Skip to main content
  • Sections
  • Search

Center for Strategic & International Studies

User menu

  • Subscribe
  • Sign In

Topics

  • Climate Change
  • Cybersecurity and Technology
    • Cybersecurity
    • Data Governance
    • Intelligence, Surveillance, and Privacy
    • Military Technology
    • Space
    • Technology and Innovation
  • Defense and Security
    • Counterterrorism and Homeland Security
    • Defense Budget
    • Defense Industry, Acquisition, and Innovation
    • Defense Strategy and Capabilities
    • Geopolitics and International Security
    • Long-Term Futures
    • Missile Defense
    • Space
    • Weapons of Mass Destruction Proliferation
  • Economics
    • Asian Economics
    • Global Economic Governance
    • Trade and International Business
  • Energy and Sustainability
    • Energy, Climate Change, and Environmental Impacts
    • Energy and Geopolitics
    • Energy Innovation
    • Energy Markets, Trends, and Outlooks
  • Global Health
    • Family Planning, Maternal and Child Health, and Immunizations
    • Multilateral Institutions
    • Health and Security
    • Infectious Disease
  • Human Rights
    • Civil Society
    • Transitional Justice
    • Human Security
  • International Development
    • Food and Agriculture
    • Governance and Rule of Law
    • Humanitarian Assistance
    • Private Sector Development
    • U.S. Development Policy

Regions

  • Africa
    • North Africa
    • Sub-Saharan Africa
  • Americas
    • Caribbean
    • North America
    • South America
  • Arctic
  • Asia
    • Afghanistan
    • Australia, New Zealand & Pacific
    • China
    • India
    • Japan
    • Korea
    • Pakistan
    • Southeast Asia
  • Europe
    • European Union
    • NATO
    • Post-Soviet Europe
    • Turkey
  • Middle East
    • The Gulf
    • Egypt and the Levant
    • North Africa
  • Russia and Eurasia
    • The South Caucasus
    • Central Asia
    • Post-Soviet Europe
    • Russia

Sections menu

  • Programs
  • Experts
  • Events
  • Analysis
    • Blogs
    • Books
    • Commentary
    • Congressional Testimony
    • Critical Questions
    • Interactive Reports
    • Journals
    • Newsletter
    • Reports
    • Transcript
  • Podcasts
  • iDeas Lab
  • Transcripts
  • Web Projects

Main menu

  • About Us
  • Support CSIS
    • Securing Our Future
Photo: Adobe Stock
Report
Share
  • LinkedIn
  • Facebook
  • Twitter
  • Email
  • Printfriendly.com

Data Governance Principles for the Global Digital Economy

June 4, 2019

Download the Principles




In January 2019, Japanese Prime Minister Shinzo Abe called for the upcoming G20 summit in Osaka to “be the summit that [starts] world-wide data governance.” The rise of the data economy has driven unprecedented growth and innovation in recent decades but is also generating new policy challenges for global leaders. Figuring out how to govern the complex data ecosystem, both enabling its potential and managing its risks, is becoming a top priority for global policymakers.

In partnership with the Omidyar Network, the CSIS Technology Policy Program and Project on Prosperity and Development developed a set of data governance principles for the G20 member states, which can inform the development of data governance frameworks around the world.

Discussions of data governance are not happening in a vacuum. Laws, conventions, frameworks, norms, and protocols around data have existed for decades. Data governance is implicitly or explicitly wrapped up in existing governance mechanisms around privacy, digital trade and e-commerce, and human rights law. Few of these, however, anticipate emerging technology trends that have extended the reach of digital tracking into the physical world and have allowed us to derive detailed insight from the immense ocean of data generated by the digital economy.

We set out to fill four key gaps in the existing global architecture of data governance.

First is the need for consistency, interoperability, and coordination of the myriad international, regional, national, and local laws and regulations that impact data. The data ecosystem is fundamentally global and cross-functional, and gaps and inconsistencies between jurisdictions create uncertainty and limit the tools available to address harmful uses of data. Second, existing rules and frameworks and the current debate around data governance often focus almost exclusively on personal data and privacy with little thought to broader impacts of data, for example on competition, mobility, and trade. Third, most existing data governance frameworks, and much of the global debate around data governance, focus on controlling access to data instead of how it is used. Fourth, these debates are often framed around the rights and freedoms of data subjects at the expense of other stakeholders and society broadly.

To address these gaps, we convened a series of multi-stakeholder meetings to help us identify a set of data governance principles that can be applied in a range of institutions, organizations and national and sub-national laws and regulations. Through this process, we developed ten principles, three core objectives, and seven essential mechanisms that can inform the development of consistent and effective data governance structures around the world. We have presented these principles in the form of a model G20 statement articulating the principles and the logic behind them.

We affirm that national and international data governance frameworks should support the following objectives to:

  1. empower people and societies to make informed choices about how digital data is generated, used and shared;
  2. protect human rights, including the right to privacy, against infringement, and utilize data and digital systems to promote citizens’ rights; and
  3. safeguard the ability of innovators, entrepreneurs and service providers to collect, share, and use data, as long as they do not violate any of these other principles.

We further call for these frameworks to be risk-based, appropriately tailored, and include specific mechanisms to:

  1. preserve the free flow of data across borders and between jurisdictions, and protect the mobility of people, goods, and services;
  2. facilitate the portability of data and ensure the interoperability of digital systems around the world, as well as compliance with global standards;
  3. provide meaningful transparency and accountability and enable the enforcement of rights;
  4. hold data processors responsible for the security and integrity of data and digital systems;
  5. reflect the needs of a diverse range of stakeholders, including private industry, civil society, and governments;
  6. discourage data practices that serve as a barrier to fair and open competition; and
  7. provide that data processors respect all laws and regulations, and the unique culture and customs, of all jurisdictions in which they operate, irrespective of location in which data is collected, stored, processed or used, as long as those laws or customs do not violate any of the above principles.


What is this document? It is meant to be a consensus document, with all the strengths and weaknesses thereof. Our meetings convened a broad range of stakeholders with very different views on these issues and very different goals for the global data governance effort. We were alternately criticized for being too privacy-centric, not privacy-centric enough, too statist and so private-sector focused that we were undermining sovereignty; all of this suggested to us that we were near to a middle path in this debate.

This document is NOT a “data bill of rights,” but neither does it preclude the development of one. While individual rights are an essential part of a successful governance framework, alone, they are not sufficient. Instead, this document seeks to identify principles that protect the rights and equities of a broader range of stakeholders, including consumers, business leaders, innovators, governments, and broader society.

It is also not a comprehensive set of rules and regulations for data governance. Data governance is fundamentally a cross-cutting issue that must be embedded into the fabric of international governance at multiple levels and across many domains. It is also an issue that will be heavily influenced by the cultures and customs of the people it seeks to empower and protect. Instead, we sought to develop a series of principles that can inform the development of laws, rules, and regulations at the international, sub-national, and local levels in a variety of domains—from bilateral or multilateral treaties and trade agreements to international institutions and standards bodies.

Our “Data Governance Principles for the Global Digital Economy” are designed to establish a baseline of global norms of data governance that go beyond privacy and individual rights, to empower innovators and entrepreneurs to leverage data to solve problems while also managing risks, and to form the basis of a consistent and interoperable global data governance architecture.

Produced thanks to the generous support of the Omidyar Network to the CSIS Technology Policy Program and the CSIS Project on Prosperity and Development.

Downloads
Download the Principles
Written By
William A. Carter
Adjunct Fellow (Non-resident), Strategic Technologies Program
  • LinkedIn
  • Twitter
Erol Yayboke
Deputy Director and Senior Fellow, Project on Prosperity and Development
Media Queries

Contact H. Andrew Schwartz
Chief Communications Officer
Tel: 202.775.3242

Contact Caleb Diamond
Media Relations Manager and Editorial Associate
Tel: 202.775.3173

Related
Cybersecurity, Cybersecurity and Governance, Cybersecurity and Technology, Data Governance, Governance and Rule of Law, International Development, Project on Prosperity and Development, Strategic Technologies Program

Most Recent From William A. Carter

Commentary
The Need for a Leapfrog Strategy
By Erol Yayboke, William A. Carter, William Crumpler
April 10, 2020
Interactive
Data Governance
January 28, 2020 | William A. Carter, William Crumpler
In the News
Andrew Yang Is Right – The US Is Losing The AI Arms Race
Forbes | Steve Andriole
December 2, 2019
In the News
Is China gaining an edge in artificial intelligence?
BBC | Natalie Sherman
November 12, 2019
In the News
wolgast@ku.edu
The Washington Post | Josh Rogin
November 6, 2019
Congressional Testimony
Ensuring Data Security Against Lawful and Unlawful Threats in the Digital Age
Statement by William A. Carter
November 5, 2019
In the News
Expert Voices Live: AI in 2050
Axios | Axios Staff
October 25, 2019
Critical Questions
Understanding the Entities Listing in the Context of U.S.-China AI Competition
By William A. Carter, William Crumpler
October 15, 2019
View all content by this expert
Footer menu
  • Topics
  • Regions
  • Programs
  • Experts
  • Events
  • Analysis
  • Web Projects
  • Podcasts
  • iDeas Lab
  • Transcripts
  • About Us
  • Support Us
Contact CSIS
Email CSIS
Tel: 202.887.0200
Fax: 202.775.3199
Visit CSIS Headquarters
1616 Rhode Island Avenue, NW
Washington, DC 20036
Media Queries

Contact H. Andrew Schwartz
Chief Communications Officer
Tel: 202.775.3242

Contact Caleb Diamond
Media Relations Manager and Editorial Associate
Tel: 202.775.3173

Daily Updates

Sign up to receive The Evening, a daily brief on the news, events, and people shaping the world of international affairs.

Subscribe to CSIS Newsletters

Follow CSIS
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram

All content © 2021. All rights reserved.

Legal menu
  • Credits
  • Privacy Policy
  • Reprint Permissions