU-Small-Business-Survey.pdf
- Griffiths, J. (2019, April 8). Governments are rushing to regulate the internet. Users could end up paying the price. CNN. Retrieved April 8, 2020, from https://www.cnn.com/2019/04/08/uk/internet-regulation-uk-australia-intl-gbr/index.html
- Guo, E. (2020a, December 9). Facebook is now officially too powerful, says the US government. Retrieved January 20, 2021, from MIT Technology Review website: https://www.technologyreview.com/2020/12/09/1013641/facebook-should-be-broken-up-says-us-government/
- Guo, E. (2020b, December 16). US states are suing Google: here’s what you need to know. Retrieved January 20, 2021, from MIT Technology Review website: https://www.technologyreview.com/2020/12/16/1014886/texas-lawsuit-google-antitrust-facebook/
- Hernandez, B. (2020, April 17). Data Localization Laws around the World. Women in Localization. Retrieved April 15, 2020, from https://womeninlocalization.com/data-localization-laws-around-the-world/
- Hout, T., & Ghemawat, P. (2010, December 1). China vs the World: Whose Technology Is It? Retrieved January 12, 2021, from Harvard Business Review website: https://hbr.org/2010/12/china-vs-the-world-whose-technology-is-it
- The History of the General Data Protection Regulation. (2017, March 29). European Data Protection Supervisor—European Data Protection Supervisor. Retrieved April 7, 2020, from https://edps.europa.eu/data-protection/data-protection/legislation/history-general-data-protection-regulation_en
- Hulefeild, M. (2018, December 12). Australia and Chinese Taipei join APEC’s CBPR system. International Association of Privacy Professionals. Retrieved April 22, 2020, from https://iapp.org/news/a/australia-and-chinese-taipei-join-apec-cbpr-system/
- Human Rights Watch. (1996, May). Silencing the Net: The Threat to Freedom of Expression On-line. The New York Times On the Web. Retrieved March 25, 2020, from https://archive.nytimes.com/www.nytimes.com/library/cyber/week/0910hrw.html
- Hunton Andrews Kurth. (2019, June 13). APEC Endorses Additional U.S. CBPR and PRP Accountability Agent. Privacy & Information Security Law Blog. Retrieved April 20, 2020, from https://www.huntonprivacyblog.com/2019/06/13/apec-endorses-additional-u-s-cbpr-and-prp-accountability-agent/
- India’s misguided move towards data localisation. (2018, September 10). Financial Times. Retrieved April 16, 2020, from https://www.ft.com/content/92bb34a8-b4e5-11e8-bbc3-ccd7de085ffe
- Information Commissioner’s Office. (2019, August 2). Guide to the General Data Protection Regulation (GDPR). Retrieved March 25, 2020, from https://ico.org.uk/media/for-organisations/guide-to-the-general-data-protection-regulation-gdpr-1-0.pdf
- International Association of Privacy Professionals. (2017, May 31). GDPR Matchup: The APEC Privacy Framework and Cross-Border Privacy Rules. Retrieved April 15, 2020, from https://iapp.org/news/a/gdpr-matchup-the-apec-privacy-framework-and-cross-border-privacy-rules/
- International Privacy Standards. (n.d.). Electronic Frontier Foundation. Retrieved April 14, 2020, from https://www.eff.org/issues/international-privacy-standards
- Institute of International Finance. (2019, March). Data Flows Across Borders: Overcoming Data Localization Restrictions. Institute of International Finance. Retrieved April 8, 2020, from https://www.iif.com/Portals/0/Files/32370132_iif_data_flows_across_borders_march2019.pdf
- Johnson, L. (2019, October 8). Ctrl + shift + delete: The GDPR’s Influence on National Security Posture. Council on Foreign Relations. Retrieved March 24, 2020, from https://www.cfr.org/blog/gdpr-influence-national-security-posture
- Kathuria, R., Kedia, M., Varma, G., & Bagchi, K. (2019, November). Economic Implications of Cross-Border Data Flows. Indian Council for Research on International Economic Relations. Retrieved April 13, 2020, from https://icrier.org/pdf/Economic_Implications_of_Cross-Border_Data_Flows.pdf
- Key Issues. (2018, October 9). General Data Protection Regulation (GDPR). Retrieved March 24, 2020, from https://gdpr-info.eu/issues/
- KPMG China. (2017, February). Overview of China’s Cybersecurity Law. https://assets.kpmg/content/dam/kpmg/cn/pdf/en/2017/02/overview-of-cybersecurity-law.pdf
- Kurzer, R. (2018, May 9). As GDPR approaches, marketers are moving away from their reliance on third-party data. MarTech Today. Retrieved March 25, 2020, from https://martechtoday.com/as-gdpr-approaches-marketers-are-moving-away-from-their-reliance-on-third-party-data-215125
- Monteiro, R. (2018, August 14). The new Brazilian General Data Protection Law—a detailed analysis. International Association of Privacy Professionals. Retrieved April 20, 2020, from https://iapp.org/news/a/the-new-brazilian-general-data-protection-law-a-detailed-analysis/
- Oberlo. (2020, March 5). Ecommerce Sales by Country in 2019. Retrieved April 21, 2020, from https://www.oberlo.com/statistics/ecommerce-sales-by-country
- Panday, J. (2017, September 15). Rising Demands for Data Localization a Response to Weak Data Protection Mechanisms. Electronic Frontier Foundation. Retrieved April 15, 2020, from https://www.eff.org/deeplinks/2017/08/rising-demands-data-localization-response-weak-data-protection-mechanisms
- Reinsch, W.A. (2018, March 9). A Data Localization Free-For-All? Center for Strategic and International Studies. Retrieved April 8, 2020, from https://www.csis.org/blogs/future-digital-trade-policy-and-role-us-and-uk/data-localization-free-all
- Rodriguez, M. (2019, November 13). The Definitive Guide to Brazil’s LGPD Privacy Law. Osano. Retrieved April 21, 2020, from https://www.osano.com/articles/brazil-lgpd
- Sacks, S., & Sherman, J. (2019, June 26). The Global Data War Heats Up. The Atlantic. Retrieved April 14, 2020, from https://www.theatlantic.com/international/archive/2019/06/g20-data/592606/
- Salem, D. (1981). The Joint Venture Law of the People’s Republic of China: Business and Legal Perspectives. Maryland Journal of International Law, 7(1), 1–4.
- Singh, M. (2019, December 10). India Proposes New Rules to Access Its Citizens’ Data. TechCrunch. Retrieved April 14, 2020, from https://techcrunch.com/2019/12/10/india-personal-data-protection-bill-2019/
- Sobers, R. (2020, March 29). A Year in the Life of the GDPR: Must-know stats and takeaways. Varonis. Inside Out Security. Retrieved April 9, 2020, from https://www.varonis.com/blog/gdpr-effect-review/
- Social Media Stats Worldwide. (n.d.). StatCounter GlobalStats. Retrieved April 16, 2020, from https://gs.statcounter.com/social-media-stats
- The State of Data Protection Rules Around the World: A Briefing for Consumer Organisations. (n.d.). Consumers International. https://www.consumersinternational.org/media/155133/gdpr-briefing.pdf
- Statista. (2020, January 7). Countries with the highest number of internet users as of June 2019. Retrieved April 16, 2020, from https://www.statista.com/statistics/262966/number-of-internet-users-in-selected-countries/
- Sullivan, C. (2019, August). EU GDPR or APEC CBPR? A Comparative Analysis of the Approach of the EU and APEC to Cross Border Data Transfers and Protection of Personal Data in the IoT Era. Computer Law & Security Review, Vol. 35, Issue 4, August 2019, pp. 380-97. Retrieved April 21, 2020, from https://www.sciencedirect.com/science/article/abs/pii/S026736491930038X
- Swinhoe, D. (2019, March 11). What are the new China Cybersecurity Law provisions? And how CISOs should respond. CSO Online. Retrieved April 14, 2020, from https://www.csoonline.com/article/3359236/what-is-the-china-cybersecurity-law-how-cisos-should-respond.html
- UNCTAD. Data Protection and Privacy Legislation Worldwide. (n.d.). Retrieved April 9, 2020, from https://unctad.org/en/Pages/DTL/STI_and_ICTs/ICT4D-Legislation/eCom-Data-Protection-Laws.aspx
- UNCTAD. (2019). Digital Economy Report 2019. (2019, September 4). https://unctad.org/en/PublicationsLibrary/der2019_overview_en.pdf
- Understanding Data Localization Laws. (2016, August 17). Big Bang ERP. Retrieved April 10, 2020, from https://www.bigbangerp.com/blog/data-localization-laws/
- United Nations. (2019) Data Economy: Radical transformation or dystopia? https://www.un.org/development/desa/dpad/wp-content/uploads/sites/45/publication/FTQ_1_Jan_2019.pdf
- United States International Trade Commission. (2017, August). Global Digital Trade 1: Market Opportunities and Key Foreign Trade Restrictions. https://www.usitc.gov/publications/332/pub4716_0.pdf
- Wagner, J. (2017, June 1). China’s Cybersecurity Law: What You Need to Know. Retrieved April 15, 2020, from https://thediplomat.com/2017/06/chinas-cybersecurity-law-what-you-need-to-know/
- Wimmer, K., & Maldoff, G. (2019, December 13). India Proposes Updated Personal Data Protection Bill. Covington & Burling, Inside Privacy. Retrieved April 15, 2020, from https://www.insideprivacy.com/india/india-proposes-updated-personal-data-protection-bill/
- Yaraghi, N. (2018, June 11). A case against the General Data Protection Regulation. Brookings. Retrieved April 7, 2020, from https://www.brookings.edu/blog/techtank/2018/06/11/a-case-against-the-general-data-protection-regulation/