The border between the USA and Canada, in Washington State

In my last post I looked at the USA PATRIOT Act, and at some of the ways in which it exemplifies differences in attitude and approach on either side of the Atlantic. In our increasingly connected world, these differences begin to pose quite serious challenges for those wishing to join up, to aggregate, and to operate at scale. In this post I’ll take a look at one particular case in which matters must soon come to a head; the current enthusiasm for cross-border data flows, and what GigaOM’s Derrick Harris refers to as “free trade for data.”

At first glance, the concept of free trade for data makes a lot of sense. Of course data should be able to move with reasonable freedom from country to country. As someone who once had the job title of ‘Interoperability Focus’ I’m bound to agree that international standards should normally be used to promote interoperability and transparency. Few, surely, would not welcome cross-border arrangements to encourage entrepreneurial reuse of data, or to ensure that people in different countries can access popular online services headquartered overseas?

Unfortunately, the bulk of the evangelism around reaching new agreements here is nationalistic, partisan, and closely tied to particular world views. From here in Europe, American posturing on the topic grates. From America, we Europeans no doubt appear protectionist and over-cautious. And elsewhere in the world, governments and companies with valid contributions to make cry out to be heard amidst the trans-Atlantic babel.

Derrick’s post from last November is a case in point, discussing submissions by US companies (Visa, Mastercard, Microsoft, Oracle, Salesforce, etc) to a US body (the National Foreign Trade Council), in an attempt to influence US government policy with respect to its peers around the world. The topic was Cross-Border data sharing, but similar companies from overseas were not involved. Nokia? Vodafone? Baidu? SAP? HSBC? Nope, nope, nope, nope, nope. Companies embracing a particular world view, rooted in a particular culture, come together to draw up recommendations that (probably in good faith) reflect that world view and those cultural norms. Whether implicitly or explicitly, those recommendations then seek to project that world view onto other countries, other cultures. We all do it. We all bring our baggage, our beliefs, our presumptions. Sometimes we know when we’re doing it, and we can either carry on regardless, or we can attempt to account for alternative approaches. But all too often the cultural norms are so ingrained that we forget they’re there. We assume that they’re normal. We assume that they’re shared. And then we’re surprised when Australians balk at receiving the ‘summer’ release of software in June, when Americans don’t consider that piece of personal data to be sensitive, or when Europeans think Government really should be involved in regulating a social networking site.

If we want to ensure the unimpeded flow of data across borders — and we should — then we need to begin by recognising that the places and people on either side of that border are very likely to be different. Their attitudes are different. Their needs are different. Their aspirations are different. Their laws are different. In the early days of the Internet and the web, legislation, policy and even expectation did not really exist. Almost by default, US attitudes and presumptions tended to apply unless a particular country cared enough to institute something different inside their own borders. As we become more and more interested in territoriality and jurisdiction with respect to data, that naive innocence no longer applies. There is no longer a blank canvas upon which the innovators can paint their hopes. We have policies, regulations, and laws. We have populations that have experienced today’s web, and we have a media quick to interject its perspective.

Today, far more than at the web’s birth, we have to engage in public dialogue about what we want to achieve, and why. We cannot achieve Derrick’s aspiration of free trade for data and leave every local law, policy and procedure untouched. But nor can we achieve it by projecting a single world view around the globe, sweeping all of those prior laws aside.

Rather than entrench behind a US ‘position,’ a European ‘position’ (including 24 variant positions, two abstensions and an opt-out), a Chinese ‘position,’ and so on, can’t we begin to understand what some of the real opportunities — and concerns — might be?

Big companies that operate internationally (like those developing the document (PDF) Derrick discussed) absolutely need to come together, to share their perspectives on the pain of moving data around. But for those companies only to be American is insane, and counter-productive. Nokia has perspectives to share here, as do HSBC or Vodafone. Let’s hear them in the same forum. Let’s also hear individual governments, speaking up for the concerns and desires of their citizens. Let’s hear the citizens themselves, when they care enough to express an opinion. But let’s hear all of it early, before it becomes entrenched in a set of contradictory official statements.

Then we might arrive at a sensible approach to ensuring free trade for data, rather than the projection of an American ideal upon the rest of us.

And that sounds like a good topic for one of those panels at Davos later this month…