Main session: Governing data & protecting privacy

30 Nov 2022 12:35h - 14:05h

Session page

Event report

The rise of digitalisation has made capturing, storing, and transmitting personal information easier and faster across the globe. According to the Digital Economy Report 2021 by the United Nations Conference on Trade and Development (UNCTAD), 72% of countries across the globe have data protection legislation. The question, however, is whether this percentage suffices for the effective protection of personal data. 

The main issue covered in this session was the ‘paper vs reality’ situation of data protection from a multistakeholder perspective, while taking into account the current threats of data flows. 

According to UNCTAD’s 2021 report, cross-border data flows can bring many benefits beyond the economic ones, but their even distribution across countries should be ensured. Continuing to have two main front runners, such as the USA and China, will increase the risk of developing states becoming mere providers of raw data to global platforms. 

In regard to the threat of fragmentation in digital space, it is significant to ensure a more balanced approach that is more inclusive, respects the protection of human rights, and allows free data flow. This can only be achieved if international cooperation is enhanced, and where states would address current data flow challenges. Considering that some countries are still marginalised, the UN can play a key role in bringing all countries together in achieving multilateral global governance.

At the same time, the existence of data protection legislation does not guarantee their effective enforcement. This is because countries may have data protection legislation, but one that does not cover the challenges faced in the digital world. Therefore, it is important to ensure effective enforcement, while also addressing the violations of data protection rights and their consequences, as 1,9 billion people were cut off from the internet in the first half of 2022.

From a human rights perspective, it is significant not to look at data protection as a matter of convenience, but as a basic human right. The 2018 report by the Office of the UN High Commissioner for Human Rights (OHCHR) established minimum data protection requirements that states must adopt. This includes the legal basis of data processing by an authority, the need for their processing, and that data is managed proportionately. The new challenges that have emerged, especially from artificial intelligence (AI) and virtual reality (VR), call for the need of drafting better laws.

Additionally, the vague language used in the legal framework for data protection does not guarantee effective protection. From a civil society perspective, it is important to ensure that these legislations are drafted in a way that is understandable, non-discriminatory, and accessible to everyone. 

It is understood that there is a need for effective data protection legislation on an international level that will have a holistic approach to data governance. At the same time, even if we were to adopt an international legal framework, enforcement would still differ from country to country.

By Bojana Kovac


The session in keywords

WORDCLOUD Main Session Governing data protecting privacy IGF2022