Electronic Frontier Foundation | 26 May 2016
Secret new Internet rules in the Trade in Services Agreement
By Jeremy Malcolm
This week new materials from the Trade in Services Agreement (TISA) were released by Wikileaks, revealing that negotiators from around the world have been continuing to craft new rules that will affect all Internet users, without public scrutiny or consultation. One of the biggest surprises that dropped is a document containing new proposals, mostly from the United States, that will apply to all services. Some of these new provisions are relevant to the Internet and digital rights:
- Article X.3 would prohibit a country from giving preferential treatment to Internet content based on its origin or the nationality of those who created it. This is directed at policies such as the recent European proposal to require Netflix in Europe to carry a certain proportion of European-produced content, mirroring similar existing rules for television broadcasters. We tend to agree that any policy that erects artificial national or regional walls around Internet services is against users’ interests. However, seeking to force new international rules on this topic in a closed trade agreement is both quixotic and exclusionary. There is very little likelihood that the other TiSA parties will accept this without exceptions broad enough to swallow the rule. This particularly applies to Europe, where the protection of local cultural diversity, including through film and television quotas, is unwavering. More importantly, any new rules on Internet content quotas would impact the interests of many stakeholders who are excluded from the TISA discussions, including those of creators, consumers, and platforms.
- Article X.4 would prohibit a country from requiring a foreign service provider to transfer a particular technology or proprietary knowledge to the country where it provides those services, while also prohibiting the country from requiring the service provider to use, or not to use, a particular technology. This text fairly closely follows Article 9.10 of the TPP’s Investment chapter, and on the surface it may seem unobjectionable. But can we safely assume that it will never be a legitimate policy objective for governments to require or to disallow the use of a particular technology in imported products and services? For example, it may be that a national parliament resolves to disallow the use of insecure cryptographic algorithms such as MD5 in imported consumer products, for reasons of protecting end user safety and security. We would certainly want to know more about any such government mandates before welcoming them, but should a closed-door trade agreement be used to prevent such proposals even being placed on the table for discussion by our elected representatives? We think not.
In addition to this new annex, there have been some changes to the existing text, most relevantly in the Electronic Commerce chapter. The changes are noteworthy, but fall short of being significant, and the text remains far from settled. They include:
- Much back-and-forth continues between the parties, reflected in Articles 2 and 4 of the chapter, about how to balance the free flow of information across borders with the protection of personal data. It is notable that six of the parties (including Canada, Chile, and Mexico) are now suggesting that the free flow of information isn’t suited for resolution in a trade agreement at all, simply proposing "The Parties recognize that each Party may have its own regulatory requirements concerning the transfer of information by electronic means." Meanwhile the United States, suffering blowback from its financial services industry over the exclusion of that sector from the Electronic Commerce chapter in the Trans-Pacific Partnership (TPP), notes, "The possible applicability of this Article to financial services is under consideration."
- The provision in Article 6 on "Transfer or Access to Source Code" now contains an important new rider from Japan and Switzerland. They suggest that the prohibition on a party demanding access to product source code of products from foreign service providers could be overridden "to achieve a legitimate public policy objective, provided that such measures are not applied in a manner which would constitute a means of arbitrary or unjustifiable discrimination or disguised a restriction on trade." Although this is something of an improvement, experience in trade disputes under existing WTO treaties shows that there is significant room for disagreement over the interpretation of what is a "legitimate public policy objective".
- The language on "Open Networks, Network Access and Use" continues to be rather messy, and is no closer to promoting meaningful best practice standards in net neutrality than in the previous draft. There are some changes however, including the integration of a previously separate provision on interoperability of governmental online procedures and services, and new proposed language that would require each party to "endeavor not to restrict the ability of service suppliers to supply services over the Internet on a cross-border and technologically neutral basis." It remains difficult to tell exactly how this provision will end up looking, once all of the bracketed text and competing proposals have been resolved.
- There has been some pushback against the text, now in Article 8, on the "Location of Computing Facilities." If changes proposed by countries such as Canada, Chile and Peru are accepted, countries would retain more latitude to adopt national requirements about local hosting of data where these "seek to ensure the security and confidentiality of communications." A similar "legitimate public policy objective" exception is also proposed. These proposals point towards a possible ultimate softening of this provision that will upset U.S. technology companies while failing to make locally-hosted communications any more secure or confidential.
No New Proposals for Users
What remains notably absent from the TISA text are any new proposals that would protect or benefit users, such as a legally binding human rights clause, a provision requiring countries to provide safe harbors from liability for platforms that publish user content, or a requirement that each country has laws for the protection of personal information. Neither is it likely that we will see these, as long as users are barred from the negotiation room.
It can be important to set global standards for the Internet, and sometimes even do so in the form of treaties (like the Marrakesh Treaty). But TISA, like the TPP, is a parody of what an inclusive treaty negotiation process should be, and therefore it’s hardly surprising that this latest leak reveals a draft instrument that fails to address the true concerns of Internet users. The latest revisions tinker around the edges of the previously-released draft, softening some of the most ill-considered proposals, but it remains a flawed agreement coming from an even more fatally flawed process.