Explain the rules and exceptions from GATT and GATTS that would apply and data protection laws / cybersecurity legislation.
Company Accura is a provider globally of cloud services. Country Concerntia has proposed the CLOUD Act. Under this regulation, all cloud service providers are required to store on domestic servers the personal data of citizens of Concerntia. The government of Concerntia wants to ensure that its citizen’s data is protected according to its domestic privacy standards, and in order to increase the cybersecurity of personal data. Concerntia has a single cloud service provider that only operates domestically. Concerntia has entered into a bilateral arrangement with neighboring Country Private which has a similar standard of privacy and cybersecurity and that allows for cross-border flows of personal data without restriction.
Concerntia is a member of the CPTPP and the WTO. Under its GATS schedule CPC 843 and 844, Concerntia has listed “None” for mode 1 for market access and national treatment under CPC 843 and 844.
The Concerntia trade minister has asked you to develop legal and policy arguments based on international trade law that it can use to make the case for adoption of the CLOUD Act and respond to anticipated challenges from Company Accura.
If you need additional information, specify what you need and what assumptions you are you making.