The coming trade war over data

Technology companies are facing growing international obstacles affecting how their most valuable asset — data — flows across borders. New trade agreements and laws are affecting how companies share and store their troves of data around the world.

Why it matters: For decades, trade talks centered around tangible goods such as oil, agriculture and cars. But now that the economy is rooted in data that has to cross borders to meet the demands of global business, rules governing how data is housed and accessed are at the forefront of trade conversations.

How it works: For example, China, Russia and Vietnam require companies to store data on servers physically located within their borders. And countries including Argentina and Brazil restrict international data transfers under certain conditions.

The big picture: There are currently no international rules on how data cross borders. So a patchwork of government policies that trap data inside their countries or prevent foreign data brokers from doing business there could hamper the development of data-intensive technologies such as artificial intelligence, experts say.

Where it stands:

• New digital obstacles threaten nearly $400 billion of annual U.S. exports, according to the Washington Post.
• Most of the world's biggest data processors are based in the U.S., which means firms like Salesforce, Microsoft, Amazon, IBM and Google have the most on the line in these international negotiations.

Social media companies also have a lot to lose to data regulation and overseas trade barriers. Here's how many of their users are located outside of North America:

• 87% of Facebook's daily active users
• 57% of Snapchat's daily active users
• 79% of Twitter's monthly active users

The issue becomes even more complicated and critical as major tech companies almost exclusively store data in "clouds" that can be located anywhere, rather than physical servers in a handful of domestic locations.

• The biggest technology companies are transitioning business opportunities into cloud-based software. Amazon's Web Services business (AWS), is pushing to become the biggest enterprise business globally.. Microsoft's Cloud business is projected to bring in a whopping $20 billion in net revenue, per the company's last quarterly earnings statement.

Several dynamics are shaping the way data flows internationally.

North American Free Trade Agreement: The Trump administration wants to "modernize" the 23-year-old NAFTA to include digital provisions that would prevent trading partners from requiring data to be processed or stored within their borders. The broader Trans-Pacific Partnership also includes digital provisions supported by the U.S., but the Trump administration pulled out of the treaty.

• "Digital trade didn't exist two decades ago when the agreement was first negotiated," said Kenneth Propp of the Business Software Alliance, which represents companies like IBM and Salesforce — whose bottom lines depend on the movement of data. "We need protection not only for source code but for software algorithms that are increasing importance in artificial intelligence, for example."
• Forging data-focused trade provisions in NAFTA is important, he said, for setting a precedent for future trade agreements with other countries.

Data localism: Countries including China, Russia and Brazil have put in place rules requiring a company to locate data centers inside their borders in order to do business in the country, a practice known as "data localism." Such measures are typically seen as protectionist moves intended to favor home-grown industries.

• For example, Europe's Digital Single Market is an agreement allowing for the free flow of data between European countries. It prohibits data localization restrictions within the bloc, but allows different rules to apply to data originating outside the continent.

Data collection rules: U.S. tech companies are spending millions of dollars to comply with sweeping EU data laws taking effect next year.

• The General Data Protection Regulation (or GDPR) will require companies next year to keep track of how they store and share personal information collected on their users. Failure to comply could mean steep fines of up to 4% of a company's global annual revenue.
• "Europe is setting the playing field on privacy," said Justin Antonipillai, a former Commerce Department official who is now CEO of WireWheel.io, a data and privacy compliance startup. "If you want to do business there, you have to comply, regardless of whether you're a huge global corporation or a Silicon Valley app on an app store in Europe."

Law enforcement: Battles continue to play out between the Justice Department and tech companies about how data can be stored and accessed outside of the U.S.

• Google lost a symbolic challenge to federal court in September regarding whether a search warrant can be used for data it stores abroad.
• A panel of judges ruled in favor of Microsoft in a similar case last year, determining that the current law about how tech companies can store data doesn't apply outside of the country. They ruled that the Justice Department would instead need to request the data through an international process.