This article explores
the technical and legal complexities surrounding the regulation of cross-border
data flows, including through data localization measures and source code
disclosure requirements, within the World Trade Organization (WTO) legal
framework. Despite these issues initially being central to the WTO’s Work
Programme and the Joint Statement Initiative (JSI) on ecommerce, no consensus
could be reached on how they should be regulated at a multilateral level. The
article explains how these issues fit within the current WTO rules and proposes
options for future multilateral cooperation on these issues. This proposal
takes into account significant differences in how data-related subjects are
addressed under domestic law of the key players on the global digital market,
such as the United States, the European Union (EU), and China. It also
considers these Members’ very different interests in multilateral and regional
negotiations on data governance.