“The E-Commerce chapter has serious implications for online privacy,” said Peter Maybarduk, of non-profit consumer rights organization, Public Citizen, in a statement on TPP. “The text reveals that policies protecting personal data when it crosses borders could be subject to challenge as a violation of the TPP.”

Public Citizen says the agreement puts a requirement on countries to allow unregulated cross-border transfer of Internet users’ data and prohibits governments from requiring companies host data on local servers — with what it says is no express protection for privacy and data protection policies to be exempted from the rules.

Rather it says policies would be subject to review by TPP tribunals to determine if they meet what it dubs “highly subjective, restrictive standards”.

This means governments seeking to protect consumer privacy via conditioning international data transfers on compliance with data protection regulations could find their policies exposed to challenges by other governments under the TPP — as well as via extra-judicial tribunals agreed via the treaty’s controversial Investor State Dispute Settlement mechanism.

“In some cases, our data may be vulnerable in another country – to surveillance or marketing abuses — in ways that it is not at home,” continues Maybarduk. “The TPP could limit governments’ ability to protect us against such threats.”