The President signed H.R. 5430 into law on January 29, 2020, implementing the United States-Mexico-Canada Agreement (USMCA). The new trade deal replaces the North American Free Trade Agreement (NAFTA) and includes protections for cross-border digital trade of benefit to the insights industry.
The Insights Association supported the trade deal and implementing legislation “because of USMCA’s essential improvements to digital trade,” as we explained in a letter to the Senate on January 6. “Marketing research and data analytics relies upon the ability to move data, including across national borders.” IA continues to appreciate the White House’s “focus on reducing barriers to cross-border digital trade, exemplified by USMCA.”
Legislation to implement USMCA had to be passed by Congress in order for the trade agreement to go into effect. The United States-Mexico-Canada Agreement Implementation Act (H.R. 5430) passed the House by a 385-41 vote on December 19, 2019. The Senate passed H.R. 5430 by an 89-10 vote on January 16.
“Our members in the marketing research and data analytics industry, located and operating across North America, eagerly anticipate more business opportunities resulting from the digital provisions in this trade deal,” commented Howard Fienberg, VP Advocacy for the Insights Association. “We’re looking forward to an easier environment for working across national borders and greater regulatory certainty.”
Details for the insights industry in the digital trade deal
USMCA’s provisions forbid restrictions on cross-border data transfer and requirements for data localization. They also promote the adoption of federal privacy legislation along the lines that IA is seeking with the Privacy for America coalition.
In the USMCA’s digital trade chapter, Canada, Mexico and the U.S. all agreed that they “recognize the economic growth and opportunities provided by digital trade and the importance of frameworks that promote consumer confidence in digital trade and of avoiding unnecessary barriers to its use and development.”
The three countries recognized “the importance of adopting and maintaining transparent and effective measures to protect consumers from fraudulent or deceptive commercial activities… when they engage in digital trade” and agreed to “adopt or maintain consumer protection laws to proscribe fraudulent and deceptive commercial activities that cause harm or potential harm to consumers engaged in online commercial activities.” They also recognized “the importance of, and public interest in, cooperation between their respective national consumer protection agencies or other relevant bodies on activities related to cross-border digital trade in order to enhance consumer welfare,” so the USMCA signers affirmed that cooperation on consumer protection “includes cooperation with respect to online commercial activities.”
USMCA included an agreement that each country “shall adopt or maintain a legal framework that provides for the protection of the personal information of the users of digital trade. In the development of this legal framework, each Party should take into account principles and guidelines of relevant international bodies, such as the APEC Privacy Framework and the OECD Recommendation of the Council concerning Guidelines governing the Protection of Privacy and Transborder Flows of Personal Data (2013).”
The “key principles include: limitation on collection; choice; data quality; purpose specification; use limitation; security safeguards; transparency; individual participation; and accountability. The Parties also recognize the importance of ensuring compliance with measures to protect personal information and ensuring that any restrictions on cross-border flows of personal information are necessary and proportionate to the risks presented.”
Although all three countries agree to pursue data privacy protections, each also must “endeavor to adopt non-discriminatory practices in protecting users of digital trade from personal information protection violations occurring within its jurisdiction.”
USMCA does not require complete harmonization of the three countries’ data privacy regimes, but they are supposed to “encourage the development of mechanisms to promote compatibility between these different regimes. The Parties shall endeavor to exchange information on the mechanisms applied in their jurisdictions and explore ways to extend these or other suitable arrangements to promote compatibility between them.”
The USMCA signers may not “prohibit or restrict the cross-border transfer of information, including personal information, by electronic means.” This “does not prevent a Party from adopting or maintaining a measure inconsistent” with those requirements if it “is necessary to achieve a legitimate public policy objective, provided that the measure: (a) is not applied in a manner which would constitute a means of arbitrary or unjustifiable discrimination or a disguised restriction on trade; and (b) does not impose restrictions on transfers of information greater than are necessary to achieve the objective.” If a measure “accords different treatment to data transfers solely on the basis that they are cross-border in a manner that modifies the conditions of competition to the detriment of service suppliers of another” country, that measure would violate USMCA.
One of the most important aspects of USMCA for the marketing research and data analytics industry is the prohibition on data localization requirements: “No Party shall require a covered person to use or locate computing facilities in that Party’s territory as a condition for conducting business in that territory,” according to the deal. Data localization requires companies to store and/or process data on local servers, driving up costs, reducing efficiency and data security, and solidifying a nexus for tax and other regulatory responsibilities. Such data localization requirements reduce American jobs and investments and limit our global market share, so IA is particularly pleased to see such requirements prohibited by USMCA.
“Recognizing the global nature of digital trade,” the USMCA trade partners agreed to “encourage development by the private sector of methods of self-regulation that foster digital trade, including codes of conduct, model contracts, guidelines, and enforcement mechanisms.” Such methods are key parts of the new federal privacy legislative model we’ve put forward with Privacy for America.
In conclusion, the USMCA’s digital trade provisions meet many of the goals set out by U.S. Trade Representative Robert Lighthizer in renegotiating NAFTA, as urged by the Insights Association during his confirmation in 2017.
What’s next for USMCA?
Already ratified by the Mexican Senate, and now officially approved in America, the USMCA’s final requirement is approval by the Canadian Parliament, which will likely come in the next month. According to Politico, “Canadian Prime Minister Justin Trudeau lost his legislative majority in the October election, but the country’s Conservatives are expected to lend Trudeau’s Liberal Party enough votes to pass the deal.” Then, all three nations need to meet all requirements outlined in the deal before USMCA can take effect (which may take several months of work behind the scenes).
NewsGovernment AffairsHoward Fienberg, CAE – The Insights Association