Recent global developments offer a glimpse into the future of cross-border data regulation. Historically, such regulations have focused on restrictions of cross-border transfers of personal data to achieve public policy goals on individual privacy rights.

Today, cross-border data regulations are starting to cover a broader array of data, such as personal data, nonpersonal data and other company information, for a diversified range of public policy purposes — national security, artificial intelligence, antidiscrimination/fairness, competition and the like. Moreover, whereas historically the World Trade Organization and other multilateral treaty frameworks would limit the ability of countries to adopt regulations that impose unfair treatment on global businesses, such frameworks now have diminished effectiveness for various reasons.

Companies now face a variated landscape of divergent outbound data transfer restrictions, data localization requirements, data quality standards, compelled data disclosure obligations and other country-specific legal obligations. Check out my IAPP article on this here: https://iapp.org/news/a/a-glimpse-into-the-future-of-cross-border-data-regulation/