China’s President Xi Jinping (L) and US President Donald Trump attend a working session on the first day of the G20 summit in Hamburg, northern Germany, on July 7, 2017.
Patrick Stollarz | AFP | Getty Images
GUANGZHOU, China — Political tensions between the U.S. and China have thrust technology and supply chains into the spotlight and threaten to fracture the internet.
Over the past few years, a growing chorus of voices have predicted a so-called splinternet, the idea that a kind of two-track internet could appear — one led by the U.S. and one by China.
While there is no unified definition of the splinternet, experts told CNBC’s “Beyond the Valley” podcast, that data is going to play a key part in the scale of any kind of fracturing of the internet that we use today.
“I think the data issue and data governance issue is really going to be the critical thing here in terms of how far … we get a split, splinternet, or some fragmentation of cyberspace,” Paul Triolo, head of the geo-technology practice at Eurasia Group said.
To some extent, the split in the global internet can be seen already. For a while, China has effectively blocked many American technology companies such as Google and Facebook from operating there. In China, the apps people use are very different. Instead of Amazon, there is Alibaba-owned Taobao or JD.com. WeChat is the messaging app of choice for over a billion people. And Beijing forces technology companies to censor content deemed politically sensitive.
But this is just one layer. Having to use different apps is manageable. The splintering of the internet could go deeper to areas such as standards — rules that allow some technologies to work together globally — and data transfer. The latter is one of the most important points and data governance is one area of friction between countries around the world.
Data governance differences
The U.S.’s campaign against Chinese technology companies has focused on accusations that they represent a national security threat because of the way they could handle American users’ data.
For example, in his Aug. 6 executive order threatening to ban social media app TikTok, President Donald Trump said the service collects “vast swaths of information” on Americans which could get into the hands of the Chinese Communist Party.
TikTok is owned by Beijing-based ByteDance. The company has repeatedly denied these claims. But the Trump administration has forced TikTok to come to an agreement which will see Oracle handle American user data to ensure it is not transferred anywhere. That agreement has not been finalized and details are scarce.
This is an example of data localization — where the data of a country’s citizens needs to be stored and processed there. This happens in China too.
But it’s not apparently competing nations and regions where there are frictions over data governance. The European Union, which has moved to regulate data collection and processing practices of companies operating in the bloc, is also at odds with the U.S.
The EU and U.S. had an agreement known as the privacy shield. This is a framework to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States. This agreement is used by thousands of companies.
But the European Court of Justice, the EU’s top court, struck the agreement down earlier this year, saying that it does not adequately protect the privacy of European citizens. The concern in this case focused on some of the laws the U.S. has around surveillance of its citizens. The court was concerned that U.S. law fails to protect people’s personal data from government surveillance in the same way European law does.
‘Club of democracies’
Such fragmentation around data governance principles could lead to factions being created, according to Triolo. He said that he expects the EU and the U.S. to patch up their differences and essentially “get together and … set new standards around data.”
“Any effort to do that will be perceived by China and other countries like Russia as an attempt to exclude counties from a sort of club of democracies that are trying to sort of set the new rule around data,” Triolo said.
“But there does seem to be a lot of momentum behind this because of this fear in many countries that there needs to be at least a common approach to how governments access data … and then the sense that there has to be really high standard around privacy. Then countries that meet that then would be part of the club.”
These new standards could be hard for the likes of Russia and China to meet, according to Triolo.
“And so even though it could be spun as we are setting higher standards and then China needs to meet those, it will be really seen I think as an attempt to really split the internet,” he said.
That could lead to companies operating in the U.S. and Europe under strict data protection standards finding it difficult to operate in China and ultimately pulling out.
“So that process I think is somewhat inevitable over the next several years. This is going to take time, it’s not going to be easy, like switching off a light,” Triolo added.
‘Data neutral epicenters’
Stricter rules around data flows could lead to so-called data neutral epicenters, according to Abishur Prakash, a geopolitical specialist at the Center for Innovating the Future (CIF), a Toronto-based consulting firm.
He referenced the TikTok deal that is still being negotiated. As it stands, a new U.S.-based entity called TikTok Global will be set up. Oracle and Walmart will own 20% of that. ByteDance said it will own the remaining 80%. Oracle however contests that ByteDance will have “no ownership” of TikTok Global.
ByteDance said it will not transfer its algorithm or technology to Oracle as part of the deal.
Prakash said that could mean at some point, ByteDance’s algorithm has to access the data in the U.S., even though the whole point of the deal is to stop American data from interacting with China.
This could mean that some countries begin to play a middle-man role.
“This then leads to the geopolitical possibility that we are now going to have what I call, data neutral epicenters, that we are going to have certain nations, such as … Singapore or the UAE, that become neutral settings where nations store data, certain types of data, that can then be accessed by other countries and companies,” Prakash told CNBC’s “Beyond the Valley.”