More U.S. companies push back on foreign must-store-data-here rule

Linkedin recently threw in the white towel on operating in Russia.

Unwilling to go along with Russian authorities’ order to store all Russian users’ data in the servers in the country, the social networking company chose to abandon the market rather than comply with the law.

The site, which served about six million Russian users, was blocked in the country in November shortly after a Russian court ruling sided with the government's communications regulator.

The Linkedin case is perhaps the most prominent example of an emerging legal and trade trend worldwide in which multinational companies are required to store and process country-relevant data locally.

U.S. companies have lobbied and pleaded with foreign governments to relax data restrictions with little success. Most recently, the issue became a priority in the Trump administration’s trade negotiations. President Trump recently listed the issue as one of his demands in the upcoming renegotiations for the North American Trade Agreement.

Seeing data as a desirable currency and a tool in wielding economic and political power, dozens of countries, including China, Russia, Germany, Turkey, Belgium, Brazil and South Korea, have enacted data-must-stay laws in recent years with varying degrees of severity.

Not surprisingly, U.S. companies, especially the ones that handle large amounts of data, are concerned. Cutting-edge tech firms worry about having their intellectual property, such as source codes, stolen. Having to store data locally is expensive for small to midsize companies that have to find local server vendors, says Josh Kallmer senior vice president for global policy at the Information Technology Industry Council (ITI).

More broadly, measures that inhibit companies to invest abroad stifle jobs and innovations, the rule’s opponents say. Restricting data movement can also erode the Internet’s vitality in the long run. For example, Americans can no longer look up prospective Russian suppliers or customers on Linkedin.

“Part of what made the Internet always great and the reason why it’s blossomed is because it was always decentralized and not subject to heavy-handed regulations,” says Omer Tene, vice president of research and education at International Association of Privacy Professionals. "The concern is that the Internet will be splintered into islands.”

Data flowing through international borders generated $2.8 trillion in value in 2014, according to a study by the McKinsey Institute.

“Data needs to flow to create value,” says Nigel Cory, a trade policy analyst at the Information Technology and Innovation Foundation. The data restriction rules make U.S. companies "less efficient and less competitive.”

The rules could also hurt the countries that enact them. Australia requires all health data to be stored in the country. And that would discourage, say, IBM from selling its artificial intelligence platform Watson to hospitals in Australia. "Australia is then cut off from the innovative services. IBM is not going build super-computers in every market," Cory says.

More: Leaked email suggests HBO willing to haggle with hackers

China’s data-localization policies would cost the country as much as 1.1% of its gross domestic product, the European Center for International Political Economy estimated in 2014.

China is seen as a particularly stringent enforcer and purveyor of the rule. Its blocking of some prominent American sites, such as Google and Facebook, and other sources that are critical of the Chinese government is well-known. But in 2016, China tightened its data rules by enacting a new cyber security law that forces foreign companies in more sectors to store data in the country, says Courtney Bowman, a cyber security attorney at international law firm Proskauer.

While cyber security may be a purported reason, the real motive of China and others is more mixed. Locally stored data eases the governments’ work of citizen surveillance. Companies fear having their local data used by law enforcement or political groups for illegitimate reasons.

“What they see as legitimate doesn’t translate to any one of us in democracy,” Tene says, referring to China, Russia and Turkey’s data rules. “If you think they’re driven by privacy, security and human rights, no.”

Locally-stored data has also morphed as a trade and protectionism issue. Cloud computing and “big data” analytics have emerged as essential tools in the global economy. The race for innovation has driven companies to seek advantages -- often with their government’s help. And it could even mean trade secrets spilling into competitors' hands.

More: Is a lost hotel card key a financial risk? We found out

"It's absolutely the case that companies -- many of whom are in the tech sector -- believe and will say that the legal obligations to locate data and expose data to their Chinese joint venture partners cause valuable, intangible stuff to get into the hands of the Chinese," ITI's Kallmer says.

Meanwhile, LinkedIn, which is owned by Microsoft, has no plans to return to Russia unless data laws change. The fact that the market is relatively small, compared to its exposure in China or Europe, makes that decision easier.

“LinkedIn’s vision is to create economic opportunity for the global workforce," it said in a statement. "We have been unable to reach an understanding that would see them lift the block on LinkedIn in the Russian Federation. LinkedIn will continue to be available in the Russian language, and we hope that we are able to restore service in Russia in the future.”