China
Left out of the Indo-Pacific deal, China pushes toward the world’s largest trade deal
CNBC: It came days after the Biden administration launched the Indo-Pacific Economic Framework, or IPEF — a partnership which involves 13 countries, excluding China, as the U.S. seeks to expand its political and economic leadership in the Indo-Pacific region.
The Regional Comprehensive Economic Partnership (RCEP) meeting in the southern island of Hainan underscored analysts’ expectations that instead of reacting to or countering IPEF, China will likely forge ahead with agreed-upon trade pacts and capitalize on ready-to-go tariffs and market accesses.
“China will not take immediate or very targeted measures to respond to the IPEF,” said Li Xirui, a trade scholar at the S. Rajaratnam School of International Studies at Singapore’s Nanyang Technological University.
At the second RCEP Media & Think Tank Forum, held in the Hainan capital of Haikou the weekend after IPEF was announced, non-government trade experts across the region gathered to discuss more ways to expand trade within the bloc.
RCEP includes China and the 10-member ASEAN bloc, together with Australia, Japan, South Korea and New Zealand.
Led by the Hainan government, the meeting also marked another provincial effort to meet Beijing’s wider strategy of implementing RCEP since its launch at the start of this year.
“Consistent with its support of multilateralism and globalization, China is likely to continue promoting the adoption of RCEP as this grants member states huge market access, which IPEF lacks,” Li told CNBC.
She said China would likely respond to the U.S. on any of its future Asia-Pacific economic forays by expanding its economic dominance in the region and growing its trade under the RCEP.
Beijing would also focus on its applications to join other large-scale trade deals including the second-largest global trade pact, the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP) and the Digital Economy Partnership Agreement (DEPA), Li added.
Global Cross-Border Privacy Rules Declaration
WONK OF THE WEEK
Politico: IT’S ALL DATA FLOWS for this week’s edition, and for that, we’re focusing on Shannon Coe, director of global data policy at the U.S. Commerce Department’s International Trade Administration. Her main job, right now, is to shepherd the creation of a new global data protection regime, based on principles from the Asia-Pacific Economic Cooperation (APEC). More on that here.
The law-trained privacy expert has spent most of her 14 years at Commerce focused primarily on Asia, though she did help out with the negotiations surrounding the 2016 EU-U.S. Privacy Shield (which subsequently got invalidated). But most recently, her focus has squarely been on making APEC’s regionwide privacy regime a success — critics, I should add, say it’s been a failure.
“It’s becoming increasingly complex for businesses to comply with all these different regulations,” Coe told me in reference to the proposed Global Cross-Border Privacy Rules Declaration, an effort to create a way for countries to share data with each other. “That’s what this global forum is meant to address. It’s meant to provide a sort of scalability, which is what regulators, governments and companies are hungry for.”
EU
France’s data watchdog warns over illegal use of Google Analytics
Techcrunch: France’s data protection watchdog, the CNIL, has issued updated guidance on use of Google Analytics following a decision earlier this year that found a local website’s use of the tool to be in breach of European Union law.
It has also confirmed that it has since issued formal notices to other organizations to bring their use of Google Analytics into compliance.
The legal issue — which does not just affect use of the popular analytics tool in France but across the entire EU — hinges on user data being transferred to the U.S. for processing by Google — an export of personal data that lacks adequate legal protections in the wake of a 2020 decision by Europe’s top court that invalidated a flagship data transfer agreement (aka, the EU-U.S. Privacy Shield) over the risk of unlawful access to Europeans’ data by U.S. intelligence agencies.
Since then, the EU and the U.S. announced (in March) a political deal on a replacement transfer mechanism.
But, as the CNIL notes, their joint statement is not a legal framework and cannot be relied upon by users of U.S. cloud services that take Europeans’ data over the pond for processing ahead of an actual replacement deal being formally adopted by the EU — which the Commission has suggested may not happen until the end of the year. (It will also almost certainly face fresh legal challenges to test whether the deal is just as flawed as the earlier ones, as data protection experts suspect.)
So the bottom line is EU websites can either make changes to their use of Google Analytics or risk regulatory enforcement — which could include an order to amend their processes and a financial penalty for being in breach. And it’s likely that the risk of fines for non-compliance is stepping up now that regulatory guidance on the issue is getting more detailed because it means there are fewer plausible excuses for not having made the necessary changes.
“All data controllers using Google Analytics in a similar way to [already notified] organizations must now consider this use as illegal under the GDPR. They must therefore turn to a service provider offering sufficient guarantees of conformity,” the CNIL warns in the guidance [which we’ve translated from French with machine translation].