data sovereignty

Robot, Take the Wheel: The Road to Autonomous Cars and the Lost Art of Driving
by Jason Torchinsky
Published 6 May 2019

Automated driving is justifiable only to the extent to which conceivable attacks, in particular manipulation of the IT system or innate system weaknesses, do not result in such harm as to lastingly shatter people’s confidence in road transport. Permitted business models that avail themselves of the data that are generated by automated and connected driving and that are significant or insignificant to vehicle control come up against their limitations in the autonomy and data sovereignty of road users. It is the vehicle keepers and vehicle users who decide whether their vehicle data that are generated are to be forwarded and used. The voluntary nature of such data disclosure presupposes the existence of serious alternatives and practicability. Action should be taken at an early stage to counter a normative force of the factual, such as that prevailing in the case of data access by the operators of search engines or social networks.

Digital Empires: The Global Battle to Regulate Technology
by Anu Bradford
Published 25 Sep 2023

Several jurisdictions that have embraced Chinese technologies do not necessarily subscribe to the Chinese government’s ideology. Many developing countries, for example, view Chinese infrastructures as the most affordable path toward digital development, which is key to their economic growth. Some of these governments are also likely drawn to the promise of “data sovereignty,” which gives them greater control of data flows. However, no doubt, some governments also share the ideological underpinnings of the Chinese regulatory model. They cherish the idea that Chinese-built technology can also allow them to replicate some of the key features of the state-driven regulatory model, including enhanced surveillance of their citizens and content controls for suppressing dissent, both of which allow them to cement their power over the society.

…

The DSR plants an infrastructure channel that the Chinese leadership may start deploying more strategically to challenge the US-led technology order, pulling more countries closer into its orbit both technologically and geopolitically.161 If this occurs, the Chinese government’s much-touted idea of data sovereignty will be illusory as these DSR recipients will ultimately be subject to the control of the CCP.162 To date, there is limited evidence on which to judge whether these potential fears will actually materialize. In 2019, the Wall Street Journal reported that Huawei employees had assisted the Ugandan and Zambian governments in spying on their political opponents.163 This assistance entailed intercepting those individuals’ encrypted communications and social media accounts and using cellular data to track their movements.

…

A Medium Corporation, 76–77 Abdulemam, Ali, 284 Acacia, 204–5 ACCC (Australian Competition and Consumer Commission), 334, 341, 343–44 Accenture, 136–37 Act on Improvement of Transparency and Fairness in Trading on Specified Digital Platforms (TFDPA) (Japan), 346–47 Act on the Protection of Personal Information (Japan), 333–34 Adobe, 341 AdSense program (Google), 243 advertising AdSense program (Google), 243 Digital Advertising Tax (Maryland), 239–40 on Facebook, 154–55, 260, 384 political, 66 targeted, 382 Afghanistan, 274, 282 Africa, 261, 273, 297–300. see also specific countries by name Pakistan East Africa Cable Express, 300 Silicon Valley sites, 263 African Union (AU), 18–19, 318 AFSL (Anti-Foreign Sanctions Law) (China), 202–3 Agency for Global Media, 276–77 AHRC (Australian Human Rights Commission), 350–51 AI. see artificial intelligence AI Act (EU), 114, 144–45 AI Regulation (EU), 130 AirPods (Apple), 261 Alexander, Keith, 66–67 Algeria, 317–18 Alibaba, 108, 154–55 antitrust fines, 94, 98–99, 347–48, 391 Chinese state support, 8–9, 71, 96, 391–92 compliance with Chinese regulations, 391 DSR projects, 294–95, 296 e-commerce operations, 155, 300 global influence, 70–71, 73, 208–9, 262–63, 293 Memorandum of Understanding with Pakistan Trade Development Authority, 300 prosperity initiatives, 98–99 US audits, 177 US funding, 93–94 VIE structure, 174–75 Allison, Graham, 216–17 Allow States and Victims to Fight Online Sex Trafficking Act (FOSTA) (US), 51–52, 53–54, 55 Alphabet, 153–54 Amari, Akira, 316–17 Amazon, 108, 137 acquisitions, 2, 50–51 annual revenues, 2 antitrust investigations, 224, 242–44, 249, 345 China Books portal, 159–60 compliance with Chinese laws and regulations, 155, 159–61 e-commerce operations, 155, 262 EU market, 328 European headquarters, 142–43 global influence, 133–34, 259–60, 262–63 lobbying expenditures, 55–56 market capitalization, 2 monopolistic behavior, 53–54 Safe Harbor agreement, 229–30 tax payments, 126–27, 238–39 Amazon Prime Video, 372 Amazon Warehouse Services, 262 Amazon Web Services (AWS), 155, 160 Amazon.cn, 160 AMD, 247 America First policy, 213 American Chamber of Commerce, 357 American Civil Liberties Union (ACLU), 46, 355–56 American Innovation and Choice Online Act (US), 53–54 American market-driven regulatory model, 6–10, 21–22, 23–24, 28–29, 33–68, 91–94, 106–7, 131–36, 221–54, 366–69 decline, 361–64 global influence, 16–20, 257–89 Amnesty International, 78–79, 162–63 Andersen, Ross, 86 Andorra, 333–34 Android OS (Google), 153–54, 189–90, 243, 344–45 Anonymous.Kollektiv, 280–81 Ant Group, 71, 94, 96, 175, 300 anti-censorship principles, 267–68, 270–76 Anti-Foreign Sanctions Law (AFSL) (China), 202–3 Anti-Google Law (Telecommunications Business Act 31) (South Korea), 347 Anti-Monopoly Guidelines (China), 94–95, 347–48 Anti-Monopoly Law (China), 204 Anti-Sanctions Law (China), 200 antitrust regulation Brussels effect in, 342–48 Chinese laws and fines, 71, 94 enforcement of, 2, 5, 53–55, 140, 244–45, 358 EU law, 125–26, 140, 224, 242–50, 342–48 US law, 50–51, 53–54, 63–64 AOL, 46 APIG, 123 Apple, 33–34, 54–55, 108 acquisitions, 2, 50–51 AirPods, 261 annual revenue, 2 anti-tracking measures, 382–83 antitrust investigations, 242–45, 247, 249, 345, 347, 358 App Store, 377–78 App Tracking Transparency tool, 382–83 child protection systems, 39–40 Chinese App Store, 78–79, 153, 156–57 compliance with Chinese laws and regulations, 149–50, 151, 153, 156–57, 161, 178 compliance with EU laws and regulations, 324–25 compliance with Russian laws and regulations, 163, 312, 338 content moderation, 338, 341, 377–78 core values, 149 data collection, 61 data privacy policy, 149, 324, 330, 382–83 disinformation code, 341 EU market, 328 European headquarters, 142–43 global influence, 259–60, 261 government battles, 13–15 iCloud operations, 153 iMac, 59 iOS 15 phone, 39–40 iPad, 153 iPhone, 59, 133–34, 153, 215–16, 261, 382–83 lobbying activity, 55–56, 356–57 Mac, 153 market capitalization, 2 monopolistic behavior, 53–54 neuralMatch, 39–40 Russian law against, 312 Safe Harbor data transfer agreement, 229–30 sales in China, 153 sales in Europe, 236 Siri, 59 tax payments, 126–28, 236–37, 238–39, 243–44, 245 Weather app, 338 Apple Maps, 156–57, 338 Apple Pay, 153 Apple Store, 358 Apple Watch, 156–57, 261 Applied Materials, 204–5 apps Apple’s Chinese App Store, 156–57 Chinese, 165–72 Colorful Balloons (Facebook), 158–59 Quran, 156–57 Russian, 312 Smart Voting, 163 Weather (Apple), 338 Arab countries, 267–68 Arab Spring, 272, 285–86 Argentina, 260, 333–34 ARPANET, 59 artificial intelligence (AI) AI Act (EU), 114, 144–45 Chinese, 99–100, 102, 180–81, 208–9, 210–11, 295–96, 315–16 Digital Silk Road (DSR) projects, 296 Ethics Guidelines for Trustworthy AI (EU), 350–51 facial recognition, 138 gait recognition, 101 Global Artificial Intelligence Industry Data Report, 210 Governance Principles for a New Generation of Artificial Intelligence (Chinese Ministry of Science and Technology), 92 Next Generation of Artificial Intelligence Development Plan (China), 75 Plan for Development of the New Generation of Artificial Intelligence (2017 AI Development Plan) (China), 208–9 protections against harmful applications of, 113–15 regulation of, 15–16, 142, 251–52, 337, 348–53 research and development, 197, 374–75 surveillance operations, 85, 293, 315–16 tech standards, 305–6 US–China tech war, 186–87, 207–11 VC funding, 209–10 Asia, 260–61, 300. see also specific countries by name Asia-Pacific Economic Group, 266–67 AU (African Union), 18–19, 318 Audiovisual Media Services Directive (EU), 123 Austin, Lloyd, 209 Australia, 337 AI Action Plan, 350–51 AI Ethics Framework, 350–51 anti-censorship principles, 267–68 antitrust regulation, 343–44, 345 Clean Network, 321 Code of Practice on Disinformation and Misinformation, 341–42 content moderation, 341–42 digital trade agreements, 322 news industry regulation, 351–52, 383 nonregulation principle, 266–68 Privacy Act, 334 relations with China, 197–98, 319–20 restrictions on Chinese tech companies, 193–94, 319–20 search engine market, 260–61 techno-democracy, 389–90 Australian Communications and Media Authority (ACMA), 341–42 Australian Competition and Consumer Commission (ACCC), 334, 341, 343–44 Australian Human Rights Commission (AHRC), 350–51 Austria, 126–27, 239, 242 authoritarian governments, 364–66 authoritarianism, 135, 388–89 beyond China, 308–13 digital, 77–78, 99, 290–323 automated driving, 208–9 autonomy, strategic, 132–34, 186 AWS (Amazon Web Services), 155, 160 Azure cloud-computing service (Microsoft), 154–55 B3W (Build Back Better World) initiative (G7), 321–22 Backpage, 367–68 Backpage.com, 51–52, 64 Bahrain, 284 Baidu, 73, 108, 153–54, 165, 208–9 American funding, 93–94 VIE structure, 174–75 Baker, Stewart, 233 Balkin, Jack, 53–54, 56–57 Bankruptcy Code (US), 374 Barbrook, Richard, 34 Barlow, John Perry, 36–37 Barreto, Alexandre, 344–45 Barshefsky, Charlene, 224 batteries, 134–35 Bazelon, Emily, 363–64 BeiDou Navigation Satellite System, 300 Beijing, China, 153 Beijing News, 160–61 Beijing Sinnet Technology, 160 Belarus, 285–86 Belgium, 142 Belt and Road Initiative (BRI) (China), 206, 294, 305, 321–22 Benkler, Yochai, 34–35 Berlin, Germany, 263 Bezos, Jeff, 374–75 Bhatia, Karan, 158 Biden, Joe approach toward Chinese companies, 193, 213 approach toward regulation, 53–55, 168–69 Build Back Better World (B3W) initiative, 321–22 China doctrine, 185, 213–14 Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities, 235–36 foreign policy doctrine, 390 internet freedom agenda, 278–79 Big Data of Public Tranquility Project (Marseille), 296–97 bilibili, 165 Binding Corporate Rules, 231–32 Bing search engine (Microsoft), 154, 160–61, 282–83 bipolar world, 386–88 bit taxes, 286 #BlackLivesMatter movement, 41, 362–63 Blackstone, 204 Blinken, Anthony, 198–99, 278 blockchain, 295–96 Blocking Rules (Rules on Counteracting Unjustified Extra-territorial Application of Foreign Legislation and Other Measures) (China), 200, 202 Boeing, 275–76 Borrell, Josep, 111 Brazil, 344–45 BRICS Leaders Declaration, 303 Lei Geral de Proteção de Dados Pessoais, 335–36 WhatsApp users, 260 Bremmer, Ian, 259–60 Breton, Thierry, 105, 134, 234 Brexit campaign, 17–18, 120–21, 280 BRI (Belt and Road Initiative) (China), 206, 294, 305, 321–22 BRICS Leaders Declaration, 303 Brilliant, Myron, 246 Brin, Sergey, 374–75 Brookings Institution, 207–8, 282–83 Brussels effect, 324–26 in antitrust regulation, 342–48 in artificial intelligence (AI), 348–53 beyond privacy, 337–53 in content moderation, 337–42 countermeasures, 356–59 criticism of, 353–56 in data privacy policy, 326–36 in digital services taxes (DSTs), 352 foreign tech companies and governments’ concern with, 353–59 in news industry regulation, 351–52 Build Back Better World (B3W) initiative (G7), 321–22 Bulgaria, 144 Burma, 270–71, 274–75, 285–86 ByteDance, 14–15, 98–99, 165, 166–67, 175 Content Quality Center, 89 global influence, 70–71, 293–94 US funding, 93 CAC (Cyberspace Administration of China), 88–89, 173, 175 Cadence, 218 California, 40, 58, 63–64, 347 Northern District, 169 Silicon Valley, 7–8, 33–35, 42, 92–93, 263, 283–84 California Consumer Privacy Act (CCPA), 54–55, 333, 336 California effect, 332 California Privacy Rights Act (CPRA), 54–55, 333, 336 Cambridge Analytica, 4, 7–8, 66, 120–21, 251, 368–69 Cameron, Andy, 34 Canada antitrust regulation, 345 Clean Network, 321 data privacy, 331 data protection law, 333–34 digital services taxes (DSTs), 352 digital trade agreements, 322 entrepreneurship, 374 G7 relations, 321–22 relations with China, 197–98 restrictions on Chinese tech companies, 193–94 techno-democracy, 389–90 Canon, 263 Capital Markets Union (CMU), 373 capitalism digital, 6 surveillance, 4, 66, 135–36, 368–69 varieties of, 106–7 Carnegie Endowment for International Peace, 318–19 Cayman Islands, 92–93 CCP (Chinese Communist Party), 8, 18, 24–25, 69–70, 71, 73–74, 164, 166–67, 192–93, 196–97, 296 CCPA (California Consumer Privacy Act), 54–55, 333, 336 CDA. see Communications Decency Act CEIEC (China National Electronics Import & Export Corporation), 301 cellphones, 274. see also smartphones censorship, 14–15, 76–77, 141. see also content moderation anti-censorship principles, 267–68, 270–76 in Apple’s Chinese App Store, 156–57 Chinese measures, 77–85, 150–51, 152, 154, 155–64 human, 83 optimal, 80–81 porous, 81–82 proactive, 14–15 Russian measures, 309–10 state control by, 78–85 Center for Democracy & Technology (CDT), 232, 357 Central Party School, 80–81 CFIUS (Committee on Foreign Investment in the United States), 195–96 Charanzovà, Dita, 249 Charter of Fundamental Rights of the European Union (EU Charter), 110–11, 112, 116, 226 Chen, Gang, 196 Chen, Yuyu, 82 Chen Weiss, Jessica, 219 child protection systems, 39–40 Children’s Online Privacy Protection Act (COPPA) (US), 44–45 Chile, 266–67, 322 Chilecon Valley (Santiago), 263 China 50 Cent Army, 83 Administrative Measures for Internet Information Services, 88 advertising market, 154–55 AI operations, 99–100, 388–89 AI research, 180–81, 208–11 Anti-Foreign Sanctions Law (AFSL), 202–3 Anti-Monopoly Guidelines, 94–95, 347–48 Anti-Monopoly Law, 204 Anti-Sanctions Law, 200 antitrust regulation, 71, 94, 97–98, 200, 204, 347–48 Apple operations, 149–50, 261 battles with tech companies, 13–16 battles with US and EU, 11–13, 15–16, 21, 26, 27 Belt and Road Initiative (BRI), 206, 294, 305, 321–22 BRICS Leaders Declaration, 303 censorship measures, 77–91, 150–52, 154, 156–57, 163–64, 180–81, 274 Central Party School, 80–81 cloud-computing service market, 154 CN2 network, 275–76 “common prosperity”, 5, 71–72, 95–96, 98–99, 347–48 criticism of US internet freedom agenda, 284, 288–89 cyber development, 70 cyberattacks, 134 Cybersecurity Law, 79–80, 94–95, 175, 201–2 Cybersecurity Review Measures, 94–95 Cyberspace Administration of China (CAC), 88–89, 173, 175 data localization requirements, 330–31 Data Security Law (DSL), 79–80, 94–95, 175, 201–2 digital authoritarianism, 135, 290–323 digital influence, 297–302 digital protectionism, 72–77, 214 Digital Silk Road (DSR) initiative, 18, 20, 27–28, 294–97, 314, 316–17, 391–92 digital sovereignty, 215 disinformation campaigns, 282–83 dual circulation strategy, 206 e-commerce, 94–95, 155 Export Control Law (ECL), 200–3 exports, 290–323 Five-Year Plan (14th), 206 global influence, 20, 27–28, 289, 290–92, 293–308, 313–23 Great Firewall, 8–9, 78–79, 203–4, 275–76 Houston, Texas consulate, 302 human rights abuses, 100–1, 185, 190–91 influence strategy, 302–8 infrastructure, 20, 290–323 International Strategy for Cooperation on Cyberspace, 303–4 internet policy, 100, 180, 181 internet sovereignty, 288–89 limitations on foreign investment and operations in, 203–5 Made in China 2025 program, 74–75, 185–86, 214 Measures for the Security Review of Foreign Investments (FISR Measures), 203 Military-Civil Fusion strategy, 190–91, 196–97 Ministry of Commerce (MOFCOM), 200–1, 202, 203 Ministry of Foreign Affairs, 100–1 Ministry of Industry and Information Technology (MIIT), 306 Ministry of Public Security, 160 Ministry of Science and Technology, 92, 302 Ministry of State Security, 197–98 mobile payments, 96 National Development and Reform Commission (NDRC), 203 National People’s Congress (NPC), 73–74, 94–95, 201–2 national policy agenda, 73–74 national security concerns, 164–78 National Security Law, 79–80 Negative List, 203–4 Next Generation of Artificial Intelligence Development Plan, 75 Peace & Security Partnerships with the African Union, 318 People’s Liberation Army, 78–79 Personal Information Protection Law (PIPL), 91–92, 94–95, 175, 334–35 Plan for Development of the New Generation of Artificial Intelligence (2017 AI Development Plan), 208–9 political leadership, 70 propaganda campaigns, 282–83 recent tech crackdown, 94–99 regulations, 6–10, 16–20, 21, 23–25, 28–29, 57–63, 67, 69–104, 108, 131–36, 364–66, 387–88, 391 relations with African Union, 318 relations with Australia, 197–98, 319–20 relations with EU, 253–54 relations with Germany, 253, 321 relations with Russia, 310–13 restrictions on US tech companies, 76, 199–207 Rules on Counteracting Unjustified Extra-territorial Application of Foreign Legislation and Other Measures (Blocking Rules), 200, 202 science and technology diplomats, 302 search engine market, 153–54, 260–61 semiconductors, 211, 217–18 Sharp Eyes initiative, 4–5, 86 smart cities, 86 social credit system, 8–9, 87–88, 89–90 social media, 154–55, 312–13 societal security, 85 standards, 302–8 State Administration for Market Regulation (SAMR), 204, 347–48 State Administration of Radio and Television, 89 State Bureau of Surveying and Mapping, 156–57 state control, 85–88 state-controlled media, 84 State Council Information Office, 70 subsidies, 211, 217–18 support for UN, 303 Supreme People’s Court, 80 Supreme People’s Procuratorate, 80 surveillance operations, 4–5, 17, 61–62, 77–91, 188–89 tech entrepreneurs, 35 tech exports, 293 tech industry, 70–71, 72–75, 92–93, 97–98 technical standards, 291, 305–6 techno-autocracy, 389–90 techno-nationalism, 75–76 technological self-sufficiency, 73–75, 199–207 trade sanctions against, 185–86 Unreliable Entities List (UEL), 200–1, 218–19 US measures against, 187–99, 270–71 US tech companies’ battle with, 152–64 US–China relations, 74–75, 162–63, 171, 197–99, 323 US–China tech war, 10–11, 96–97, 103, 151–52, 164, 179–80, 183–220, 295, 361, 366, 386, 387 US–China trade war, 97, 185–86, 200 videoconferencing market, 154 wealth distribution, 95–96 China Books portal (Amazon), 159–60 China Daily, 84 China Development Bank, 194 China Initiative (US), 196–97 China International Book Trading Corp, 160 China International Telecommunications and Construction Corporation (CITCC), 300 China National Electronics Import & Export Corporation (CEIEC), 301 China Railway Rolling Stock Corporation, 248 China Securities Regulatory Commission (CSRC), 176–77 China Standards 2035 plan, 304 China Strategy Group, 389–90 China Telecom, 306 China Unicom, 306 Chinese apps, 165–72 Chinese Communist Party (CCP), 8, 18, 24–25, 69–70, 71, 73–74, 77–78, 84, 85, 164, 166–67, 192–93, 196–97, 296 Chinese internet, 388 Chinese Internet Propaganda Office, 83 Chinese tech companies, 98–99, 108, 170, 316, 365–66. see also specific companies by name AI technologies, 208–9 Australian restrictions on, 193–94, 319–20 business practices, 151–52 compliance with government regulations, 391 Entity List (US), 189–90 global influence, 262–63, 290–91, 297–99, 316 global smartphone sales, 215–16 internet companies, 84 relations with Chinese government, 293–94 social media companies, 166–67 surveillance technologies, 316 US funding, 93–94 US presence, 165 US restrictions on, 102–3, 164–79, 192–96 VIE structure, 174–75, 176–77 Chinese technology, 21 CHIPS and Science Act (US), 59–60, 211 chokepoint technologies, 206 Chu, Steven, 197 Cisco Networking Academies, 268 Cisco Systems acquisition of Acacia, 204–5 Clean Company, 321 European headquarters, 142–43 Internet City presence, 263 lobbying activity, 357 SolarWinds hack, 60 support for internet freedom, 274–76 surveillance equipment, 312, 316 CITCC (China International Telecommunications and Construction Corporation), 300 Citizens United, 355 Citron, Danielle, 53–54, 56–57, 283–84 CJEU. see European Court of Justice Clarifying Lawful Overseas Use of Data Act (CLOUD Act) (US), 222–23 Clean Companies, 321 Clean Network program (US), 320–21 Clean Telcos, 320–21 Clegg, Nick, 246 Clinton, Bill, 36–37, 48, 268–69 Clinton, Hillary, 40–41, 67, 265, 271–72, 273–75 clipper chips, 47–48 CLOUD Act (Clarifying Lawful Overseas Use of Data Act) (US), 222–23 cloud-computing services, 154–55, 293, 297–98 CloudWalk Technology, 85, 189–90, 298–99, 314–15 CMU (Capital Markets Union), 373 CN2 network, 275–76 code, 37 Code of Conduct on Countering Illegal Hate Speech Online (Hate Speech Code) (EU), 116–17, 338 Code of Practice on Disinformation and Misinformation (Australia), 341–42 Cohen, Jared, 389 Cold War, 58–59, 217–18, 270 Colombia, 268 Colorful Balloons app (Facebook), 158–59 Commerce Control List (US), 188–89 Committee on Foreign Investment in the United States (CFIUS), 195–96 “common prosperity” push (China), 5, 24–25, 71–72, 95–96, 347–48 Communications Decency Act (CDA) (US), 5, 46 Section 230, 42–47, 53–54, 56–57, 64, 132, 137–38, 265–66, 286–87, 364 community guidelines, 3–4 Compaq, 263 competition between regulatory models, 149–82 United States Innovation and Competition Act, 190–91 US–China tech war, 10–11, 96–97, 103, 183–220, 361 zero-sum, 219 Competition and Markets Authority (UK), 345–46 computer chips, 134 Congressional Research Service, 232 CONSENT Act (proposed), 54–55 Consumer Data Protection Act (Virginia), 336 Consumer Privacy Bill of Rights (proposed), 51, 54–55 content moderation, 3–4. see also censorship Brussels effect on, 337–42 EU approach to, 9–10, 116–18, 119–21, 141, 377–78 role in politics, 65–66 role in propaganda or disinformation, 282–83 Russian approach to, 309–10 Cook, Tim, 2, 61–62, 156–57, 333 Cooper, Alissa, 306–7 Coordinated AI Plan (EU), 134–35 COPPA (Children’s Online Privacy Protection Act) (US), 44–45 copyright Copyright Directive (EU), 122–23, 129–30, 351–52 Digital Millennium Copyright Act (US), 44–45 Correa, Rafael, 301 Cotton, Tom, 192–93 Council of Europe, 350–51 Council on Foreign Relations, 180, 193–94, 355–56 COVID-19 pandemic, 212–13, 351–52 Chinese propaganda messaging, 82–83 disinformation about, 7–8 surveillance during, 85, 315–16, 365 Cox, Chris, 43–44 CPRA (California Privacy Rights Act), 54–55, 333, 336 Crimea, 338 criminal activity cybercrime, 60 social media and, 281–82 surveillance tech and, 85, 296–97, 301, 314 CrowdStrike, 228 CSRC (China Securities Regulatory Commission), 176–77 Cuba, 270–71 cyber civil rights, 53–54 cyber development, 70 cybercrime, 60 cyberespionage, 66–67, 197–98 cybersecurity, 60, 153, 299–300 Chinese reviews, 173 private-public collaboration on, 62 sanctions to deter malicious cyber activity, 134, 197–99 Cybersecurity Law (China), 79–80, 94–95, 175, 201–2 Cybersecurity Review Measures (China), 94–95 cyberspace “A Declaration of the Independence of the Cyberspace” (Barlow), 36–37 International Strategy for Cyberspace (US), 48–49 “National Strategy to Secure Cyberspace” (US), 48–49 regulation of, 36–38 Cyberspace Administration of China (CAC), 88–89, 173, 175 Cyberspace Law and Policy Center (Australia), 357 cybersurveillance, 134. see also surveillance cyberterrorism, 284 Cyprus, 142–43 Czech Republic, 142, 374 D9 (digitally advanced EU countries) group, 142 D9+ group, 142 Dahua, 85, 189–90, 301 Dai Hong, 304 Dailymotion, 76–77 DARPA (Defense Advanced Research Project Agency) (US), 59 data breaches, 18–19, 173, 318 data collection, 4–5, 38, 61. see also data transfers data imperialism, 354–55 data localization, 234, 309, 330–31 Data Mining Tax (New York), 239–40 data privacy, 51. see also privacy Apple’s policy on, 149, 324, 330, 382–83 company policies, 326–32 country policies, 332–36 EU Data Privacy Directive, 228–29 EU-US Data Privacy Framework, 235 European standards, 19, 324–25 privacy cultures, 143–44 public interest exceptions, 335–36 regulation of, 326–36, 382 transatlantic data transfers, 226–36 US rethinking of, 54–55, 362–64 data protection. see also protection(s) adequacy decisions, 333–34 Brazilian Lei Geral de Proteção de Dados Pessoais, 335–36 Chinese measures, 173 Chinese Personal Information Protection Law (PIPL), 91–92, 94–95, 175, 334–35 EU Data Protection Board, 112 EU Data Protection Directive, 132, 137–38, 267, 286–87 EU General Data Protection Regulation (GDPR), 9–10, 28, 91–92, 112–13, 129–31, 136, 137–40 Indian Personal Data Protection Bill (PDPB), 335 Irish Data Protection Commission (DPC), 139, 230, 377 Japanese Act on the Protection of Personal Information, 333–34 Nigerian Data Protection Regulation, 335–36 right to, 111–13, 226 US CLOUD Act (Clarifying Lawful Overseas Use of Data Act), 222–23 Virginia Consumer Data Protection Act, 336 Data Retention Directive (EU), 227–28 Data Security Law (DSL) (China), 79–80, 94–95, 175, 201–2 data sovereignty, 297 data transfers Safe Harbor agreement, 111, 229–30 transatlantic, 222–23, 226–36 decisional privacy, 4, 66, 368–69 “Declaration for the Future of the Internet” (White House), 390 “A Declaration of the Independence of the Cyberspace” (Barlow), 36–37 Declaration on Global Electronic Commerce (WTO), 268–69 decoupling human, 196–97 technological, 178–82, 388 deep tech, 206–7 Defense Advanced Research Projects Agency (DARPA) (US), 59, 209 deglobalization, 151, 165–66 Deliveroo, 128–29 Dell, 263, 312 Deloitte, 60, 175, 207–8 democracy(-ies) advancement of, 40–42 European Democracy Action Plan, 119, 121–22 flawed, 389–90 preserving and strengthening, 118–23 regulatory model for, 366–69 Summit of Democracy, 390 techno-democracies, 22, 320, 388–93 Democracy-10, 389–90 democratic governments, 393 Democratic National Committee (DNC), 67 Democratic Party, 56, 272 Denmark, 142 Deutsche Bank, 217 Development Initiative (US), 268 DFJ, 93 Diaoyu Islands (Senkaku Islands), 156–57 DiDi Chuxing, 14–15, 94, 96–97, 165 annual active users, 173 data protection breach fines, 173 US restrictions on, 173–78, 201–2 user base, 262–63 Digital Advertising Tax (Maryland), 239–40 digital authoritarianism, 135 beyond China, 308–13 China’s, 77–78, 290–323 criticism of, 99 digital capitalism, 6 Digital Divide projects, 268 digital economy, 21–23, 388–93. see also e-commerce global, 385–88 local, 300 digital empires, 6–20, 23, 31–145 digital gatekeepers, 244 digital infrastructure projects, 300 digital liberalism, 132 digital markets, 129–36 Digital Markets Act (DMA) (EU), 107, 126, 130, 137, 138–39, 140, 224, 244, 245–46, 249, 342–43, 345–46, 357–58, 380–81 Digital Millennium Copyright Act (US), 44–45 Digital Opportunity Task Force, 268 Digital Platforms Inquiry (DPI) (Australia), 334, 341, 343–44 digital protectionism Chinese, 72–77, 214 European, 109, 133–34, 224, 242–46 US, 213 digital regulation(s). see also regulation(s) enforcement of, 139–42, 377–78, 381–85 to preserve and strengthen democracy, 118–23 to promote fairness and redistribution, 124–29 to safeguard fundamental rights, 110–18 digital rights, 324–59. see also rights Digital Rights Ireland, 227–28, 243–44 Digital Services Act (DSA) (EU), 117–18, 120, 130, 140, 141–42, 169–70, 224, 246, 249, 340–41, 381 digital services taxes (DSTs), 126–28, 142–43, 224, 240–41 Brussels effect on, 352 transatlantic conflict over, 236–40 Digital Silk Road (DSR) initiative (China), 18, 20, 27–28, 290–91, 294–97, 314, 316–17, 391–92 projects in Pakistan, 300 projects in South and South-East Asia, 300 digital single market (DSM) (EU), 129–30, 371–72 digital society, 25 digital sovereignty, 132–33, 135, 186, 215, 245–46, 354 digital surveillance, 4–5, 61, 170. see also surveillance criticism of, 99–100 pervasive, 85–88 digital taxation, 126–28 digital technology, 390. see also technology(-ies) digital trade agreements, 322–23 digital trust standards, 320–21 digital world order, 386–88 digitally advanced EU countries (D9) group, 142 diplomacy hostage, 193 science and technology diplomats, 302 Discord, 76–77 disinformation, 7–8, 13–14, 55–56, 100–1, 119–21, 277–78, 280–81, 282–83 Australian Code of Practice on Disinformation and Misinformation, 341–42 EU Code of Practice on Disinformation, 120, 341–42 Disinformation Code, 120 Djibouti, 300 DMA (Digital Markets Act) (EU), 107, 126, 130, 137, 138–39, 140, 224, 244, 245–46, 249, 342–43, 345–46, 357–58, 380–81 Doe v.

Infonomics: How to Monetize, Manage, and Measure Information as an Asset for Competitive Advantage
by Douglas B. Laney
Published 4 Sep 2017

Along the lines of our earlier foray into supply chains and physical asset management procedures, Redman prefers guiding his clients to think more about information consumers and information producers within the organization, and how they can better communicate and collaborate with one another. Sometimes, it’s not that simple. Take McDonald’s, for instance. Gokula Mishra, McDonald’s senior director of global data & analytics and supply chain, shared with me how McDonald’s pan-geographic franchise model can make it difficult to get access to some data. He referred to this as a data sovereignty challenge in which getting corporate access to customer, supplier and employee information in various parts of the world requires an approval process and adherence to various data protection regulations. For example, he said: “From some of our markets in Europe, data regulations dictate how a subject’s personal information can be collected, used, shared, and transferred across borders.

AI in Museums: Reflections, Perspectives and Applications
by Sonja Thiel and Johannes C. Bernhardt
Published 31 Dec 2023

Values like these, as already embedded in many cultural heritage institution policies and applied by cultural heritage practitioners, are paramount for a responsible curation practice. Furthermore, cultural heritage institutions tend to show greater sensitivity and are more rigorous with regard to sensitivity to data sovereignty and to adhering to laws regulating privacy and personal data protection. Last but not least, research data repositories in cultural heritage institutions have typically been established based on long-term preservation policies that also provide ways to track changes and updates to datasets or even the de-publication of datasets transparently and more reliably than in the case of data residing somewhere on the web or even on some torrent site.

Targeted: The Cambridge Analytica Whistleblower's Inside Story of How Big Data, Trump, and Facebook Broke Democracy and How It Can Happen Again
by Brittany Kaiser
Published 21 Oct 2019

As Chester and I began talking about using data science and connectivity-focused blockchain technology, we knew we would need a lot more expertise than we both currently had. So, we got started on our global networking spree, looking for the best and the brightest minds around. Luckily, a group of the top technologists in the field were gathering for the wedding of Brock Pierce, one of the industry’s titans, and Crystal Rose, a data sovereignty thought leader, in Ibiza. We were told by a new friend, Wiley Matthews, also a former savant of data-driven advertising, that if we flew there, we were sure to meet some of them. We did, and within the first twelve hours on land, we met many of the top people in the industry, most notably, Craig Sellars, one of the founders of Tether, the first stable coin pegged to the U.S. dollar; and Matt McKibbin, cofounder of both D10E, a blockchain conference series, and DecentraNet, one of the first blockchain advisory firms.

The Stack: On Software and Sovereignty
by Benjamin H. Bratton
Published 19 Feb 2016

Could this aggregate “city” wrapping the planet serve as the condition, the grounded legitimate referent, from which another, more plasmic, universal suffrage can be derived and designed? Could this composite city-machine, based on the terms of mobility and immobility, a public ethics of energy and electrons, and unforeseeable manifestations of data sovereignty (various parts looking like chora, demos, agora, polis, dromos, and technics) provide for some kind of ambient homeland? If so, for whom and for what? If it could, or if it already is in some way, then our regular categories and criteria are not describing it very well for us. This is perhaps because it is not planned but an accident of the process.

The Age of Surveillance Capitalism
by Shoshana Zuboff
Published 15 Jan 2019

Cisco has 120 “smart cities” globally, some of which have embraced Cisco Kinetic, which as Jahangir Mohammed, the company’s vice president and general manager of IoT, explains in a blog post, “is a cloud-based platform that helps customers extract, compute, and move data from connected things to IoT applications to deliver better outcomes.… Cisco Kinetic gets the right data to the right applications at the right time… while executing policies to enforce data ownership, privacy, security and even data sovereignty laws.”73 But, as is so often the case, the most audacious effort to transform the urban commons into the surveillance capitalist’s equivalent of Paradiso’s 250-acre marsh comes from Google, which has introduced and legitimated the concept of the “for-profit city.” Just as MacKay had counseled and Weiser proselytized, the computer would be operational everywhere and detectable nowhere, always beyond the edge of individual awareness.