The globalization of supply chains and the rise of digital technologies have made cross-border data flows central to international trade law. At the same time, growing perceptions of data as a national security concern – commonly referred to as ‘data securitization’ – have led states to adopt restrictive measures, including cross-border data flow regulations and local storage or processing requirements. This article examines how international trade law can and should address such measures and the balance it strikes between facilitating data flows and safeguarding national security. It first surveys national approaches to restricting cross-border transfers, highlighting both divergences and common patterns in the regulation of personal and non-personal data. It then analyses exceptions in preferential trade agreements (PTAs), focusing on Essential Security Interests (ESI) and Legitimate Public Policy Objective (LPPO) exceptions. The analysis shows that while these exceptions take different forms, each faces certain limitations, reflecting an inherent trade-off between respecting states’ discretion to safeguard security interests and ensuring predictability in trade relations. To address these limitations, the article proposes avenues for international cooperation: enhancing regulatory transparency, ensuring legitimacy and effectiveness of government access to privately held data, and developing shared understandings of national security concerns and data governance measures. By combining legal safeguards with cooperative frameworks, international trade law can better reconcile the tension between safeguarding security and enabling cross-border data flows.
Journal of World Trade