From Global to Local: When Laws Limit the Free Flow of Data

September 17, 2017

Last month, LinkedIn decided it was time to remove Russia from its professional network. The company refused to comply with the Russia’s law requiring all online sites to store personal data on local servers, instead abandoning its 6 million Russian users. This full desertion comes after the site was blocked last fall for its initial resistance towards the country’s Federal Law 242-FZ. This law establishes that personal information voluntarily disclosed by Russian citizens in the online sphere is considered personal data that must be stored in Russia.
In recent years, such regulations have become more and more commonplace. Data localization laws have been adopted by countries all over the world, from Nigeria to Vietnam. These countries typically view data as a powerful currency and useful tool in developing political and economic strength, and they therefore perceive the restriction of data movement as a beneficial practice. Another common justification is the perceived security of storing data within local borders, although it is worth noting that data breaches can happen regardless of where the content is stored. Economic improvement is yet another incentive, as some policy makers are under the impression that their countries stand to derive some economic advantage from companies that are required to ensure data protection within the nation’s borders. They anticipate that such necessities will lead to increased employment opportunities for local citizens, but their expectations may not be very realistic. For example, in 2011 Apple brought a $1 billion data center to North Carolina, accompanied by a meager 50 job openings.
These laws have the potential to create a severely negative impact on the flow of data at large. Restricting data movement undermines one of the core elements of the Internet that has led to massive development in the global economy and worldwide connectivity. Yet despite the repercussions and any logical flaws in the justification of data localization requirements, the laws continue to be developed with varying levels of severity across the world. As recently as this week, the Supreme Court in India sat to hear a filed petition pointing out the detrimental absence of data localization laws that bind sites like Facebook and Twitter.

Companies face a significant challenge in deciding whether to adhere to data localization laws or abandon certain global marketplaces completely.

For small companies, the hurdles may be too great to clear. Recruiting sufficient personnel, financial resources, and legal guidance to ensure full compliance with international restrictions is often too burdensome to justify, especially when trying to expand presence to many markets.
Some larger, more global companies are stepping up to the challenge of compliance. Facebook, for example, is shopping for office space in Shanghai despite being banned in China. The company has gone above and beyond in the last three years to gain approval for its network, focusing now on establishing a significant local presence. The benefits to be gained from pursuing business in China are deemed worthwhile by the social network, so the efforts continue in earnest.
But what about LinkedIn and Russia? As of April 2017, there are 467 million registered users on the site, and 70% of those users are located outside of the United States. Given the comparatively miniscule size of its Russian market, the company does not stand to gain any remarkable benefit from complying with the localization laws. Perhaps it is Russia that falls on the losing side of this decision. LinkedIn’s mission is to “connect the world’s professionals to make them more productive and successful.” The internet’s incredible capacity to transcend borders makes it an ideal vehicle for realizing this mission. Those who resist against the free flow of data may be barring themselves from the social and economic growth that the rest of the world is taking advantage of.