Secret trade negotiations revealed by WikiLeaks show the US trying to head off moves to protect citizens' data from US control.

While the Trade in Services Agreement Financial Services Annex document leaked overnight doesn’t quite justify some of the headlines it has attracted, there is plenty in the draft that is deeply concerning.

The draft was released by WikiLeaks, which also released a working draft of the Trans-Pacific Partnership last year. Julian Assange and his tiny staff might be hampered by his embassy exile and have not repeated the kind of hammer blow to secrecy of Chelsea Manning’s cables and videos, but they’re still putting traditional media outlets to shame.

What the FSA document does is propose the freezing of financial regulation, and a kind of downwards ratcheting — if Australia chose to liberalise its four-pillar policy, for example, the agreement would prevent us from restoring the status quo ante. Moreover, as Professor Jane Kelsey of the University of Auckland points out in an accompanying analysis, Australia has adopted a different position on freezing, or “standstill”, as the draft calls it, to the United States and the European Union: Australia wants standstill to apply from the moment the agreement comes into force, not right now, giving it time to introduce further financial regulatory measures.

But as Fairfax’s Peter Martin correctly explains today, the draft inserts an international dispute resolution clause that would allow other states and companies to take disputes out of Australian courts, a direct infringement of Australian sovereignty the Coalition, normally hot to trot on protecting all things border-related, appears to have no qualms about.

A related and potentially even more serious issue is what the draft proposes for personal financial data. The United States is seeking to use the draft as a pre-emptive strike against data sovereignty moves in the wake of the Edward Snowden revelations. It has proposed:

“Each Party shall allow a financial service supplier of another Party to transfer information in electronic or other form, into and out of its territory, for data processing where such processing is required in the financial service supplier’s ordinary course of business.” Thanks for signing up We look forward to seeing you bright and early with your need-to-know talking points and tidbits for the day ahead. Get Crikey FREE to your inbox every weekday morning with the Crikey Worm. Please enter your email address Sign up

Whereas Europe wants to be able to protect data:

“Nothing in this paragraph restricts the right of a Party to protect personal data, personal privacy and the confidentiality of individual records and accounts so long as such right is not used to circumvent the provisions of this Agreement.”

And don’t be misled by a later section on “Treatment of Information” — note how it is worded:

“Nothing in this Agreement shall be construed to require a Party to disclose information relating to the affairs and accounts of individual consumers or any confidential or proprietary information in the possession of public entities.”

That is, the agreement wouldn’t force a country like Australia to hand over data — it would merely prevent it from stopping foreign firms from sending data offshore.

The growing interest data sovereignty by a number of countries has the US deeply concerned — Brazil only dropped a proposed law for data on Brazilians to be kept within the country’s borders at the last minute in March. Not only would such requirements severely affect US cloud providers and companies that are already regarded internationally as, essentially, honeypots for the National Security Agency, but it would also make it more difficult for the NSA and other institutions engaged in mass surveillance to obtain personal information on non-US citizens from compliant US companies. Financial data is regarded as critical by the NSA, and we know that it has worked hard to undermine SSL encryption commonly used in online banking (yet another example of how efforts to make us more secure in fact directly make us less secure).

The key to understanding the US view of data sovereignty and indeed its entire approach to this agreement, the Trans-Pacific Partnership and other trade negotiations is that it simply doesn’t accept that US law should be limited to the US. US courts regard information stored in other countries by US companies as in effect being on American soil, regardless of local laws.

Significantly, Australia has expressed no opposition to the US proposal to prevent us from ever regulating what US firms could send back to the US and into the NSA’s storage facilities.

For all the serious concerns about the draft agreement, there is one section that could only, surely, have been included for comedic purposes. The US has proposed the following text about transparency:

“The Parties recognize that transparent regulations and policies governing the activities of financial service suppliers are important in facilitating their ability to gain access to and operate in each other’s market. Each Party commits to promote regulatory transparency in trade in financial services.”

But what’s this on the second page? The document is only to be revealed publicly “[f]ive years from entry into force of the TISA agreement or, if no agreement enters into force, five years from the close of the negotiations”.

Plenty of transparency there.