Opportunities of Cross-Border Data Flow-DFFT for Development | IGF 2023 WS #224

Audience

The analysis delves into various aspects of cross-border data, open data, and data protection. Shilpa, a researcher at the University of Melbourne, sheds light on the complexities and challenges associated with cross-border data and open data. She highlights the importance of understanding India’s experience with data privacy and protection laws. Specifically, Shilpa mentions the establishment of India’s Data Protection Act as a result of a judgment on privacy standards. She also discusses the concerns surrounding India’s Aadhaar identification system and its impact on data privacy.

One recurring concern throughout the analysis is the invasion of privacy and the potential negative impacts of data collection, particularly in relation to predictive advertising. It is noted that corporations often collect as much data as possible to sell products and services, raising concerns about privacy invasion and manipulation of consumer behavior for targeted marketing.

There is also skepticism about who truly benefits from the creation and sharing of data sets. This skepticism raises questions about the need for open data and the beneficiaries of such datasets. Shilpa explores the need for clearer definitions and distinctions between open data and the concept of Data-Free Flow with Trust (DFFT), underscoring the importance of differentiation.

The analysis further acknowledges the varying approaches to data flow regulations in different regions. It highlights the need for emerging economies to adopt a different approach to data flow regulations to address their specific needs. Furthermore, it mentions different versions of data flow regulations, such as the Data-Free Flow with Trust and CPBR proposed by the US, as well as the Chinese version of closing all data. These differing approaches reflect the need for data governance models that align with specific circumstances and development goals.

The risks associated with adopting a deductive global approach to global frameworks are emphasized. The analysis recognizes the tensions that arise from balancing data protection against the free flow of data. It raises concerns about the potential negative impacts of a one-size-fits-all approach to data regulations, underscoring the importance of considering specific country-level needs and circumstances.

Building trust is highlighted as a fundamental requirement for data governance in multilateral environments. Trust can be established through adherence to norms, standards, and law enforcement. Additionally, transparency in data processing is identified as crucial for building trust between data processors and data subjects. Without transparency, concerns about how data is used and processed may undermine public trust.

The analysis also acknowledges some specific cases related to data leaks and accountability. It suggests that Google should face consequences for data leaks and might be required to pay fines if it leaks user information. It raises concerns about private certification, particularly with large companies like Google. Doubts are expressed about the ability of small private certification agencies to effectively handle issues with such large companies, especially when governmental bodies, like the Federal Trade Commission (FTC), face difficulties in this regard.

In conclusion, the analysis emphasizes the complexities and challenges associated with cross-border data, open data, and data protection. It underscores the need for clear definitions and distinctions between different concepts, such as open data and DFFT, as well as varying approaches to data flow regulations. Building trust through transparency and accountability is seen as vital for effective data governance. The analysis also raises concerns about privacy invasion, the manipulation of consumer behavior through data collection, and the role of large companies in data certification and accountability. Overall, the analysis provides valuable insights into the complexities of the data landscape and highlights the importance of careful consideration of data-related policies and regulations.

Kathleen McGowan

The analysis highlights the importance of prioritising data sharing across borders to promote socio-economic development. Kathleen McGowan argues that data should be viewed as the ultimate stranded asset and emphasizes the need to harmonise data sharing within and across borders.

Trust is identified as a major challenge in leveraging the power of data. The analysis acknowledges that trust deficits around data can be obstructive and that trust divides are likely to persist due to current geopolitical realities.

Creating value from data poses similar challenges for both developed and developing economies. No country or economic bloc has found the perfect balance for extracting value from data. The absence of a federal data protection law in the United States exemplifies the challenges faced by even highly developed economies in this regard.

The analysis also addresses the issue of data exploitation, particularly concerning data produced by individuals in developing countries. It argues that external entities often exploit this data without benefiting the local economy. Data localization, driven not only by national security concerns but also by a sense of data exploitation, is seen as a response to this problem.

Investing in the right governance models is crucial for establishing confidence in cross-border data flows. Current models of data trust and stewardship are considered limited, and data sharing should be the rule rather than the exception, with all stakeholders involved in decision-making processes.

Digital public infrastructure (DPI) and digital public goods (DPG) play a key role in data flow. DPI has gained prominence during India’s G20 presidency, aiming to create highly inclusive tech stacks supporting public sector service delivery and private sector innovation. Digital public goods are open solutions designed for interoperability and privacy.

The generation of data from digital public infrastructure is viewed as instrumental in solving global problems. It offers the potential for more representative and inclusive data.

Strategic data management is seen as an area where emerging economies can benefit. The analysis suggests that these economies should consider data as a strategic asset and adopt an approach different from the laissez-faire model of the United States and the state-driven model.

Finally, the concept of the “fourth way” is proposed as an alternative approach to data governance, presenting an opportunity for countries to leverage data in a way that better serves their economy and society. Kathleen McGowan agrees with this approach, highlighting its potential advantages.

In conclusion, the analysis underscores the need to prioritize data sharing across borders for socio-economic development. It addresses challenges related to trust, creating value from data, and data exploitation. The importance of investment in governance models, as well as the role of digital public infrastructure and digital public goods, is highlighted. The concept of the “fourth way” offers an alternative to traditional data governance approaches. Overall, the analysis provides valuable insights into data management and its implications for global development.

ATSUSHI YAMANAKA

The importance of data exchange and digital technologies in healthcare services in developing countries was highlighted by John Philbert and ATSUSHI YAMANAKA. They emphasized the crucial role that data exchange and digital technologies play in improving health services and outcomes in these countries. The need for secure and safe data exchange to ensure confidentiality and privacy of patient information was stressed by ATSUSHI YAMANAKA.

ATSUSHI YAMANAKA also argued for the inclusion of the voice of developing countries in creating an international framework for data exchange. He believed that their unique experiences and perspectives can contribute to the development of inclusive and equitable policies that address the specific challenges faced by these countries.

The promotion of data ownership and a right-based approach to data transactions was emphasized. The Rwandan government was cited as an example, having established a data protection office under the National Cyber Security Authority to protect data while allowing flow and respecting privacy. This approach recognizes the importance of user-based control in data transactions.

The support of development partners was deemed crucial in creating a conducive environment for data transactions. ATSUSHI YAMANAKA highlighted the role that academia, private sectors, and civil societies can play in supporting the creation of such an environment. Learning from each other’s experiences was identified as a valuable process.

Creating conducive mechanisms for free data flow requires a multi-stakeholder approach. The Internet Governance Forum (IGF) was cited as an example of a platform that encourages collaboration and dialogue among different actors to address challenges related to data flow.

Concerns were raised about data exploitation and data colonialism in developing countries. It was noted that developing countries often feel that their data is being exploited, and that information flow is skewed in favor of certain countries or organizations. This calls for addressing power imbalances and promoting a more equitable distribution of benefits from data transactions.

Bilateral organizations were urged to support the creation of an ecosystem that promotes trusted data flow. This emphasizes the need for cooperation and partnerships between countries and organizations to establish frameworks and mechanisms that ensure data is exchanged in a secure and trustworthy manner.

Government involvement was highlighted, emphasizing the importance of providing the right information and tools to government officials to ensure safe data transactions. Sharing of good practices and interactive dialogues with governments were also supported.

The transaction of data should not be solely driven by economic or social benefits, but should also consider global benefits. Certain types of data, such as climate and forest data, were highlighted as global public goods that can benefit society as a whole. A broader perspective beyond economic considerations is necessary for responsible and ethical data transactions.

ATSUSHI YAMANAKA advocated for integrating the free flow of trusted data into discussions about digital public goods and infrastructure. Data, particularly data related to natural resources and threats to them, was considered a public good that promotes transparency and collective action to address environmental challenges.

In conclusion, the importance of data exchange and digital technologies in healthcare services and beyond was emphasized. The need for secure data exchange, the voice of developing countries, data ownership, and the involvement of development partners were highlighted. Conducive mechanisms for data flow require a multi-stakeholder approach. Concerns were raised about data exploitation and colonialism. Government involvement, sharing of good practices, and considering global benefits were stressed. The notion of data as a public good and responsible data transactions were emphasized.

Mayumi Miyata

Mayumi Miyata discusses the concept of Data Free Flow with Trust (DFFT) in the context of development, aiming to facilitate the safe and transparent participation of developing countries in the international data market. She emphasizes the need to integrate DFFT into development programs and policies to anticipate future cross-border data exchanges and maximize data utilization.

Miyata highlights the importance of providing developing countries with the necessary infrastructure and environment to participate in the data market. By incorporating DFFT into development programs, countries can create an environment that encourages their active involvement in the international data market, leading to data-driven socioeconomic development.

Additionally, Miyata emphasizes the significance of multilateral stakeholder involvement in creating mechanisms to promote the free flow of trusted data. She argues that this involvement is crucial for addressing imbalances in data exploitation and rectifying the skewed flow of data, which often leaves developing countries feeling exploited. According to Miyata, it is essential to address these imbalances to ensure that developing countries can capitalize on the potential of their own data.

Miyata also advocates for the establishment of global standards for data transactions that extend beyond economic and social benefits. She provides examples of legal barriers encountered in data sharing, such as restrictions on data-sharing during a COVID-19 telemedicine project involving 12 countries. Some countries, like Indonesia, have limitations on exporting data from their hospitals, while national security concerns can restrict the sharing of environmental data, such as forestry data. Miyata believes that global standards would help overcome these obstacles.

In conclusion, Miyata supports the development of frameworks or global agreements that facilitate data sharing and transactions for global benefit. She suggests that disassociating personal information from data can make projects more feasible, and highlights the advantages that a framework would have provided in their COVID-19 telemedicine project. Overall, Miyata believes that integrating DFFT into development agendas, involving multiple stakeholders, and establishing global standards can enable developing countries to safely participate in the international data market.

Jean Philbert Nsengimana

The analysis highlights the importance of striking a balance between openness and data protection in relation to cross-border data flow and digital data governance. It recognises that data has become a valuable resource, often referred to as the “new oil,” which both state and non-state actors seek to exploit. Therefore, regulators and policymakers have a responsibility to safeguard the sovereignty, privacy, security, and digital rights of users while also promoting openness.

In the context of Africa, the analysis points out the potential benefits of cross-border data in bringing together the continent into a digital single market. Africa is currently in the process of creating the largest free trade area in the world, which could have significant economic and developmental implications. The report suggests that digital infrastructure, powered by wireless networks and satellites, can play a crucial role in connecting different parts of the continent. By transcending borders, this interconnectedness can foster collaboration and facilitate seamless data exchange.

Additionally, the analysis highlights the need to amplify and strengthen African voices in global digital data governance. It argues that although global platforms like the Internet Governance Forum (IGF) play a critical role in shaping digital data governance norms, it is important to adequately represent the perspectives and interests of African regulators and stakeholders. Strengthening African voices within the IGF can help ensure that decisions regarding digital data governance align with Africa’s unique social, economic, and political circumstances.

In summary, the analysis underscores the significance of considering both openness and data protection in cross-border data flow and digital data governance. It highlights the potential benefits of cross-border data for Africa, particularly in terms of economic integration and digital connectivity. Furthermore, it emphasizes the importance of including and empowering African voices in global digital data governance forums. By doing so, a more inclusive and representative approach to digital data governance can be achieved, leading to fairer outcomes for all stakeholders involved.

Chrissy Martin Meier

During the discussion, the audience raised several important questions related to data localisation and its potential impact on fragmentation. The primary concern was how to achieve data localisation without exacerbating the issue of fragmentation further.

One question that arose was regarding the role of the Institutional Arrangement for Partnership (IAP), spearheaded by Japan. Unfortunately, further details about the specific role of the IAP were not provided in the given context. However, it can be inferred that the IAP may have some relevance in addressing the challenges and complexities associated with data localisation and fragmentation.

Another question raised by the audience was related to the integration of the SWIFT system and the new financial transaction system spearheaded by the BRIC member nations. The specific details of how these two systems will fit into the broader framework of data localisation and fragmentation were not elaborated upon. However, it can be assumed that integrating these systems would require careful consideration and coordination to ensure that they align with the larger goals and objectives.

Additionally, the audience sought clarification on how country-led efforts to establish their own digital currencies, often referred to as Central Bank Digital Currencies (CBDCs), will fit into the picture. Unfortunately, the discussion did not provide specific insights into how CBDCs would be incorporated and their potential impact on data localisation and fragmentation.

It is clear from the audience’s questions that there is a concern about balancing the need for data localisation with the potential risks of increasing fragmentation. Addressing this issue requires careful planning and collaboration among stakeholders to establish harmonised frameworks and standards. While the specific details and answers to the audience’s questions were not fully addressed, the significance of these concerns was acknowledged during the discussion.

Tojima Hitoshi

Both speakers emphasize the significance of data flow with trust in achieving digital transformation and development goals. JICA, or the Japan International Cooperation Agency, has recognized the value of digital technologies in improving the efficiency and effectiveness of their cooperation program. This indicates their understanding of the potential benefits that can be derived from incorporating digital solutions into their operations. The Government of Japan, on the other hand, has been actively promoting the concept of data-free flow with trust (DFFT) since 2019. This demonstrates the government’s commitment to facilitating the secure and unrestricted movement of data.

The notion that data is referred to as the new gold is echoed by both speakers. Data is recognized as a valuable asset that contributes to the progress of nations. By viewing data in this way, it becomes evident that its free and secure flow is vital for unlocking the full potential of digital transformation. Furthermore, the speakers highlight the need for trust in data flow. Trust ensures that data is handled with integrity, confidentiality, and accountability. It establishes a foundation on which digital transformation and development can flourish.

The speakers’ positive sentiment towards data flow with trust reflects their belief in its transformative power. They argue that allowing data to flow freely, securely, and with trust will enable nations to fully leverage the benefits of digital transformation. With the overarching goal of helping partner countries achieve tangible development outcomes, JICA recognizes that data is instrumental in accelerating progress towards the Sustainable Development Goals (SDGs). This reiterates the importance of data in driving socio-economic development and highlights its role as a catalyst for achieving the SDGs.

In conclusion, both speakers advocate for data flow with trust as a critical prerequisite for digital transformation and development. JICA’s adoption of digital technologies and the Government of Japan’s promotion of data-free flow with trust demonstrate their commitment to harnessing the power of data in their efforts. By recognizing data as a valuable asset and emphasizing the need for trust, they provide a compelling argument for the free and secure movement of data. The speakers’ positive sentiment underscores the significance of data in accelerating progress towards the SDGs and achieving tangible development outcomes. Overall, their insights shed light on the essential role that data flow with trust plays in unlocking the full potential of digital transformation and driving sustainable development.

Gordon Kalema

The importance of formulating a data ecosystem that prioritizes people’s understanding and comfortability is emphasized in this collection of arguments. It is argued that a data ecosystem should be designed with a focus on ensuring that individuals have a clear understanding of how their data is being used and feel comfortable with its handling. This sentiment is supported by the observation that there has been a grey space in discussions around data where uncertainty existed.

Policies play a crucial role in creating a conducive data ecosystem. Rwanda’s implementation of a data protection and privacy law two years ago is cited as an example of the importance of policies. It is noted that a grace period of two years was given for people to understand and adapt to the new regulations, and from October 15, a cut-off date will be implemented. This demonstrates the role of policies in shaping the data ecosystem and providing a framework for data protection.

Balancing regulations with people’s comfort and understanding is deemed necessary. The argument is made that while regulations are important for safeguarding data, they should not hinder people’s ability to comfortably navigate the data ecosystem. Transitioning from a regulatory focus to a people-centric approach is highlighted as a valuable lesson, with an emphasis on putting people first before policies.

The potential for developing countries to be part of and even lead the data economy is mentioned. It is noted that data understanding and the data ecosystem are still uncertain areas in which everyone is learning. This suggests that developing countries have the opportunity to actively participate in and shape the data economy, potentially taking on leadership roles.

The significance of creating granular procedures and policies that can be easily understood by consumers is underscored. The example of Gordon’s country, where data protection and privacy laws were enacted two years ago, highlights the need for policies that are accessible to the general public. It is implied that simply having a legal instrument is not enough, and that policies must be designed with consumers’ understanding in mind.

The intentional structuring of organizations and dedication of resources to drive data discussions are emphasized as important factors. The establishment of a data protection office under the National Cyber Security Authority is cited as an example of intentionally structuring an organization to train people and facilitate discussions on data protection and privacy. This highlights the importance of organizational commitment and resource allocation in advancing data-related initiatives.

The role of data protectors is presented in a new light. It is argued that their duty extends beyond protecting data to also facilitating the flow of data and ensuring privacy. The perspective that data protectors should be conservative and solely focused on data protection is challenged, and a broader understanding of their role is encouraged.

Driving the digital conversation is seen as dependent on patience, awareness, and people’s ownership of the process. It is suggested that creating a culture of understanding, where people realize the importance of data in powering AI tools and digital innovations, is crucial. This implies that active engagement and participation from individuals are key factors in driving meaningful discussions around data and its applications.

To build a strong and sustainable data ecosystem, leveraging support from countries and international organizations is deemed essential. The argument is made that common protocols, tools, processes, and frameworks or policies should be put in place through collaboration with external entities. This suggests the need for partnership and cooperation at a global level to establish cohesive and effective data management practices.

The private sector is portrayed as having an important role in supporting emerging economies in terms of tools, processes, and policies. The argument calls on the private sector to contribute to the development and advancement of data-related initiatives in emerging economies, potentially by providing resources and expertise.

Promoting more innovations and championing transformative digital tools that are paired with useful data is posited as a way to increase understanding and appreciation of data’s value. It is suggested that when people can see the practical applications of data through innovative tools, they are more likely to grasp its significance. Therefore, a deliberate focus on encouraging and promoting innovative solutions is advocated.

Rwanda is portrayed as open to being a data champion. The country’s willingness to embrace and advocate for data-related initiatives is highlighted, suggesting a commitment to playing an active role in shaping the data ecosystem on a global scale.

The significance of the youth in the digital industry is emphasized. With over 70% of the population in Rwanda being below the age of 35, it is argued that young people are not only users and consumers of digital technologies but also bring disruption to the industry. This highlights the potential of youth involvement in driving digital innovation and growth.

Transparency in data sharing may be hampered if institutions are not comfortable sharing low-quality data. It is suggested that lack of transparency might be due to institutions trying to hide something harmful. This observation highlights the potential challenges in achieving full transparency in data practices and the importance of ensuring data quality.

Emphasizing data quality is suggested as a means to promote transparency and openness. It is argued that by focusing on data quality, institutions may feel more comfortable in sharing data, resulting in increased transparency. This further underscores the interplay between data quality and transparency in the data ecosystem.

In conclusion, this collection of arguments highlights the importance of formulating a data ecosystem that prioritizes people’s understanding and comfortability. Policies, balancing regulations with people’s understanding, the role of developing countries, granular procedures and policies, intentional organizational structuring, data protectors, driving the digital conversation, leveraging support from countries and the private sector, promoting innovations, and youth involvement are all key considerations in shaping an effective and sustainable data ecosystem. Additionally, the challenges of transparency, data quality, and the role of Rwanda as a potential data champion are also addressed.

Jean-Jacques Sahel

The analysis explores various aspects of cross-border data flows, privacy, and security in the digital economy. It emphasises the need to balance data flows with trust and privacy. Data flows are integral to our daily activities, both economic and personal. However, it is crucial to address the trust deficit between users and companies. To achieve this, public policy frameworks must embrace the free flow of data and avoid threats related to data localisation.

Moreover, the analysis advocates for open, interoperable, and standards-based regulatory models for data management. Progressive data transfer solutions have emerged in countries like Singapore, Brazil, and Japan, including certifications, consent for adequacy agreements, and interoperable privacy laws. The global cross-border privacy rules (CBPR) system is highlighted as a trusted mechanism for facilitating data flows between jurisdictions.

The inclusion of voices from developing countries in ongoing discussions about global frameworks for cross-border data transfers is also emphasised. Interoperable standards and certification systems can be applied globally, and the right voices are essential to ensure the global applicability of these frameworks.

The analysis acknowledges the role of companies like Google in providing access to information, especially in developing countries. Google sees itself as an information company that enables people worldwide to access relevant information. The internet has revolutionised access to information, and Google’s tools and products have played a significant role in facilitating this accessibility.

The importance of businesses, particularly small and medium-sized ones, understanding and integrating privacy practices for trusted data flows is highlighted. Certification requirements and good practice standards for data privacy exist, and businesses can adhere to them. Google has invested in funding advisors to help businesses understand these requirements and implement them. Embedding privacy practices directly into products through privacy by design principles is also deemed possible.

Privacy and security are considered crucial in handling data. Google’s experience and understanding of good practices in privacy and security are cited to underscore the need to incorporate privacy and security in both product creation and transactions.

The analysis emphasises the need to raise awareness and understanding of privacy and security principles among users and the business community. It is argued that this awareness reinforces trust and ensures the adoption of good privacy and security practices.

Regarding data localisation, the analysis suggests that the decision should be based on the nature of the data and its potential use. Examples, such as health data during the COVID-19 pandemic, demonstrate cases where data localisation may be necessary for the benefits it brings. However, the analysis does not explicitly endorse or reject data localisation in general.

A strategic approach to handling data, rather than a purely regulatory approach, is advocated. It is suggested that this approach should consider empowering regions, strengthening local economies, reinforcing local content creation, and other factors relevant to the specific goals and needs of each region.

Transparency is encouraged in terms of privacy and security. While acknowledging the existence of cultural differences, the analysis believes that a baseline level of good practices in privacy can be universally achieved. Reference is made to ISO-type security standards as a precedent for globally accepted standards.

Cooperation is deemed necessary for addressing the challenges related to cross-border data flows. The analysis highlights the difficulty of swiftly achieving a full global solution but suggests starting by creating connections between certain countries and gradually expanding from there.

Lastly, the analysis rejects the idea of having separate privacy and security standards for developed and developing countries. It argues that such separate standards would perpetuate disparities and hinder the goal of reducing inequalities.

In conclusion, the analysis emphasises the need for a balanced approach to cross-border data flows, incorporating trust, privacy, and security. It promotes open, interoperable, and standards-based regulatory models, the inclusion of voices from developing countries, and access to information. The significance of businesses understanding and integrating privacy practices, as well as raising awareness and understanding of privacy and security principles among users and the business community, is also highlighted. The analysis advocates for a strategic approach to data handling, transparency, and cooperation while rejecting separate standards for developed and developing countries.

ATSUSHI YAMANAKA:
a minute or so. We’re still waiting for one more expert to join in person. So thank you so much for your patience and we shall actually start in a minute or so. We’re still waiting for one more expert to join in person. So thank you so much for your patience and we’re still waiting for one more expert to join in person. So thank you so much So maybe I think we shall start actually. We have one more expert actually who’s going to join in person but he’s trying to find his way here. He just informed me that he’s somewhere. Ah, here he is. Yes. Yay, yes. So good afternoon for all. Thank you for actually coming to this session called Opportunities of Cross-Border Data Flow. I’m a senior advisor on digital transformation at JICA, who is actually privileged to be a moderator for this particular session. We actually have a very distinct expert here from the government of developing countries and also the private sectors, international organisations, umbrella organisations for the development partners, so we could have a very interesting discussion and we urge you, actually, to think about the critical questions, so we can throw at them. The sequence of the event is going to be we’re going to have an opening remark from Mr. Hitoshi, he’s a CDO of Japan international co-operation agencies, JICA, which is actually Japanese co-operation agencies for helping the developing countries. And basically he’s my boss, basically. So he’s going to have an opening session, followed by a different speakers, who is going to give a lightening talk of the contextualising, what it means for DFFT for development or data transactions for development. And then we’re going to go into the Q&A sessions, moderated Q&A sessions that I’m going to actually throw them, a few questions, but after that we’re going to open the floor to you. And we also urge, basically, active participation from the online participants. So we actually have the online facilitator, Chrissy, she’s going to facilitate the process online, so please actually send questions to Chrissy in the chat box so that she could actually moderate the session online. So let’s start, and may I actually pass it to Mr. Hitoshi, chief digital officer of Japan international co-operations, for his opening remark. Mr. Hitoshi, chief digital officer of Japan international co-operations, for his opening remark.

Tojima Hitoshi :
Thank you, Atsushi. Good afternoon, konnichiwa, ladies and gentlemen. Welcome to this roundtable session on opportunities of cross-border data flow. I’m going to start with a brief introduction of DFFT. I’m going to start with a brief introduction of DFFT. As Atoshi introduced me, I’m Tojima Hitoshi, Chief Digital Officer of JICA, Japan International Cooperation Agency, a bilateral institution committed to advancing the socio-economic development of emerging nations through Japanese ODA, official development assistance. At JICA, we have embraced digital technologies to enhance the efficiency and effectiveness of our cooperation program, always overarching goal of helping our partner countries achieve tangible development outcomes. In 2022, we introduced our DX vision and launched a practice known as Global Agenda for DX, as you can see at the entrance of this forum. Their primary objective is harnessing digital transformation to improve the well-being of all individuals and to build resilient societies that ensure safety and provide diverse opportunities. However, to fully unlock the potential of DX, we acknowledge that data, often referred to as the new gold, must flow freely, securely, and with trust. Since 2019, the government of Japan has been at the forefront of promoting the concept of data-free flow with trust, DFFT, emphasizing the transformative role of data in what late Prime Minister Abe aptly termed society 5.0. We firmly believe that data is a critical asset for the development of nations, a powerful tool that can accelerate progress toward DX. the SDGs, yet data alone is insufficient. It must flow and transact securely to realize its full potential. In this endeavor, we are also mindful of its challenges of data governance, sovereignty, cybersecurity, privacy, and personal information protection. In this session, we have gathered experts from government, public and private sectors, civil society, and importantly, all of you, both here in Kyoto and participating online. We encourage open and free discussions on the challenges and opportunities of data flow and transactions, particularly within the context of developing countries. Your inputs are invaluable as we collectively work towards creating models that maximize the benefit of DFFT. Lastly, I extend my sincere gratitude to our co-organizers, Daya and Google, for their invaluable support in facilitating this crucial discussion. I anticipate today’s conversation will be engaging and constructive, making a substantial contribution to the advancement of DFFT for development. Thank you very much. Arigatou gozaimashita.

ATSUSHI YAMANAKA:
Thank you, Tojima-san, for your opening remark. So now we’re going to go into the lightning sessions. We’re going to have five distinct experts here. We’re going to have, first, Ms. Miyata Mayumi. She’s the chief representative of JICA Tunisia office, but she used to be a director of the STI DX office in JICA. She’s going to talk about the DFFT for development concept of DFFT. And then we’re going to pass it on. on to Mr. John Philbert and Sengimana. He’s the Chief Technical Advisor of Africa CDC. He’s going to be also online. And then we’re going to pass it to Gordon Karema to my left here. He’s Director General of the Ministry of ICT and Innovations in Rwanda. And then to Kay McGuinn. She’s a Senior Policy Advisor of Digital Impact Alliance. And the last but not the least, Mr. John Jack Sahel, Asia-Pacific Head of Content Policy and Global Head of Telecommunication Policies of Google. So, Miyata-san, can I pass the floor to you? Miyata-san, maybe your mic is muted. Sorry.

Mayumi Miyata:
Can you hear me? Yes? Yes, we can. And also, I’m showing one slide. Yes, it’s fine. OK. So thank you very much. This is Miyata from JICA. I’m very delighted to be joining this session as an ex-director in charge of the ex in all the JICA projects and programs. And one of the things that I did with my colleagues is to conceptualize a so-called DFFT in the development context. And here, I’d like to explain this slide, which is also made available to our session page on the IGF website as a background paper. So the concept of DFFT for development, as we propose, is summarized in this sheet. And so the background is that developed countries are positioning data utilization as a source of national power. And they’re promoting them to get more data. Promoting them. and then getting more data and circulating them more data and then getting more values at the end. On the other hand, there are still many areas in developing countries where the infrastructure and environments are still at fragile stage and not maybe at that level. So what is the DFFT for development? Is to realize data-driven socioeconomic development of developing countries through enabling them to participate into international data market in safe and trusted ways. So in order to push this agenda, how can we do that? So on the right-hand side, we have laid out some elements here. And so in the white space, this is a kind of typical system architecture diagram starting bottom from infrastructure, data layer, data integration platform and data space services and having overreaching regulations institution on the right side. And blue highlighted areas are the kind of entry points where we thought quite useful to kind of package DFFT together with our development programs, for example. So support for a system operation deals with the regulations institution. Some of the intervention in our programs deal with digital strategy for our entire country or region or entire sector or industry. So in those exercises, it’s good to think about the cross-border data flows in a trusted ways. And another, secondly, is the data utilization. So we have a number of projects where we did. dealing with specific applications in energy or mobility, or in health, for their specific purposes. And when we support this, when we implement those programs, we also anticipate future cross-border data exchanges, so that we don’t hinder their potential of data utilization. So here are the kind of framework for thinking that we like to propose. And some of the detailed explanations are given on the following slide. I’m not going to explain all of them. And in the session, I would be happy to share some of the concrete examples and the challenges I would like to hear from other panels and the participants. Thank you very much.

ATSUSHI YAMANAKA:
Thank you, Miyata-san, for the concise, actually, concept of explanation, the concept of DFFT for development. As Miyata-san mentioned, the data without flow, data without transaction is data, no data, right? No gold, basically. So it’s very, very important for us to see what would be the safe and trusted ways of transacting data. So that is really the concept behind the DFFT for development. So now let me also pass it to Jean-Philippe Bernseng-Imana. He’s a Chief Digital Advisor for the CDC Africa. So she’s actually advising on a lot of health-related data, which is critical in terms of privacy and also safeguarding as well. So Jean-Philippe, can you actually have a lightning talk for you for five minutes? Absolutely. Thank you so much, Toshi-san.

Jean Philbert Nsengimana:
Good afternoon, everyone. So it’s half past 11 p.m. here, and I’m only here because Toshi-san is my good friend, and today he’s surrounded by two other… very good friends and colleagues, Kay McGowan and Gordon Kalema. Otherwise, I’m sure there is enough expertise in the room to dissect this topic. My name is Jean-Philippe Ntsengimana. I’m the Chief Digital Advisor at the Africa Centers for Disease Control and Prevention, and also work as serve as Senior Advisor at the Digital Impact Alliance. So the theme of cross-border data is extremely interesting and timely in the African context because of several reasons, but I will only talk about three reasons. Number one, Africa is uniting in the world’s largest free trade area. Previously fragmented into 54 markets, since 20… …a historic shift is… consumers. And while most of the other types of cross-border infrastructure such as roads and railways are lagging behind, digital infrastructure powered by wireless networks, satellite that are border agnostic constitute the only means to meaningfully interconnect the continent in the immediate term. So there is no question that cross-border free flow of data will benefit Africa’s vision to unite into a digital single market. Number two, I want to address the issue of openness and sovereignty and protection of data. Openness is good. It’s the only thing that would allow us to really harness the benefit of data, but we are extremely conscious also that there are many forces, state and non-state backed forces, as my previous predecessor speaker talked about, that seek to exploit the data as the new… new oil coming from Africa. So African regulators and policymakers must balance openness while protecting not just the sovereignty, but also the privacy, the security, and the digital rights of the users. And the only way to do that is through collaboration between different stakeholders who can enable appropriate data flows while safeguarding sensitive information. And this is particularly important when it comes to health data. People, as they move across borders, they need continuity of care. But at the same time, they can also transmit pathogens and propagate outbreaks leading to pandemics. So that control that balances protection and openness is very important. And it’s a challenge, not just an African challenge, but a global challenge to be able to handle. Number three, IGF is there to enable a global digital data governance. And I’m happy to see that this year the African voices are there. But this needs to be increased and be strengthened. Africans must lead in governing cross-border data to meet the continent’s needs, first and foremost, while enabling the global interconnected economy. By working together, we can build consensus on solutions such as localized health data storage, increased internet exchange points, and harmonized regional data regulations. So those are the three points I wanted to submit. And I’m really looking forward to a great conversation and a great IGF. Thanks so much. Over to you.

ATSUSHI YAMANAKA:
Thank you, Joseph. Thank you, John Philbert. And he actually had a great, actually. insight into the balance between the openness and also protecting the privacies, but also about sovereignties of the countries as well. But you know, he also mentioned about how Africa is moving forward with one digital market. So if we are lagging behind other countries in the world, actually if we are lagging behind, I think Africa as in many of the innovations such as like M-Pesa or mobile monies, I think they may actually have the best example of it. So what do you think, Gordon, Mr. Gordon Kaleva, he’s a DG of Ministry of ICT.

Gordon Kalema:
All right, good afternoon everyone. Great to be here on this conference. I want to first of all thank the organizers of the session. I think it’s at the right timing, at a time where we are discussing the internet we want. I think it is equally critical that we start discussing the kind of data ecosystem we want. Greetings from Rwanda, and I want to give my remarks from the perspective of a policymaker. I come from the Ministry of ICT Innovation, we do policies, we put in place frameworks, and as my predecessor speakers mentioned, as the global economies attempt to move into data value, creating processes, creating frameworks, it all starts with the role of respective countries. What is it that you do as a country, and what is it that you do as an individual in contribution to this ideal data ecosystem? And definitely we can see that we are moving from a gray space, a kind of a phase where the discussion around data is quite uncertain. It’s something that people have been shy away from talking about and increasingly we are seeing now countries and organizations and individuals being more open. So how do we encourage that? As a policymaker, and I want to use some examples of our own experience back home, we put in place a data protection and privacy law two years ago and we realized that before we get into the actual implementation we needed to give an ample time for people to be comfortable and understand the topic. So we gave sort of a grace period of two years and I’m glad to mention that today on 15th, this month of October, we are celebrating the cyber security month and on 15th that’s when we are going to be having our cut-off date. So I wanted to highlight the role of having policies in place. So we need to be able to have policies, laws and institutions strengthened, but then importantly we need also to realize that we are working with people, we are working with humans before the balance between going with what the policy says, what the law says and also allowing people to be comfortable with the topic and take ownership is very key. So the transition we’ve had has taught us a lot of lessons that I’ll be able to share maybe in the next opportunity, but for us it was a highlight. People first before policies. Thank you. Thank you Gordon. So

ATSUSHI YAMANAKA:
it’s very very important actually to see the perspective of the people first. I think a lot of IGF is based on the human rights issues, so it’s really important that how can you actually ensure the people first policies in terms of the FFT for development. is also being entertained on that. So may I pass it to the DIO, Ms. Kay. She’s actually Senior Policy Advisors on Digital Impact Alliance. Basically, Digital Impact Alliance is an umbrella organization for the development partners in the area of digital technology or digital support. So, Kay, can you actually give us perspectives on the DFA?

Kathleen McGowan:
Yes, of course. Good afternoon, everyone. First off, I’d like to thank my friends at JICA for organizing this session and the partnership with DIO and framing this important conversation. As Atsushi-san just mentioned, the Digital Impact Alliance, or DIO, as we’re better known, is a platform for public and private development funders to work together to improve investments in digital technology in order to accelerate socioeconomic development and ensure that digital policies and systems are grounded in the rights and aspirations of people. So I, too, am really happy to hear the theme here. So it’s wonderful to have an excuse to visit this beautiful country, beautiful city, but this is also a hugely important topic. Data-free flows with trust are often associated in policy circles with international trade and commerce. In particular, among and between the world’s largest economies. And while this is, of course, true, it’s also an incomplete way to think about data-free flows with trust, right? This idea of establishing the rules and mechanisms to enable safe cross-border data sharing also has tremendous potential to advance socioeconomic development for everyone. And that includes all countries, but it’s, I think, especially relevant right now to countries and communities that are working to close gaps. such as access to formal financial services, quality education, universal health care. And then when you move beyond borders, the impacts of climate change and disease or pandemic are just a couple of examples that feel particularly tangible to all of us today. So all to say the opportunities for digital free flows with trust to solve global challenges, I would say are limited. And so I was asked to speak about the opportunities as well as the challenges. And I do truly believe that we can’t even quite fathom what the opportunities are, especially with the advent of AI as we’re seeing this. Fortunately, I think the challenges, while they are real and they’re formidable, they are not limitless, at least I hope not. I’m not naive, we’ve already heard people talk about the fact that there are going to be datasets that countries will not share, or at least they will not share broadly due to national security concerns or to protect economic interests. And yet we also know that there are vast amounts of digital data that could be safely shared for the benefit of humanity and people while respecting these security issues and sovereignty. So economists like to talk about stranded assets, right? Resources whose value are not fully realized. And I like this analogy because data, whether it’s locked up in a commercial platform or in a government server, I think as we move more and more into the digital era, data is the ultimate stranded asset. And I think that’s, you know, we’ve heard references to data being similar to oil or gold, but you know, in fact, it’s not, right? It’s a non-rivalrous resource. It’s not finite. There’s no scarcity. concern that should incentivize hoarding. In theory data is infinitely reusable and of course I don’t need to explain to anybody in this room or online the just exponential rate at which new data is being generated now which is only going to increase. So when you think about the unrealized power of stranded data assets to provide the insights and create solutions for both global and domestic challenges, I think harmonizing both data sharing within borders but data sharing across borders is a really urgent priority that doesn’t get the attention it deserves and I do applaud the government of Japan for keeping this on the global policy agenda. So I would argue that the real challenge to unleashing the power of data to advance human development, it’s not technical, although there’s a lot of technical work to be done, but it’s trust, right, which is why I think DFFT is so aptly named. We know that today’s geopolitical realities mean that some of these trust divides are not going to be closed, at least not in the foreseeable future, but I bet that most trust deficits around data can be addressed with serious investment in building and governing data sharing models and tools that give data holders the confidence they need. And these are data holders, they could be commercial actors or public institutions, but I think we can find the tools and the rules, so to speak, to unlock useful data safely, responsibly, and as you guys have put it, to let it flow. Thank you.

ATSUSHI YAMANAKA:
Thank you, Kay, for that. Actually, exponential growth of the data is really something that we would like to explore. And then what Kay actually mentioned about tools for actually safeguarding and utilizing this. I think this is going to be a very, very pressing topic for the next speaker, Mr. Jean-Jacques Chahal. He’s from Google. So oftentimes Google has been criticized maybe from the circles, saying, okay, this is actually data oligopolies. But at the same time, I think tools and also some of the services and products that they can offer has also had tremendous, actually, potentials for developing countries as well. So can I pass it forward to you, sir?

Jean-Jacques Sahel:
Thank you very much. Yes, I think you can hear me. And thank you, Asushi and the Japanese government, for organizing this session. And it’s really good to see many of you in the room, including some faces that I’ve seen since very early IGFs. So thanks for being back. So I wanted to share our perspective and touch in particular on public policy framework, following on a little bit from what Gordon was saying. And hopefully we’ll have a good dialogue taking it a little bit further. And when I think about this topic, I think about information. You know, it’s a really timely discussion to have, because it’s about, on one hand, how we protect our users, how we reinforce their trust, but also how we can boost our economies and making the most of the global nature of the Internet and of information flows, something we haven’t always had, something that the global South hasn’t always had. And so we need to think about how we can capitalize on all the positives in this debate as well. It’s quite obvious, I think, to all of us that today data flows underpin a lot of our day-to-day activities, whether economic or personal. You know, the value and the convenience of the global Internet rely on the free flow of information, whether it’s because we can collaborate, like today, with a conference call that brings colleagues from Rwanda and other parts of the world to just talk to us, as if we were in the same room, pretty much, although it’s a very, very big screen, to see Jean Philbert. Or, you know, being able to buy or sell items online, to obtain information, etc., etc. The ability to work seamlessly, to transact, even when we have massive challenges like we’ve just had with the pandemic. We were able to maintain economic activities and also some semblance of social activities in ways that we just couldn’t have thought about just 10 or 20 years ago. And we need to think about how we preserve all that good whilst also having the right protections in place. And I think that’s what goes to the heart of this debate, because threats to data continue to grow. On one hand, you’ve got, you know, trust deficits between users and a company, or indeed between users and a country, or foreign countries and foreign organizations, people being worried about daytime issues, and we’re at an important inflection point in these debates. Now, if we think about it from a legal and policy framework, companies largely rely on contracts for transfers. And contracts have their place, but they’re not necessarily right for every transfer, and they don’t do much to ensure trust between governments or our users. And so we really need to think deep down, how can we avoid a world where we have information winners and information losers, privacy winners and privacy losers? We need to get into a situation where we don’t have countries that have access to new and innovative technologies and countries that don’t. And the only way to avoid that is to avoid artificial barriers to access information and to access technology at physical borders. Instead, we can think and we should think about ways that ensure that both ensure privacy and facilitate cross-border data flows. And I think we see that also when, you know, recently we’ve got the public consciousness focused on things like generative AI, and I think that’s thrown up considerations. about some products that have had privacy built in, you know, privacy by design, and the need for that to happen and to build it into this whole new wave of transformative products that we’re seeing it. And that approach of privacy for design has allowed a number of product companies to launch new products with privacy built in, thinking about local privacy laws and how to meet privacy expectations and how to reinforce user’s trust. And we really need now to think about that as we expand the system. We need to get to a better place because data transfer underlies so much of what we do today as a society and as an economy globally. And companies on their own cannot solve the trust deficit on data. We need, well, the sort of things we have today, we need governments, civil societies, citizens, and industry to come together to work towards a sustainable and global model for a trusted digital economy. And we’ve seen many governments active in this area. Well, Japan, for one, right, during both the G20 and then now this year with G7, with governments calling for frameworks that support the free flow of data with trust. And so how do we do that? So we think that governments and industry and other stakeholders can work together to accomplish this goal of marrying cross-border data flows with trust, with the respect of privacy, and users’ expectations. And we need to think about public policy frameworks that embrace the free flow of data, but avoid the most restrictive types of data localization, which actually could threaten resilience and cyber stability. We need to think about how to have interoperable privacy frameworks, privacy laws. We need to think about cybersecurity standards that are risk-based, that are practical, and to think about the mechanisms that underpin all that with cross-border enforcement of those mechanisms. And all of that will come through open, interoperable, and standards-based regulatory models. All this is feasible, and it’s in the process of happening. We’ve already seen progressive data transfer solutions in countries like Singapore, even Brazil, or Japan in the last few years, right, with each of those creating toolboxes for data transfer solutions. That includes things like certifications or consent for adequacy agreements. And those sorts of processes of toolboxes encourage or promote trust and offer a range of options that companies can use in order to offer privacy-compliant products and solutions, including a cross-border for the data flows. Now we need to think about a sort of multi-country, multilateral approach to all this. And so there’s a number of initiatives that we can consider. For instance, the global cross-border privacy rules, CBPR system that’s emerged recently, which is one of the important steps towards enabling a continued and trusted set of data flows between participating jurisdictions, where we have interoperable frameworks and protections that are valid across those borders. And if we do this right with these new initiatives, these new collaborations, we can end up with increased confidence from users, from customers, from business partners. That’s how we look at it as well. But if we also do it right, importantly, for all sorts of organizations, big and small, that work in this space, we can end up with reduced compliance costs, because you have interoperable frameworks across jurisdictions. We can have consistency of enforcement, which, again, is important for companies of all sizes. And again, if we do this right, we can have improved data security. And with all that, let me try and conclude with a focus – I mean, to me, it’s all obvious that it should serve for for development and the Global South, but we need to make sure that the Global South has the right voice. So we need, as we have those discussions at international level about creating or fostering and taking on interoperable regulatory and standards frameworks, we need to make sure we have voices from developing countries from the Global South present. We’re lucky here at the IGF, as Jean-Philippe was saying, that we have voices from across the world’s regions. We need to have more of that in some of those fora where the global frameworks for cross-border data transfers are being discussed. Countries from all over the world need to take that space. And that need to translate then into, well, small and medium-sized companies or companies of all sizes in all countries of the world. I think the beauty of having interoperable standards and certification systems is that if they’re done well, with the right voices involved in developing them, they can be applied in any company, potentially anywhere in the world, and those companies can then trade and exchange data with anywhere else in the world. That’s a real promise. I think we’ve already seen it in the past few years, but we need to reinforce it now in a system that’s trust-based and that various jurisdictions can be comfortable with. So, let me try and finish. I think there’s a bit of work to do, but we’ve made a lot of progress in the last few years in trying to figure out what might be the right regulatory frameworks, what might be the detail of those data protections and trust-building initiatives that we can bake into companies’ practices through things like certifications. And now we just need to really broaden that model, deepen it, raise awareness of it, and make sure that the right voices are involved in taking it forward. So, much, much more I’d love to discuss, and hopefully we can move into that in the dialogue. Thank you again for having us. No, thank you.

ATSUSHI YAMANAKA:
Thank you, Jack. Actually, he mentioned a lot of, actually, points, but I want to point out, especially the compliance costs, I think, like interoperability frameworks, where everyone… actually can abide by it, that would actually reduce the compliance cost. And another thing I would like to actually point out is I think the importance of the voices from the developing countries to be part of the process. Because oftentimes when you think about data flow, digital technologies, their voice is not yet, I think, has been heard enough. But when you actually create that kind of framework, international framework, the best examples, they are really the next future, basically. So their voices and their inputs must be part of the process, as well as the frameworks that we’re going to create. So thank you so much for actually framing the discussions. Next I’m privileged, actually, since I’m a moderator, I could ask questions first. Since John Philibert, unfortunately he’s in Las Vegas right now, but not for gambling, but he has a very important conference on the health conference. But it’s already almost 12 o’clock, 12 something for him. So let me actually ask him questions first so he could actually go to sleep. So John Philibert, health sector is one of the key sectors where privacy, as he mentioned, is utmost concern, right? However, in order to expand the health services, especially in developing countries where the needs are the most, it is critical to have this secure and safe data exchange. And you mentioned about, you know, the health across the borders. You know, wherever you go, you should actually have a healthy environment. Do you think the developing countries who need these services the most, these establish in such regime? JP, can you hear me? Oh, maybe he went to sleep. John Philibert, are you there? I do not see him online any longer, so. Oh, he’s gone? Yes. That’s very unfortunate, because we wanted to actually hear the perspective of the health perspective, but okay. All right. So let’s actually move on. Maybe we can ask him questions later on online, as I can basically, you know, put it into the report when you actually compile the report. So maybe I can ask John Jack, maybe, with JJ and JP. How can we ensure free flow of trusted data without compromising privacy and national securities? You mentioned that a lot about it. What should the roles of private sector like Google, where they are the big data keeper? I wouldn’t say holder, but the keeper, and also the support of the transactions. What the role should be? It’s a tough question, by the way.

Jean-Jacques Sahel:
I think it can go into a lot of directions. I would say the way I look at it as a starting point is one of the reasons I like to work for Google is that it sees itself as an information company. So for a lot of the products that we have, we allow people to access information, information that’s relevant to them. It’s the basic mission of the company to try and help people or make the information universally accessible and relevant to what users want. And deep down, that’s what I care about, is being able to allow people to access that information. As I said earlier, this is not something that we’ve always had. I grew up in a world that didn’t have the Internet. I think for some of us, that sounds weird. When we didn’t have the Internet, we had very limited access to information. And this was especially true in developing countries. The way that the Internet has enabled us anywhere in the world to have access to tremendous amounts of information, but also some of the underlying technological aspects, is just tremendous. And we should always keep that in mind. So then we get into… So, that’s a role of some of us in the industry where we can help through our various tools and products for people to access information, which I think is an important dimension of the topic. Then, what can we do in terms of trusted data flows? Of course, we can respect the privacy principles, okay, and that’s the gist of what I was saying. I think we’re in a situation where there’s a lot of understanding now of some of the key elements that should feature in good practice privacy, and I think there’s ways to encapsulate that in good practice standards and certification requirements, and that’s in process. But then there’s the next step. The next step is, I was trying to allude to this, is we need to mainstream those protections. We need to help companies be aware of those basic protections, and so we need to work with especially small and medium-sized businesses and everywhere in the world. So, we’ve put in a bit of money, for instance, as a company to help to fund some advisors that can help the companies in understanding better the certification requirements, for instance, and how they can put it in place, and generally speaking, we’re trying to use our various activities to engage with developers and sort of companies that are active online to share those practices with a wider community. Then as we look ahead, I think we can think about how some of the products that we build, which are privacy by design themselves, but could perhaps embed some of the good privacy practices and therefore be used by small and medium-sized businesses. It doesn’t have to be Google. I mean, there might be some specialist actors that develop tools that help companies to sort of integrate those good practices in their day-to-day. So I think there’s both a sort of technical, operational angle to how we can help. the wider industry to take up good practices and then there’s sort of evangelism, if you will, about making sure people are aware of what’s out there. Thank you. Thank you, John Jack. I think

ATSUSHI YAMANAKA:
that he’s alluding to a very important point about mainstreaming or some of the good practices. And I think, Gordon, I think government actually has a lot to actually work needs to be done in terms of advocacy, right? And, well, John Jack was mentioning about mainstreaming advocacies for private sectors, small and medium enterprises, but to the citizens as well. How would you actually, what do you think the government, like in Rwanda or elsewhere, especially in developing countries, how could you, the government, could actually advocate and also trying the citizens to understand the benefits of, you know, the free flow of the data and then what data-enabled economy can actually bring to them? And also, how can you actually ensure that the security and also the privacy and trust underpinning this DFFT is also being advocated and so they feel safe in this kind of environment?

Gordon Kalema:
All right. Thank you, Toshi. Such a great question and a tough one. I will start it off with maybe a scenario. There is something which was mentioned around how developing countries should be able to be part of the process. I would rather mention that the developing countries, or let me say economies, have the potential to actually lead, not just be part of the process, but also lead the process. Because the data understanding and ecosystem and the way it is turning out to be is a kind of space that is still uncertain for most people. And everyone is struggling, everyone is learning, that’s what I believe. And so this role goes in all directions, as you mentioned. There is a role for governments, there is a role for private sector, there is a role for organizations, academia, and so on. And I wanted to highlight a few lessons we’ve learned, again, coming from the government, wearing the government hat. I just wanted to share a few highlights of what we’ve been doing, just to try and drive the point home. Because we need to, again, shift away from just discussing the ideal environment to an actual environment we are living in. I mentioned earlier that we put in place a data protection and privacy law two years back, and we realized that actually just having a law was not enough. We had to do all the global benchmarks you can think of. And then we realized that actually having an instrument in place is not going just to be useful, we needed to also have more granular procedures and policies that are going to be easily understood by the consumers or by the people. And so we had to highlight the role of those who could be data contributors, data controllers, data disseminators, just to make sure that everyone knows their positioning. What is it that I can contribute to this topic? So that’s one. Number two, we also realized that actually we needed to have fully-fledged institutions. And when I say institutions, I don’t mean just the typical government institutions. You could be working in a private organization, you could be working in an international organization, regardless of the size of your company. you the reason it is very important to be intentional in the way you structure your organization work and try to make sure that there are people who are dedicated to drive this whole discussion. So what we did back home we put it in place a fully fledged institution called a data protection office that sits under National Cyber Security Authority and then we had to train people. Now we realized that actually the largest part of the training we relented was to be able to create a culture that tells people that your job is not to protect people. When we are hiring, when we started to train, everyone thought my job is to protect data, is to be conservative, is to stay on data, don’t touch the data and people felt like we need to have a group of army and police officers around the data office and it took to be intentional to tell people that actually their job is not to protect data, is rather to allow data to flow and protect privacy in the process and it’s different. So that’s pretty much what we did and then also that came along with awareness as I mentioned people first. You can have right policies in place, you can have institutions in place, you can have all these things, you can do awareness but it is very important to be patient for people to be aware of this. We realized that the only sustainable way to drive this whole conversation is when people are taking their own ownership. If you’re going to create single digital ID which something that we’re doing, we realized how do you make sure that people have data in their hands and they can allow authentication by themselves and in a process they become comfortable and start to realize that actually with digital innovation that are coming up with the generative AI tools, it’s all sitting on data. And our people, most people will not know, it’s not just obvious, that people are going to know that when I’m using an AI tool, when I’m using any intelligent solution, actually at the back it’s powered by data. So not until you’ve driven the point home and people are very comfortable to understand that actually whatever you’re doing is in the interest of the economy, in the interest of people, then it’s going to be sustainable. Thank you.

ATSUSHI YAMANAKA:
Thank you Gordon for that. Actually, it’s very, very important that the data owners, I think a lot of people do not, you know, they don’t realize they are the data owner, you know, of their own data. And I think that was a very good example of how Rwandan government actually realized that and trying to advocate, yes, you are the data owners, yes, you are actually in control. We keep the privacies, but we also help you to transact these data so that your life, your livelihood is going to be much better than today. So I think that’s a very, very important concept that we should advocate. That’s also the rights-based approach, right? So that is very important. Now, what could, like, development partners could do to support that, okay? You know, because we’re here, really, to support that. The private sectors, civil societies, academia, we’re all here, right? But at the same time, we’re here so that we can, you know, we can actually support development partners in this, create these conducive mechanisms to take advantage of this. What do you think we could do to support them? Of course, we would learn from them as well, from the experiences, but essentially, what can we do to actually co-create this environment?

Kathleen McGowan:
Yeah, so, great question. And I think I’m going to start by pushing back a little bit on this idea that the challenges are so different between developed and developing economies. One of the things that I find most fascinating about this question of how do you create more value for more people from data is that no country, no economic bloc has really figured out the perfect balance. And so I think you’re right about global cooperation. I mean, if you look at my country, I work for a global organization, but I come from the U.S., and we still don’t have a federal data protection law, much less a coherent approach to ensure that the value of data is fairly shared, right? And as Jean-Jacques is well aware, if you look at the case that the U.S. government is making right now against Google, it is all about access to and control of data. So this fundamental question of how do you balance those rights is, I think, something that nobody’s figured out, and that is a collective challenge that requires a huge amount of collaboration, both within policymakers and multilateral institutions, but also bringing in all of the other data stakeholders, including civil society and, of course, the private sector. I will just add one caveat to this, that I do think there’s one issue that does play a little differently for people from developing economies, and that’s the sense that data that is produced by people in their country is being monetized elsewhere without benefiting the local economy fairly. And so, you know, where we think about this tendency towards locking down data and data localization, we like to kind of easily tag that as a poor choice to national security concerns, but I think there is a real sense of exploitation that’s fair and needs to be addressed. Right? You know, all the more reason to ensure that the benefits of data flow both ways. Right? But to your question, I do think there’s been very little investment in trying to find the right governance models and mechanism, those rules and tools that I referred to. to earlier that will give decision makers the confidence to enable cross-border data flows. Right? There’s been some good work to set up data trusts and data stewardship models, but they’re really limited. As Jean-Jacques said, you know, we’re either operating in a commercial contract area or in academia or research, you’re finding these bilateral kind of one-off agreements. And so I think the time has come for us to settle on a few different broadly accepted, well-governed mechanisms that make data sharing the rule rather than exception. Right? But to do that, you have to have all stakeholders at the table, which I think is the role of funders of multilateral organizations, and ensure that these conversations are not just multilateral between governments, but also multi-stakeholder, right? Because everybody has vested interests here. Thank you.

ATSUSHI YAMANAKA:
Thank you, Kay. Yes, you’re completely right in the sense that I think it is really, you know, multi-stakeholders approach is necessary, because conducive mechanisms we cannot create, like one entity cannot create conducive mechanisms. And if you want to really have agreement or general consensus rather, not agreement, but consensus, in order to actually promote the free flow of data, I think it is very, very important to have multilateral stakeholders, multi-stakeholder approach that’s exemplified here in IGF. But also, going back to the data sort of colonialisms, or maybe data oligopolies, I think this is a, you know, I work mostly in developing countries, and then I also feel this, that they feel like their data is being exploited. And the flow of data, or flow of information, is skewed to one So they really feel like, you know, they are being exploited. They actually have a lot of data, but they cannot actually capitalize this. So I think that particular point, I think, has to be rectified if we are going to really promote the free flow of untrusted data. So, Miyata-san, you know, we are a bilateral organization, right? Bilateral organization. What should organizations like us, bilaterals, can actually support creating such regime or the ecosystem, maybe, to promote the trusted data to flow?

Mayumi Miyata:
Yes, thank you, Tsushi-san. As we are working with the government, and also we are kind of developing practitioners, you know, working through projects, so, I mean, the debate of the policy, like making the legal frameworks and all, I think this is done more at the, I mean, government-to-government level through the ministries and policymakers. But I think we are there to kind of pass those information, update it. And also, like what Ms. Kay has said, that the available tools that make people confident to pass the data to others, that’s also we can share. And the things like what we’ve just heard from the Rwanda case, I think that a lot of the government officials that I’m interacting with, they’re quite, yes, aware of the opportunities, that’s no question, but for the risk, it’s quite hard to narrow down their risk that they’re facing. So they kind of blindly block everything from outside. And they’re saying that, okay, all the data were concerning the government you know, it’s concerning with the national security. So, we’ll put everything physically in their territories or something like that. It’s not well, like, studied, like in Rwanda, because you have benchmarked everything. That’s not the case for many countries. So, I think these kind of good practices or sharing, yes, what you just said, the benchmarking are quite important for us as a development partner to pass this kind of information and knowledge. And then also really having a dialogue with the government, what could be, what is really the focus risks that they have to tackle in terms of national security, also in the personal information

ATSUSHI YAMANAKA:
sphere. Thank you, Miyata-san, about that. So, it’s really how can you actually ensure that we give them the right information and right tools, I think, for them to be comfortable on, you know, transacting data and so on. And for that, I think, John Jack, I think you mentioned about tools that Google has created, and many other, actually, companies are creating. But at the same time, a lot of government is concerned, because you hold a lot of data. You know, probably you, Google knows more about, you know, me than myself, right? In this, actually, devices that we all carry now. They know, you know, they know secrets, our secrets here. So, how can you ensure that the right tools, how can you ensure, like, a company like Google can give them the trust, so that, okay, yes, we could actually, are comfortable, actually, transacting data, or basically, you know, they don’t feel like they’re being exploited. What can you do to ensure that? Thanks, Asushi. How many hours have we got?

Jean-Jacques Sahel:
Look So I was mentioning before I think We have Over the years. I think we’ve got to a certain experience and understanding of what are some of the key Foundational elements if you will in terms of good practices in both privacy and security, so I think We need to embody that to reflect that in both how we build our products and then in the ensuing sort of exchanges and transactions so That’s an ongoing process Sorry, there’s just so many facets of the question. I’m trying to think what would be most helpful I Think in terms of You were thinking earlier I was listening to Gordon and then someone made a point about Doing things differently or not between a global South and a global North when I’m listening to Gordon He’s doing the things that any country should be doing doesn’t matter where in the world And so I think I wouldn’t particularly Distinguish between different regions in that sense. I think over there at some level privacy is a cultural Connotation so you might have some slight differences between certain cultures there are those foundational elements that I think we can share generally and I think we need to Reflect that in cross-border mechanisms. So things that companies can build In their products and in their transactions and that governments around the world are happy with because they’re mirrored or interoperable frameworks across jurisdictions, so you have a baseline of Protection and therefore of trust but net that needs to come with a set of other supporting policies and here again, I’m Gordon has mentioned some it’s about raising awareness. And again it that it’s not about Rwanda. It’s not I think it’s true in every jurisdictions Whether it’s the US or Europe, etc We need to build that understanding amongst users as well as in the business community about those principles and why they reinforce trust and how. So there’s quite a lot of work which is about policy initiatives beside the regulation. And then in terms of the sort of the ownership of data and economic potential, if you will, I think we need to be mindful of realities, like simple examples, but with a lot of difficulties behind. Remember during COVID, we’ve been talking about health data and there are certain health data that are very, very personal. So you might want to keep them localized. But then think about COVID, we had to be able to analyze data in order to come up with analysis of the trends of the pandemic and then come up with solutions to it. And that’s true in most areas of medical research. So I think that’s where the complexity goes. We need to not have, it’s not a Mannequin choice between, yes, you should localize data or no, you should not localize data. It’s about which kind of data, what can be helpful? How can you exchange it? What makes sense? And again, I think there’s a lot of evidence already about how you do that, but we need to have that conversation and build this understanding. And then you move on to the next step in terms of empowering certain regions. It’s not, again, just a choice of, yes, we should keep our data here or not. It’s about what you’re gonna do with that data. So Jean Philbert, for instance, mentioned IXPs, right? If you think about data flows, a lot of the internet traffic that is going in and out of Africa actually transit via other regions of the world. That doesn’t have to be the case, right? And it’s not because the Europeans are somehow dictating where that traffic goes. It’s just the way that it’s worked historically for the past 20 years. It doesn’t have to happen. You can build internet exchange points. You can have the data routed locally. That doesn’t cost a lot of money. And actually, then it saves a lot of money. And it can, if it goes well, and it needs to be- accompanied with public policy initiatives, it can reinforce local content creation, it can reinforce local economies, et cetera. So I think that’s where you need to think about it as a strategy, not as a regulatory approach, but as an overall public policy strategy within which there’s regulation and within which there’s cross-border cooperation. Sorry, that’s a lot of, I could go on for a while.

ATSUSHI YAMANAKA:
Well, I know that I’m actually giving a hardball question. So that’s the beauty of actually inviting a company like yours, Google, to actually be part of this discussions. But a lot of, actually, I won’t actually go into the discussions of infrastructures, but before I go into it, a lot of actually data discussions, data transaction discussions is actually, even today, I think it’s all about the economy. And then, let’s say Greece, like health and so on. But there are actually beyond that. Some of the data flows, I think, is beyond that, such as climate data, that we all need to share all this data. Or like some other, for example, forest data. Data is about waters and so on. That actually is a global public good, isn’t it? So that’s also some of the elements that we need to think about it. Not only the data transaction for the economy, but can you do actually data transaction for global goods? So, Miyata-san, you were actually mentioning before we did the discussions, briefing sessions. Do you think you can give us an example of such, the data transactions or sharing of data, which goes beyond just simple economies or simple social benefits, the global benefits?

Mayumi Miyata:
Yes. Maybe, as earlier speakers have mentioned, COVID was one good example. And with our experience, we had a telemedicine project during the COVID-19 with 12 countries. And maybe this could be one area that I can share. So this project connected medical staff working for ICUs in top hospitals in each country. And we had a number of ICU specialists to advise other ICU doctors and nurses on particular patients that hospitals were dealing. And in this project, we had a kind of a legal binders because like, for example, in Indonesia, the hospitals could not take any of their data outside their hospitals, not even their frontier. So we had to make a legal agreement that we don’t touch on their data. And then, so like as earlier speaker said, some of the information we actually, we had system to connect directly to their electrical medical record system, but we couldn’t because of this legal limitation. And then, so I think maybe there are certain ways of course, technically to tackle that we don’t draw the personal information and then just important elements that is needed in the doctor’s diagnosis or maybe have a statistical data for the global trend. But if I think that, yes, it’s if we could, yeah, I think if we had a kind of a framework or certain agreements globally that are some kind of standard that we could have made this project much more easily. So this was something that we learned. And I think for the environmental information as Atsushi-san mentioned, like forestry, these are kind of data also I heard in some countries that are very restrictive because of the national security reason. And so, yes, of course, it’s important when this disaster happens, for example, like the fire outbreak, but the countries are not really ready at this stage, I think, to share everything like that in one hand. So maybe this is what I can say from my side. Back to you.

ATSUSHI YAMANAKA:
Thank you, Mineta-san. Actually, that’s actually a nice segue into the public goods discussions. I think some of these data should be public goods as well, I think. And also, John Jack mentions about infrastructures, you know, creating IXP in Africa, for example, of common friends like in ICANN, he’s really pushing for that. But should that discussion, should the data flow, would be also part of the discussions about the digital public goods or digital public infrastructure that we’ve been all talking about throughout this year, you know, with the G20, the presidency of India is really pushing for these public infrastructures, and also digital public goods. So Kay, should this concept of free flow of trusted data should be part of the DPI-DP discussions? I know you’re passionate about that, so. Yes.

Kathleen McGowan:
Well, I’ve been waiting for a few weeks for this question, so thank you. Wholehearted yes. You know, as Atsushi-san mentioned, digital public infrastructure as a policy priority has gotten a huge boost in the last year, thanks to India’s G20 presidency. And if you look online for this phrase, digital public infrastructure, if it’s not familiar to you, you’ll find that in a nutshell, it refers to an approach to using open protocols and open standards to building out highly inclusive foundational layers of national tech stacks, right? In the shorthand for DPI, it’s usually considered the kind of trifecta of digital identity systems, digital payment systems, and then secure data exchange. And the key, of course, is that they have to be designed, deployed, and governed to be highly inclusive. They have to serve both public sector service delivery, but also private sector innovation. And they have to be interoperable to do all of this. And so countries like Estonia kind of came up with this approach decades ago. And then in the last 10, 15 years, India has really brought it to scale. And some of the impact that we’ve seen there is quite extraordinary in terms of radically accelerating financial inclusion, right, and dramatically improving service delivery, something that they found very, very helpful during the pandemic when governments around the world were looking for mechanisms to be able to seamlessly get social protection or stimulus payments to folks to help them keep going. And so if you think about the goal of digital public infrastructure, it’s really to enable the production of data that is highly relevant to solving global problems, right, whether it’s around financial resilience or health data. You can, by creating these DPIs that reach more people, not only are you getting more data, you’re getting more representative data, right? And I think especially as we, you know, kind of speed into the generative AI era, having that highly representative data of the realities that people face is going to be really important. to be increasingly important to making sure AI tools work for everyone. And again, that then is linking interoperable, highly representative data within countries and ensuring that it can easily move across borders when needed and as appropriate. And so I think absolutely we should, you know, as this momentum is growing for digital public infrastructure scaling, we should absolutely be embedding the concept of cross-border data flows and how you harmonize them into that. And then did you want me to say a word about digital public goods? No, sure. Okay. We also want to give a floor, you know, the questions. Yeah, of course. So just very quickly, these two, DPI and DPG in my world are often kind of used together and sometimes conflated. And a digital public good is really an open solution that can be reused and improved by different countries. And it’s improving an increasingly popular way to build digital public infrastructure. And it’s interoperable and designed, you know, with privacy in mind. So it’s got some challenges, but a lot of upside.

ATSUSHI YAMANAKA:
Thank you so much. I think the benefits of actually the DFFT and DPI and DPG, I think we all agree on that. But how can you, Gordon, how can you actually, you know, like developing countries could put together voices together so that they could really shape the discussions and have a meaningful input, which would, you know, which would benefit actually developing countries? How can you actually put these voices together? And then I promise you I’ll open up the floor after him.

Gordon Kalema:
Thank you, Ashish. And I feel like at this stage I would love to hear more from the audience. But just to shed light on two things, which crossed my mind with your question, you know. and again in a way to summarize, going continental, allowing data to flow across continents, across the globe, I think one of the ways is to leverage the support from countries, first of all, and then international organizations to put in place common protocols, tools, and processes, and frameworks, or policies. That’s very key. Every time you want to engage a country or an external organization that involves two countries, often the discussion around laws and policies comes on top. So as we think through how to build a strong data ecosystem that is going to be much more sustainable, we need to be intentional again in the way we create those policies that are going to make everyone comfortable countries. And thankful, we are here in a forum like this. We need more of these forums. We need more discussions. We need to see the role of private sector, which was my second point. In my earlier remarks, I dealt much on what the government is doing, but I would love to this time pass the challenge to private sector. What is it that you can do? How can you help emerging economies to be strong in terms of tools, in terms of processes, in terms of policies? And also, what we’ve learned as something that is important is to drive this conversation with useful tools. You know, every time again, one of the easiest ways to get people to understand the value of data is when you have a tool that is part of with data being used. So we need to have a deliberate focus on promoting more innovations as countries. We need to see private sector, academia, organizations, companies, come work with governments and specifically emerging economies to tap into those opportunities to create very transformative digital tools that are going to help people. And with that, then the discussion around allowing data to flow, releasing data from different ministries, could be health, could be agriculture, could be education. The discussion is going to be much more easier. So in a nutshell, I think for us we’ve had our own test as a country. This is an open invitation to everyone that is here. We have much more welcome to Rwanda. Come, let’s have this discussion. Let’s create champions on different platforms. Sometimes it works when you create champions. I’m not going to be shy to say that Rwanda is happy to be a champion. We are more than happy to be that. So anyone here in the room, you’re more than welcome to visit Rwanda, the land of a thousand hills. We are focused on data. Thank you.

ATSUSHI YAMANAKA:
Well, thank you for the promotions of Rwanda, by the way. But as I promised, I will open the floor for questions. Oh, yeah. Well, people are. So, please. Yes, yes, please. Actually, you have to stand over there to the mic. Otherwise, well, we have so many questions. I’m not sure if the organiser would allow us actually to entertain so many…

Audience:
questions, please go ahead. Hi everyone, my name is Shilpa, I am a researcher at University of Melbourne and my focus of my research is cross-border data and I also work on open government data and I come from India and I found really interesting your point that you know you were giving, you’re talking about DPI’s coming from India, especially India’s stack and Aadhaar problem. I mean Aadhaar, we started with like the UPI system, digital internet identity systems etc and after doing that you know in between we had the problem of privacy and problem of like what if the government is surveilling us, what if they’re misusing the data and then we had this one judgment which set up the privacy standards for us because as far as people know that you know India just came out with the Data Protection Act before that we didn’t have, we had like set total rules and policies but then now we have a completed, I mean like before that you know it was this judgment which basically laid down guidelines for us and it limited the access of this data, right. It did not talk about like sharing of data even among the government organization, forget about sharing with outside of India. So that’s one point that I wanted to clarify and the question is, sorry, it’s just a point I wanted to make. I find this panel really interesting because you know you’re talking about cross-border data and open data, like why do you need to talk about open data when we’re talking about cross-border data because data can flow but it doesn’t need to be in a data set. I mean like who are we helping if we’re creating data sets? Are we really helping governments? Are we really helping domestic industries? Are we helping giant corporates like Google? So I think the panel maybe got a little, I don’t know, I was seeking some clarity but but I never got it. So I thought like, I’ll just give you this opportunity.

ATSUSHI YAMANAKA:
So the question is the clarity between the open data as well as to the free flow of data. I think we, who do you want to actually ask the questions to be fair to?

Audience:
I mean, anyone can reply. And then, you know, I just wanted to like give you this food for thought that, you know, I hope you know that, you know, we have this massive problem of privacy invasion and predictive advertising, which is about collecting as much as data as possible by corporates or that. They can sell us more products and services even when we don’t want it. So when we talk about like creating data sets and giving it outside the border, who are we really helping at this point?

ATSUSHI YAMANAKA:
No, thank you so much, actually. So maybe we can actually have a few questions because otherwise we will never finish and they’re going to kick us out. So please, actually. So the question number one is the difference between open data and the DFFT. And question number two.

Audience:
Hello, everyone. My name is Tevin Gitonga and I work actively on the topic you’re talking about. I work for a development agency. That’s the German Development Corporation. And I work on, I had a data governance team and I’m from Kenya where I was basically hired to figure out how does a development agency work with a data protection authority. And that’s what I’ve been doing for the last two years. And one of the things that I maybe I was curious about is a few, like two weeks ago, we had an interesting event where we brought about the East African data commissioners together. Unfortunately Rwanda wasn’t there, but we had Uganda, Tanzania, Uganda, and the discussion was on data flows and exactly what you’re discussing here. And perhaps what I’m trying to figure out and maybe you can help me figure out my assignment is what’s the best option? Because we had the data commissioners, we had private sector, both international and local, we had civil society, and we were trying to discuss what’s the best option? for an emerging economy, because what was clear was for the developed economies, there are different versions. There’s the Data-Free Flow with Trust, I think led by Japan and the EU. There’s the CPBR by the US. There’s also the Chinese version of closing all the data. And perhaps what I’m trying to figure out is do we need a new version for developing countries? Which version aligns best to economies that are at very different levels growing? There are laws that are very different levels from, I’m talking about ground lessons of what I do on a daily basis here. Things are very different. We have, for example, in Africa, the AFTA that’s coming up that has a whole clause on digital trade. And perhaps, so my question is what is the suggested solution? So the question is, so what, should it be actually a new set of rules for developing countries? Yes, that’s a good question. Okay, so please, actually, very concise. I will give you like 30 seconds for the questions. What do you think are the risks of taking a deductive global approach to global frameworks, global rules, global protocols? I see a tension between the way the abstract question is being framed about balancing protection against free flow with the kind of very specific needs and examples we’re hearing from people like this gentleman. What that balance looks like will be different in every case infinitely depending on which countries, what type of data, what the incentives are in the market for private companies, what the culture is, social trust, digital literacy, media access, all of this. And if we want, as you said in Rwanda, the solutions to be economically sustainable and driven by need, is it a mistake? Are there risks, either practical or normative in pursuing global frameworks?

ATSUSHI YAMANAKA:
Thank you, so the question is the risk of deductive approach protections versus free flow information. All right, go ahead.

Audience:
Thank you very much, my name is Taichiro Fujino, I’m a fellow here over at JPNIC. address in Japan. My question is about a mechanism for building trust in multilateral environment. In general, trust in security and safety will be achieved by a norm, standard, and importantly a law enforcement. For instance, when Google leak my information, then I can accuse Google or maybe Google will pay fine to my government, so that’s really easy. But on the other hand, in multilateral environment, we need to trust that the counterpart will delete or do something for me. So my question is, again, what is the mechanism for building trust in DFFT or multilateral environment? That’s all. So the question is mechanism of creating trust in the DFT. Okay, perfect. And then? Okay, thank you very much. I’m Ibrahim Mohamed Mohamed from Nigeria, a digital asset officer from Office of National Information and Technology Development Agency as a scholar, as well. We have had, it is crucial, important when it comes to data, privacy, security, but my concern is I have not had like transparency when it comes to processing the data. Because for you to end trust, there is need for you to explain to us how you utilize our data, how it’s being processed. So that’s my concern.

ATSUSHI YAMANAKA:
Okay, the question is, how can you ensure transparency in the data to end trust? Yes. Okay. Please.

Audience:
Hello, I’m very interesting panel. Thank you so much. My name is Minako Morita-Yaga, University of Sussex in the UK. My question is, what kind of data governance is suitable to achieve DFFT, especially for development? The reason I said that is I observe that ignoring the different type of data governance existing in the world is DFFT is not achievable. Let’s say there are three types of data governance in the world now, the market-driven type. type, which the US is promoting, and then on the other hand, human rights-centric approach, which the EU is promoting, and then state-driven data governance, which China is promoting. And I observe so many developing countries are following China, that state-driven approach, where so many of them are strictly measurement of the local requirement, or the open source code requirement, and so on. And without discussing it, I think DFFT is impossible. Thank you. So the question is, what kind of data governance models that should be available, based on these three. So, 30, 10 seconds. Hello, my name is Hassan Habib. I’m from Djibouti. I’m also a JICA scholar. So my question is about the use, like how you want them be more included in such kind of process, how the opportunities that you perceive are like you saw for this kind of in the DPI and the data public, so thank you so much. Sorry, how are the opportunities of using DPI? Yeah, like include… Oh, for the use. Yes. So what are the, okay. Sorry, please. Yeah, hello. I’m Javier Ruiz from Consumers International. I have very brief comment, which is that I hope that the next time we have a panel talking about consumers, we have more consumer organizations there, because I’d be like a panel on gender, not having any women would feel a bit weird, you know, so hopefully for the next one, we’ll get more representation from a broader constituency. My question is actually mainly for Jean-Jacques and Google, because Google is supporting CVPR quite publicly. Your previous council last year came out, but one question is like, are you certified and with the previous APEC regime? And it’s not like particularly the question is, we’ve been, I was looking at the… reasons why companies sometimes don’t certify and there are costs, but also the fear of the audit, you know, that you actually have to open up your systems, you know, and that’s, it would be interesting, you know, from a very large company, how do you see private certification working, you know, as a scalable global thing, you know? If, as I understand, you haven’t actually certified in the system that you’re proposing, and then the, but more importantly, do you think that actually the FTC and other governments in the world are actually struggling to deal with Google, that a private certification agency in a small country will be able to actually handle any issues? The issue is basically, how can you actually see the private certifications, especially in the European countries? Well, how can you deal with private certifications when the FTC is struggling to deal with Google? How can a small private certification agency, I mean, I think it’s a very interesting, it’s important because not in every country you have a state, a good state infrastructure to make companies accountable, but for a small private companies, you know, it may be hard to actually deal with a company like Google. Thank you. So, yes, so Chrissy,

ATSUSHI YAMANAKA:
I think I also give like a few, can you actually summarize some of the questions so that we can throw out the panels here?

Chrissy Martin Meier:
Absolutely. We had a few questions on data localization, which I think were perhaps answered in the discussion, but I will say in between, how do we, but, you know, have data localization without making fragmentation more serious? What is the role of the organization spearheaded by Japan called the Institutional Arrangement for Partnership, the IAP? Another question on how does the SWIFT system and the new financial transaction system spearheaded by the BRIC member nations going to fit in to all of this? Same with the country-led efforts to have their own digital currencies, CBDC, how will that fit? Those are the main questions from the audience. Thank you, Chrissy. So I will stop the questions here.

ATSUSHI YAMANAKA:
So can I actually answer, I think there’s questions about the governance models. Anyone would like to actually take the questions on that?

Kathleen McGowan:
Okay, so I completely agree with that paradigm, the global sort of landscape that the professor laid out, and I would say that’s exactly why there’s a need and an opportunity for countries to take a fourth way, right, especially emerging economies that have a lot to benefit from thinking about data as a strategic asset. They don’t need to follow the full-on laissez-faire model of the U.S., but I would certainly hope that there are options that are better for the economy and better for society than following a state-driven approach.

ATSUSHI YAMANAKA:
Transparency for data, and the rule of law for new rule of law, would you like to take it? Okay, so, Jean-Jacques?

Jean-Jacques Sahel:
Yes, so yes to transparency, obviously with a lot of detail underneath that could be discussed. I think just linking it to a couple of the points that were made by other people in the room, we do, even though there are certain different systems, there are some basic elements that I think most people would agree with in terms of what does good look like in terms of both privacy and security, and I think transparency is part of that. And we shouldn’t shy away from, there was a question about global versus local, right? It’s very difficult to get to a full global solution very quickly, but you can start by building bridges between certain countries and hopefully grow. If you look at the, it’s not a perfect comparison, but still, in the security world, we’ve seen some good standards emerge over the years, ISO type standards for cybersecurity that are now pretty well accepted. frankly, worldwide. I don’t think there’s any reason, apart from there are cultural differences here and there, as I’ve mentioned before, but I still think that we can get to a situation where you have at least a pretty good baseline of good practices in privacy, as well, in a similar way as what we’ve seen happen with security. So it’s going to take some more work, but I do think it’s feasible, and I don’t think it has to be a different system for developing countries versus developed countries, because actually, that’s a big risk of having disparities in perpetuating disparities.

ATSUSHI YAMANAKA:
I think that answers the questions about laws and the governance models, right? And also the transparencies, and then also certifications, as well, I think. I’m sure there’s more people who want to talk about it, but I think that’s also part of the answers. Would you like to actually add on that?

Gordon Kalema:
Yeah, just two things. One, there is a question which caught my attention around the role of the youth. I think it came from you. There is something we are doing back home, and realize that actually, every time you have the kind of population where over 70% are the people that are below 35 years, there is a very strong role they can play in terms of leading the way into this industry, I would say. One, because they’re users, they are consumers, they are troublemakers, let me say that. And so, everything you’re doing, could be policies or laws, it is very important to get these people at the center stage. So yes, there is a very strong role of the youth into this discussion. The other one, which I wanted to contribute to, is around the transparency. Again, one thing we’ve learned is that often, people share away, one of the reasons why people are not transparent is because they’re hiding something that is harmful, or they’re just intentionally planning something against you. One thing we’ve learned is that every time could be institutions or organization or a department is you see they’re not comfortable to share data or they’re processing data and the process is not a little bit clear is because of the quality. So every time you’re dealing with low quality data and people are not comfortable to put in limelight the results, then the easiest thing to do is share away and hide. So as we discuss this, I think which is an element we had not talked about, as we attempt to put in place policies, as we attempt to push data to flow, it is very important to build quality data as well because with quality data that’s one of the ways that is going to make people more comfortable to open, even be more transparent. Thank you.

ATSUSHI YAMANAKA:
Thank you so much. They’re going to kick us out. So I wanted to actually get the final words from them but I think they’re going to kick us out because there’s going to be next session. So thank you so much for participating in this very important discussions. Please give a round of applause for the rest of the team and the discussion should continue. Thank you so much. Thank you. Thank you. Okay, okay, guys, I’d really like to take a picture of you guys. Okay, of course. Okay, I’ll take a picture of you guys. Okay, see you. Okay, I’ll take a picture of you guys. Okay, I’ll take a picture of you guys. Okay, I’ll take a picture of you guys. Okay, I’ll take a picture of you guys.