Data flows continuously across national boundaries. The current model of regulation for data privacy, an essential component for safe data flow, relies impractically on jurisdiction-specific rules. This practice impedes the benefits of data, which are increasingly a necessary and integral part of day-to-day life. A look at the history of data privacy reveals that this practice is rooted in an ill-fitting adoption of privacy standards set in the period after World War II. Europe was reeling from the Nazi regime and intent on keeping the government out of the home and personal communication. Analogies between these traditional protected areas and the contemporary transmissions and use of personal data are unsatisfying—and lead to unsatisfying policy. Traditional privacy jurisprudence must be better reconciled with rapidly advancing technology and globalization.
This Note proposes reframing transborder data privacy as trade. This step would transition the regulatory model away from a jurisdiction-specific set of rules to an internationally shared set of standards that better reflects the immediate mobility of data in the cloud. The U.S. and European systems, while formally divergent enough to cause these problems, are in fact grounded in common principles that would serve as a base for an international agreement on transborder data privacy. Though political opposition to shared standards may be currently insurmountable, this Note nonetheless concludes that an international trade framework would more effectively harness the benefits and mitigate the risks of transborder data flow.