How data residency laws can harm privacy, commerce and innovation – and do little for national security

data

(Credit: Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum. Author: Lothar Determann, Partner, Baker McKenzie and Adjunct Professor, Free University Berlin; University of California, Hastings College of the Law; Lecturer, Berkeley School of Law
  • In a world disrupted by COVID-19, policies which support international data transactions matter more than ever.
  • Data residency laws can have wide impacts on a range of issues, including personal privacy, national security and even commerce.
The current COVID-19 crisis demonstrates the importance of making informed decisions, but outdated data protection regulations and added data residency laws threaten to impede companies’ ability to do business and, consequently, promote economic security and growth in this new world. Data residency laws can have wide impacts on a range of issues, including personal privacy, national security and even commerce. Encouraging alternatives to these laws can be key to sidestepping their disadvantages to trade and innovation.
Understanding data residency laws With data residency laws, governments require companies to store data on their national territory. Most commonly, data residency laws focus on personal data, but some jurisdictions also capture geolocation and other data. In other words, the laws cover data likely to be core to business needs.
Under data residency laws, companies must process data primarily on a territory; they can also transfer copies of the data abroad as long as they keep a local copy that is available to the local government for inspection. Data residency laws are designed to protect government interests.
Data protection and privacy laws restrict data transfers and do not usually require retention of data anywhere. According to data protection laws, companies do not have to retain any copies, but companies must not transfer data to another country except if they can assure adequate safeguards for the transferred data abroad; if companies can meet the requirements for an exception, they may transfer the data and are not required to keep a local copy of the data. (In fact, data protection laws would prefer no copies are kept anywhere).
 
Data residency laws are a relatively new phenomenon and sometimes also called “data sovereignty” or “data localization laws”. In the past, limited data residency requirements followed from laws written for the paper record era, whereby companies were compelled to ensure their records did not leave the respective country of origin so as to be accessible by e.g. tax authorities. However, in a world where access to data is essential for the development of a local data economy and concerns emerge around data breaches and cybersecurity, countries are increasingly demonstrating an appetite to secure local access to data and restrict international transfers of data.
Impact to privacy, security, commerce Data residency laws can have wide impacts on a range of issues, including personal privacy, national security and commerce.
Privacy Individual privacy protection is often cited by countries as a policy objective, but in reality privacy protections are neither intended nor advanced by data residency requirements. To the contrary: easier country level access to data impedes privacy interests. For instance, police, secret services and other government authorities can compel access to data more easily when documents and storage media containing the data reside on local territory and can be seized in a raid. In other words, data residency laws are anti-privacy laws.
National security Some countries are trying to ensure geolocation information is stored locally for national security considerations since having access to important information locally can make a difference in a conflict. But companies in countries with rigid data residency and access requirements will acquire less crucial information in times of emergency because they are not trusted by business partners and governments abroad.
Regulatory Control over Critical Businesses If a government needs to take over a bank, energy company or critical infrastructure provider in an emergency situation (potentially in conflict with other countries or foreign companies), it can be important that all relevant data is locally stored and available without foreign cooperation. But, until such a take-over is necessary, any critical business will be handicapped by data residency requirements, as it will not be able to access cutting-edge cloud computing, machine learning, and other technologies developed and hosted abroad. Businesses restrained by data residency laws end up with higher costs, less efficient technologies, and a greater risk of having to be taken over in a crisis.
Data Security Some countries seem to believe that crucial information will be safer at home. But, countries with isolated or outdated technology are less able to protect locally stored data against foreign military and criminal threats. Furthermore, and isolationist mentality around cybersecurity can undermine access to state of the art international best in class solutions.
Commerce Data residency laws fundamentally impact commerce, favoring local companies over foreign competitors. Local companies can comply with data residency requirements more easily than foreign competitors, because they naturally keep data at headquarters. Whilst in the immediate term this may appear to be advantageous for indigenous companies, in the long run, such protectionism tends to harm the protected companies by shielding them from much-needed global competition. Also, foreign countries will eventually reciprocate and foreign business may shy away from entering markets where data residency laws apply to avoid additional costs and taxation. Consequently, indigenous business may find it difficult to scale and succeed internationally. They will ultimately become a local liability. Mandating the use of local data centers or locally-made technology seems less helpful if local facilities end up not being globally competitive and slow down local progress. Data residence laws could force multinationals to invest in local infrastructure and data centers. But, the opposite, negative effect is more likely: Many multinationals may prefer to operate without local government access to data and the related risks of corruption and compliance deficits associated with establishing local presences.
Alternatives Most countries prefer open systems with economic freedoms as the default. They implement narrowly framed record retention, secrecy and anti-treason laws sufficient to protect national security interests. But very few countries have enacted broad data residency laws so far and international treaties like the Trans Pacific Partnership Agreement (TPPA) expressly commit member countries to refrain from enacting data residency laws or local data center requirements. International cooperation between intelligence and police forces, for example via Multilateral Assistance treaties, Executive Agreements under the U.S. Cloud Act, Interpol and regional cooperation arrangements, render data residency less relevant, too.
“Countries should refrain from enacting data residency laws, given the overriding disadvantages for local consumers, industries, technological development and job markets.” —Lothar Determann, Partner, Baker McKenzie
Most personal data that companies collect is not crucial for national security purposes and not accessed by governments out of respect for individual privacy and freedoms. Therefore, it is not necessary or proportionate to mandate that companies must store all personal data locally. Moreover, for purposes of securing government access to data, it would be sufficient to require companies to guarantee remote access to data (wherever it is stored) or keep local back-up copies, which companies could create on a daily or weekly basis at much reduced cost compared to duplicating primary systems locally.
Still, given the impact that data residency laws can have, encouraging alternatives can be key. To support local information technology industries and favor direct foreign investment, countries can do the following: offer robust data protection laws, narrowly tailored to prevent concrete harms to individual privacy (as opposed to omnibus regulation of data processing); prioritize cybersecurity; develop accountability and trust with other countries; limit government access to privately-held data; invest in high-speed connectivity; facilitate technical standards; keep bureaucracy at bay; and keep innovation at the forefront of policymaking.
Countries should refrain from enacting data residency laws, given the overriding disadvantages for local consumers, industries, technological development and job markets. International treaties should prohibit national laws that broadly require organizations to store or process data on a particular territory. Narrow exceptions could be allowed for compelling national security interests, limited to requirements of back-up copies of specific types of records or information, but not of all personal data and not for primary information technology systems to be kept locally.
The Roadmap for Cross-Border Data Flows whitepaper offers progressive solutions which empower governments to adopt policies that allow companies to participate in a globally-facing data economy whilst addressing governments’ most pressing concerns of security, fairness and sovereign interest. By implementing mechanisms to build trust the need to data residency laws is greatly reduced and the benefits of the data economy can be more fully realised.
In the end, countries have a choice to either participate in an open international system which can offer more progressive solutions that address their concerns, or they can retreat and stymie the progress of their local data economies.

Discover more from The European Sting - Critical News & Insights on European Politics, Economy, Foreign Affairs, Business & Technology - europeansting.com

Subscribe to get the latest posts sent to your email.

Interesting reads

© NASA The Strait of Hormuz which separates the United Arab Emirates and Iran is a strategically important shipping route

UN chief urges Iran and US to ‘urgently resume negotiations’ as Gulf strikes escalate

This article is published in association with United Nations. Renewed strikes and counterstrikes between Iran and the United States in the Gulf region have raised fears of a return to all‑out war, with Washington denying Tehran’s claim that it had closed the crucial Strait of Hormuz on Sunday. The US said it had struck around 140 […]
This article is published in association with United Nations.

Peak heat in Europe just broke historic 1970s records

This article is published in association with United Nations. This year marks the hottest June recorded for Western Europe and the second warmest globally, according to the latest report from a climate tracking service released on Thursday. “Heatwaves like this are what we expect to see in a changing climate,” said John Kennedy, head of climate […]
UN News Children collect water from a truck in a displaced persons camp in Gaza. (file)

Diplomats go virtual to witness Gaza displacement site up close

This article is published in association with United Nations. Representatives from 12 countries carried out a “virtual diplomatic field visit” to a displacement site in the Gaza Strip and heard from some of the residents about their pressing needs, the United Nations said on Thursday.  The UN Humanitarian Coordinator for the Occupied Palestinian Territory (OPT), Ramiz Alakbarov, and his […]
This article is brought to you in association with the European Commission.

Commission seeks feedback on commitments offered by Sanofi over possible anticompetitive conduct regarding the promotion of a flu vaccine for vulnerable patients

This article is brought to you in association with the European Commission. The European Commission invites comments on commitments offered by Sanofi to address competition concerns regarding a communication campaign that has possibly disparaged the only rival flu vaccine recommended for vulnerable patients with risk factors. The Commission’s investigation Sanofi, headquartered in France, is a multinational […]
This article is published in association with United Nations.

US-Iran war: Renewed attacks in Strait of Hormuz prompts another global energy alert

This article is published in association with United Nations. Renewed attacks on shipping in the Strait of Hormuz unsettled energy markets on Wednesday and prompted calls from the UN maritime agency, IMO, for “maximum restraint and de-escalation”. Amid reports that three merchant vessels were hit along with Iranian targets, IMO Secretary-General Arsenio Dominguez condemned “reckless attacks” […]
This article is published in association with United Nations.

When AI hurts people, who’s to blame? Global experts grapple with accountability

This article is published in association with United Nations. Who is legally responsible when Artificial Intelligence causes harm? The issue took centre stage on Tuesday – day two of the first ever UN summit on AI governance, where leading experts warned of mounting evidence of human rights violations linked to the revolutionary technology. “Across 11 Global […]
UN News Humanitarian conditions in the Gaza Strip remain dire, with families in urgent need of shelter, healthcare and food.

Occupied Palestinian Territory: Aid restrictions in Gaza, ‘senseless’ infant deaths in the West Bank

This article is published in association with United Nations. Ongoing restrictions and closures of border crossings continue to hamper delivery of critical supplies into the Gaza Strip, amid mounting concern for children there and in the West Bank, the United Nations said on Monday.  UN teams in Gaza continued to collect food and fuel from the Kerem […]
About the author Sadia Khalid is a Scientist-Physician (MBBS, MD) at Tallinn University of Technology. She is driven by a commitment to advance public health and scientific understanding. With research interests spanning molecular medicine, infectious diseases, bacteriology, hepatology, and gastroenterology, she aims to contribute meaningful, evidence-based insights that support health, safety, and community awareness.

Heat, Flood, Fire: The Climate Crisis and the Body

This article was exclusively written for The European Sting by Ms. Sadia Khalid, a Scientist-Physician (MBBS, MD) at Tallinn University of Technologye. She is affiliated with the International Federation of Medical Students Associations (IFMSA), cordial partner of The Sting. The opinions expressed in this piece belong strictly to the writer and do not necessarily reflect IFMSA’s view on […]
UN Ukraine The aftermath of a Russian missile and drone attack on Kyiv in May 2026.

Civilian dangers multiply as drones transform Ukraine’s battlefield

This article is published in association with United Nations. As drones reshape the battlefield in Ukraine, they are also creating new and increasingly complex dangers for civilians, threatening recovery efforts, agriculture and global food security long after the fighting ends. “The battlespace has become a lot deeper, a lot wider and a lot more lethal,” Paul […]
© WHO/PAHO PAHO has mobilised emergency health supplies from its Strategic Reserve in Panama following the earthquakes that struck the country on 24 June.

Venezuela’s earthquake-hit hospitals pushed to the brink as disease risk grows

This article is published in association with United Nations. A week after earthquakes tore through northern Venezuela, hospitals in La Guaira are buckling under the weight of the disaster – and the risk of disease outbreaks in shelters is rising fast. An assessment by the UN-backed Pan American Health Organization (PAHO) found that all eight health […]
Venezuela earthquake disaster: needs ‘skyrocketing’, say relief agencies

Venezuela earthquake disaster: needs ‘skyrocketing’, say relief agencies

This article is published in association with United Nations. In Venezuela, a rescue operation in La Guaira has succeeded in getting a toddler out alive from under the rubble, six days since the double-earthquake disaster. The miraculous story of the three-year-old’s rescue in the worst-hit northern region came as tens of thousands of people remained without […]
© WFP/Maxime Le Lijour Much of Gaza will need rebuilding after the war with Israel.

Despite record $100 million shortfall, Palestine relief agency still ‘a critical platform’ for Gaza recovery

This article is published in association with United Nations. The UN agency serving 5.9 million Palestine refugees, UNRWA, continues to strive to deliver on its mandate while facing an unprecedented $100 million budget shortfall, a gap it hopes to narrow during Tuesday’s pledging conference at UN Headquarters. Operating primarily on voluntary donations since its inception in the […]
© UNOCHA Sloviansk in eastern Ukraine has been regularly attacked with aerial bombs and drones.

UN details humanitarian toll of strikes on Ukrainian power industry

This article is published in association with United Nations. Missile and drone attacks killed at least a dozen civilians in Russia and Ukraine over the weekend as both countries continue to launch long-range drone strikes. Tweet URL Ukrainian authorities reported eight civilians killed and 35 others wounded in Russian attacks on the city of Dnipro on […]
Photo credit: Luis Garcia The UN System is present in La Guaira, the region most severely affected by the devastating twin earthquakes that struck Venezuela.

Venezuela earthquakes leave 680,000 children in need of assistance: UNICEF

This article is published in association with United Nations. Some 680,000 children are among the 1.8 million people in need of humanitarian assistance following the earthquakes that struck Venezuela on 24 June, the UN child rights agency UNICEF reported on Sunday as rescue efforts continue. Damage to hospitals, schools, and water systems is exacerbating the situation for affected families, […]
This article is published in association with United Nations.

Europe heatwave breaks records as UN agencies ramp up health warnings

This article is published in association with United Nations. Climate and Environment As a record-breaking heatwave grips large parts of Europe, the World Meteorological Organization (WMO), national weather services and partners are mobilising heat-health action plans for millions of people facing dangerous temperatures.  The extreme heat is also impacting economic activities, infrastructure, agriculture and ecosystems, the UN weather […]
© Unsplash/Angus Gray Ship transits through the Strait of Hormuz have dropped by over 90 per cent since the crisis escalated in late February 2026.

Stranded Hormuz seafarers begin mass evacuation operation

This article is published in association with United Nations. As the UN International Maritime Organization (IMO) released more details of its plan to evacuate more than 11,000 seafarers stranded in the Strait of Hormuz, one mariner caught up in the emergency has described the ever-present fear of coming under attack. “You don’t know when the war […]
© Unsplash/Angus Gray Ship transits through the Strait of Hormuz have dropped by over 90 per cent since the crisis escalated in late February 2026.

World News in Brief: UN launches Hormuz evacuation plan, UNICEF youth champion killed in Gaza, Lebanon ceasefire ‘largely holding’

This article is published in association with United Nations. The International Maritime Organization (IMO) will begin implementing an evacuation plan for more than 11,000 seafarers stranded in the Strait of Hormuz, the UN agency announced on Tuesday. The development follows months of hardship and distress for thousands of innocent seafarers and comes on the heels of […]
© Unsplash/Michu Đăng Quang The emissions from electricity or gasoline that power air conditioners contribute to global warming. "It's time to come clean" and do more to promote renewable energy, the UN Secretary-General told the London Climate Action Week.

Climate crisis: UN chief lays out solutions blueprint for clean energy transition

This article is published in association with United Nations. As a deadly heatwave continued to grip Europe on Tuesday, UN Secretary-General António Guterres issued an impassioned appeal for more ambitious global action on climate change caused by fossil fuels, to prevent irreversible damage. In a major keynote speech at London Climate Action Week, the UN chief […]

Libya’s political process regains momentum, but window for action is narrowing, UN envoy warns

This article is published in association with United Nations. Libya has been mired in political dysfunction since the collapse of Muammar Gaddafi’s regime in 2011, which shattered State institutions and triggered recurring struggles over legitimacy and power.  The country’s current stalemate pits the UN-recognised Government of National Unity in the capital Tripoli against eastern-based authorities backed […]

Why don't you drop your comment here?

Go back up

Discover more from The European Sting - Critical News & Insights on European Politics, Economy, Foreign Affairs, Business & Technology - europeansting.com

Subscribe now to keep reading and get access to the full archive.

Continue reading

Discover more from The European Sting - Critical News & Insights on European Politics, Economy, Foreign Affairs, Business & Technology - europeansting.com

Subscribe now to keep reading and get access to the full archive.

Continue reading

The European Sting – Critical News & Insights on European Politics, Economy, Foreign Affairs, Business & Technology – europeansting.com