On Thursday, 6th August 2020, US President Donald Trump signed an executive order announcing sanctions on China’s ByteDance, owner of the TikTok App and Messaging App WeChat, effective 45 days from the date of signature of the order i.e. 6th August 2020. The sanctions effectively seek to remove WeChat and TikTok from Google’s Play Store and Apple’s App Store, by blocking the App at Network Level. This is the approach which is followed by China’s Great Firewall, and much more recently and locally by India, through the invocation of Section 69A of Information Technology Act, 2000.
The International Community’s Differentia towards Overseas Applications
The International Telecommunications Union (I.T.U.), in its Constitution, has Article 35 on Stoppage of Telecommunications which gives a free hand to the I.T.U. member nations “the Right to Suspend International Telecommunication Services”. This is commensurate with similar corresponding provisions in Municipal Law, be its provisions of the Telegraph Act and IT Act in India, Data Localization Policies or the Great Firewall of China or National Emergencies Act and International Emergencies Economic Powers Act of the United States.
National Security has been the most evident apprehension visible in the postures of Nations enforcing blockades to such Applications and has been visible in the statements made by the Administrations of the nations. The Trump Administration, for example, justifying its decision, stated that unabated spread of malicious Chinese Apps “threaten National Security, Foreign Policy and Economy” of the United States.
The Indian Ministry of Electronics and Information Technology cited “the emergent nature of threats” posed by the apps and “information available” that they are engaged in activities “prejudicial to sovereignty and integrity of India, defence of India, the security of the state and public order”.
However, what is worth mentioning is that the concept of Data Sovereignty has been observed to have its most widespread application not in the US or South Asia but in Europe, in the form of Technological Sovereignty.[1]
As per Empirical Research, the nations are notoriously known for being surveillance states, namely China, Russia and Turkey occupy top spots in terms of Cross Border Data Transfer Restrictions. However, an interesting trend to note in this regard is the high rankings of European Union countries like France, Germany and Denmark.
Restriction in Trade Policies, by Countries(2017)[2]
This is essentially what connects me to the first point in regards to Cyber Blockades by Countries- Geo Politics. It has been observed that 92% of Western World’s Data is stored in the United States itself. This gives rise to apprehension and such apprehension materialises into steps like General Data Protection Regime and the Franco-German initiative of Gaia-X.
However, one big reason why Data Localisation has been blurring the lines between Data Sovereignty and Net Neutrality, or lack of it, is Politics. This was visible when the use of TikTok proved to be an irritant for Donald Trump, wherein some of his adolescent detractors virtually took over his rally to secure dummy passes for ensuring a low turnout amidst the pandemic [3].
But the question which ails the reader is whether the mere critique of incumbent government warrants such high handed measures of selectively banning a hugely popular Social Media Application, not to mention bringing collateral damage to a relatively innocent victim in the form of WeChat as well, causing an immediate loss to the tune of $35 billion to its parent company, Tencent. This brings us to the second issue at hand, which is the hypocrisy of such Applications in giving the same democratic space at home as overseas.
For instance, the much popular #HongKongProtests hashtag on Twitter yields either one or no video when searched on TikTok. The hashtag for #TianamenSquare yields a limited number of videos, with most of them stating the event to be a concocted reality of the West. ByteDance, the company which is the proprietor of TikTok has denied of any omissions of content relating to protests, either in China or abroad, however, have refused to sit down for a one-on-one interview on record with any media outlets.
The Issue of Cyber Security and Response
But is TikTok the first app accused to be complicit of parlay of User Data? The answer to that is obviously no; which brings us towards a bigger issue at stake, that is Cyber Attacks. The International Arbitration relating to Cyber Attacks also becomes a major hurdle to the Affected State, due to the Doctrine of “Effective Control” postulated by The International Court of Justice. This doctrine holds that a State must be shown to have had “Effective Control” over the State Actor that the Affected Party attributes the attack to.[4] In the expanding sphere of Data Terrorism, it is very difficult to identify the origin of Cyber Attack. One of the biggest and perhaps the best weapon to counter this problem is preventing it from happening in the first place, which brings us to Data Localisation.
To understand the importance of Data Localisation, one needs to look at the first major reform in this regard, which takes us back to Europe. In 2018, Europe brought in a sweeping reform in the form of GDPR to protect its Digital Space from Encroachment, which led to some benefits. For instance, as per a recent study from CompariTech, a British based Tech firm, countries like Pakistan, India and United States were highly susceptible to Biometric attacks, while the European Nations fared as highly secure nations, owing to the GDPR. Since the regime necessitated all websites, European or Non-European, to store Data at source, it weeded out a large magnitude of malware having the capability of enforcing cyberattacks of the likes of WannaCry, Petya and Y2K.
The response followed domestically as well, with the introduction of Data Protection Bill,2018 in the Indian Parliament, which interestingly is much mature legislation on Data Privacy than available under American Laws till now[5].
Shortcomings of The European Model
However, for all the praises showered upon Europe for introducing GDPR, its Web Model has largely failed in the face of lack of domestic players capitalising on an increasingly protected and incorruptible regime. On the contrary, US Tech Companies, be it Amazon, Google, Facebook etc. have taken advantage of the newly introduced privacy rules. Any effort in direction to have European alternatives has not yielded results. A good example of this was the alternative to Google named “Quaero”. That one had to google Quaero to know what Quaero has only highlighted the shortcomings of a heavily restricted Data Protection Regime and Firewall.
Indian Model: A Possible Solution with Case in Point of Jio
Then what exactly is the answer to a Laissez-Faire Cyber Market, with reasonable and necessary restrictions in place to guard their autonomy? The best example to that is India, which through the recent measures taken by Telecom Giant Jio, seeks to bring its 4G Networks in the same marginal areas which TikTok aimed to reach, albeit couldn’t due to being banned on National Security grounds. Jio has achieved this without having to compromise on either User Privacy or distortion of Market owing to its nominal prices, as of now, which is a great example of how a Nation can ensure Data Sovereignty without splintering its Internet by Firewalls or Restrictive Data Regimes. The Personal Data Protection Bill,2018 also makes a differentiation between Sensitive and Critical Personal Data, for limited Data Localisation, to not make its Cyber regime as restricted as that in Europe.
A Case for TikTok
People making a case for TikTok and WeChat highlight the informational outreach such social media apps have, with having the unique distinction of being operative in China (TikTok operates by the name of its Chinese counterpart, Douyin in China), acting as a bridge between an undiscovered populace at large and the rest of the Liberal World, or unearthing voices from the margins through expressions of creativity by the use of these Applications. Moreover, some even term the inherent aversion to Chinese Apps as a type of Xenophobia, an argument etched in idiocy for a post-cold war globalized world. One thing is very apparent, no matter how many arguments one raises, all of them fall flat when it comes to China’s own illustrious record of prosecution of minorities and curbing of civil liberties.
That being said, the banning of Applications should not be seen only through the spectrum of provocative response to counter one nation’s overtures, as Digital Blockades should not outrightly signal a shift from Surveillance Capitalism to Data Protectionism, but towards decentralised data, economy achieving in true sense Data Sovereignty. The best essence of this idea is captured from the mouth of the supposed Antagonist of the Article itself, with a statement from Zhang Li, a member of the HighLevel Advisory Council of the World Internet Conference Organizing Committee,[6]
“Advocating and practising sovereignty in cyberspace does not mean isolation or breaking cyberspace into segments, but means facilitating a just and equitable international cyberspace order on the basis of national sovereignty and building a community with a shared future in cyberspace.”
References
[1] Grant, Paul.“Technological Sovereignty: Forgotten Factor in the ‘Hi-Tech’ Razzamatazz.”Prometheus Critical Studies in Innovation.1983.vol. 1,no. 2,pp. 239–270.
[2] Ferracane, M F, H L Makiyama and E van der Marel.“Digital Trade Restrictiveness Index”, European Centre for International Political Economy. (2018b).p.18.
[3]Picture from Article by The New Indian Express: https://www.newindianexpress.com/world/2018/apr/11/facebook-ceo-mark-zuckerberg-admits-sharing-his-personal-data-with-cambridge-analytica-1800137.html
[4]Militiary and Paramilitiary Activities in and against Nicaragua (Nicaragua v/s United States of America). Merits, Judgement, I.C.J. Reports 1986 p. 14.
[5]Determann,Lothar; Gupta,Chetan.”India’s Personal Data Protection Act,2018: Comparison with the General Data Protection Regulation and the Californian Consumer Privacy Act of 2018”.Berkeley Journal of International Law.2019.vol. 37,no. 3
[6]Yeli,Hao.”Sovereignty in Cyberspace: Theory and Practice” .Wuzhen,Zhejiang:Prism.2019.vol. 7,no. 2.pp. 109-115.