By Huw Jones
LONDON (Reuters) – Personal data can be properly protected without forcing banks to build storage servers in every country they serve, which bumps up costs for customers and dents growth, a financial think tank said in a study on Tuesday.
The London-based International Regulatory Strategy Group (IRSG) said data can be sufficiently protected without “localisation” – the requirement to store data on servers inside the country where it originated.
Localisation has led to clashes between governments and Big Tech like Facebook, Twitter and TikTok, but is also becoming a bigger issue for banks moving customer data between countries.
The IRSG, sponsored by the City of London Corporation and TheCityUK, urged countries to base data protection on a set of common principles by fleshing out existing standards from the OECD, a club for rich nations.
Trade agreements could also be used to stem the need to store data locally it said, citing Britain’s new trade deal with Japan, which contains a shared commitment to allow the free flow of data with no localisation requirement.
The study says banks face a patchwork of national rules such as a ban on exporting data and requirements to keep a local copy of data.
Proponents of localisation say it gives better protection from rogue uses of data by foreign businesses and governments, secures access for local regulators, and ringfences data, which has become a valuable commodity.
“These aims and concerns can be resolved by means other than localisation of data including focussing on assurances around the protection of data rather than localisation, and encouraging cooperation between regulators to avoid the need for legislative measures to restrict access to data,” the study said.
Financial data is becoming more global as the sector rapidly consolidates, with the London Stock Exchange acquiring Refinitiv, and S&P taking over IHS Markit. Refinitiv is 45% owned by Reuters’ parent Thomson Reuters.
(Reporting by Huw Jones; Editing by Kirsten Donovan)