This week, I focused on comparative law. There are three main visions of data privacy law, digital human rights and Internet law in general, from the EU, the U.S., and China. I examined whether the trajectory of Cambodian law has aligned itself with any of these visions, as well as the state of integration in ASEAN laws.
There are no 1:1 comparisons between any set of laws. The EU and China both have centralized models of Internet law, compared to U.S. federalism and common law system. In the U.S., the divide between federal and state laws will often depend on whether they touch a specific sector, such as finance or health. The EU and the U.S. both encourage certain human rights on the Internet, while China adopts a different view, encapsulated in its idea of "Internet sovereignty," and its political structure.
In the ASEAN, 2012 Singaporean legislation data privacy pre-dated the GDPR's drafting by 4 years, implementation by 6, while remaining similar in scope (123 pages). On the other hand, Vietnam's 2018 legislation resulted in backlash by the business community, is in an uncertain state of enforcement, and there is a pending draft amendment that would reverse policy. In Cambodia, administration by the Ministry of Posts and Telecommunications is gathering momentum; 2015's rather skeletal law is being filled out by regulations such as 2019's eCommerce law, though data privacy is forecast as requiring another 5 years.
Globally, data privacy is showing signs of harmonization, or at least its importance is increasingly recognized. In 2021, China responded to serial corporate data breaches and cyber crime with the PIPL, which begins to resemble the GDPR's ambitions. In 2023, Virginia's VCDPA will take effect. Singapore amended its 2012 law in 2020 to more closely resemble the GDPR. It is doubtless that data privacy, cyber security, and corporate ethics surrounding Internet use have a strong impact on global trade, to say nothing of the pandemic's effects.
The year 2022 has been notable in particular for digital human rights. On January 26, the European Commission published its "European Declaration on Digital Rights and Principles for the Digital Decade." On April 27th, the U.S. Department of State's Bureau of Cyberspace and Digital Policy published its "Declaration for the Future of the Internet," which was endorsed by the EC as well as Latin American and Pacific nations. These documents represent more visions and policy directions than explicit statements of rights. They also pose unanswered questions about the extent to which Internet policy can have a political dimension, and the tension between fractious geopolitics and the global pervasiveness of Internet use. Beyond any limitations, however, they are important progress in international recognition of the Internet's role in human rights.