Different kinds of digital devices and apps produce tons of data, from usage stats to security alerts and multimedia content that device users generate. This data has value to various interested parties, including those involved in digital marketing, business strategizing, espionage, and cybercrimes. That’s why aside from securing data, there are also calls for governments to intervene and prevent their citizens’ data from being stored and processed outside national boundaries.

Referred to as data sovereignty, this is the idea that data should be under the control of its users (through their government). For example, American policymakers want to make sure that the data of TikTok users in the USA is stored and processed in data servers located in the US, putting them under American regulation, away from foreign government access and exposure to threats (because of poor data protection regulations and technologies).

This may make sense, but it also creates new challenges for those that collect, store, and use the data. There are benefits in tightening regulations on data storage and access, but there are also valid concerns over them, especially when taking into account the disruption these regulations bring. Here are the answers to some of the most important questions about data sovereignty, especially as it relates to digital marketing.

How does data sovereignty affect cross-country digital marketing?

The main goal of data sovereignty is to empower governments to have jurisdiction over the data of their citizens. This jurisdiction is aimed at addressing critical concerns like privacy, cybersecurity, and data misuse or abuse. It is a controversial move, but it has been gaining ground in many countries because of the increasing cases of state-backed data security and privacy violations, growing nationalist sentiments, and the economic benefits of having data stored locally.

Data sovereignty policies do not necessarily disregard cross-country digital marketing. It makes the process more complicated, though. Instead of having straightforward access to data from an overseas or cross-border location, marketers will have to set up new layers of operations to comply with local laws. Facebook, for example, cannot process the data of its EU users in real-time to guide its advertising strategies because of a recent EU court ruling that prevents Meta from transmitting the data of EU citizens to US or non-EU servers in line with Article 46(1) of GDPR.

This restriction does not prevent Meta from conducting marketing or advertising activities in Europe, but the company has to have its EU team or subsidiary perform the data accumulation and analysis per the region’s laws. The output would then be transmitted to Meta’s headquarters for the corresponding action. Another option is for Meta to also establish an independent or autonomous operation in the EU to more agilely respond to local data and trends. This means more costs and longer processes.

Does data sovereignty prohibit the storage and processing of data outside of the country of origin?

Data sovereignty does not necessarily mean the absolute prevention of the storage and processing of data outside the country of origin, Some companies may be able to cut deals with governments to allow cross-border data transfers. Still, this affects the agility and scalability of multinational digital marketing campaigns. It is a significant hurdle to the activities of companies that operate multi-nationally. It prevents the seamless movement of data across different jurisdictions, thus restricting the ability to personalize marketing campaigns and target specific audiences.

Data sovereignty has similarities with data localization but they are not always the same. The thrust of the former is about having control over the data generated within a country or jurisdiction. The latter focuses on setting requirements to have certain types of data stored and processed within a specific country or jurisdiction. These data may not always be generated within the country of the government imposing the localization requirement, but they usually involve the citizens of the said government.

How much data is affected by data sovereignty?

An Oliver Wyman study shows that around 92 percent of the data in the Western world is stored in the United States. These are mostly data collected by tech companies, social media, and subscription services in particular. For the longest time, American companies have enjoyed the benefits of quick access to data, allowing them to come up with informed business strategies and decisions quickly and efficiently.

The popularity of American digital services in Asia, Africa, South America, and other non-western regions shows the data advantage of many American companies. With many governments now showing keenness to having data sovereignty laws, this advantage is quickly eroding. 

However, this means that local companies or subsidiaries of multinational digital marketing businesses are getting a boost. They are becoming more relevant as companies need them to comply with data sovereignty, localization, and residency policies. This bodes well for local economies, as it forces businesses to use local servers and have local operations for data processing.

Does data sovereignty make data safer and less prone to abuse?

One of the main arguments in favor of data sovereignty and localization is security. For the proponents, their data is safer if it is in their territory and covered by their laws. There have been many complaints about multinational companies abusing the information about consumers in different parts of the world, with some accused of bombarding consumers with incessant ads across different channels. Others have also been accused of selling data to third parties.

For the most part, data sovereignty does make data less accessible to abusers and threat actors. However, this benefit is limited to the kind of laws or policies a country imposes. Requiring companies to store data locally is not enough. There must be existing laws that ensure privacy and make access to this data secure.

Does data sovereignty benefit digital marketers?

While the effects of digital sovereignty regulations usually mean hurdles or constraints for digital marketers, it does help in two main ways: building trust and supporting local marketing industries. These may not completely compensate for the convenience and efficiency of being able to seamlessly access data across borders, but they are significant enough benefits.

Amid reports of high-profile data breaches and privacy violations, it is understandable that many consumers are becoming wary of the data management practices of multinational companies. The data breaches affecting companies like Yahoo, LinkedIn, Facebook, Alibaba, Weibo, and Adobe demonstrate how risky it is to have data that is free-flowing across national borders. Data sovereignty helps allay fears of more breaches, fostering trust and transparency.

On the other hand, being forced to have local operations to lawfully access and process data is a boon to digital marketers in different locations. It helps create more jobs, although many companies may eventually turn to AI-driven automation to become more efficient.

Striking a balance

Cross-border data transfers are essential for multinational companies and marketers that are trying to reach a global audience. Data sovereignty regulations can mean obstacles as they entail complex legal frameworks and the need to negotiate data transfer agreements. These can limit the agility and scalability of global marketing campaigns, adversely affecting the speed and efficiency of reaching diverse audiences across borders. Nevertheless, digital marketers or multinational companies, in general, are quick to adapt.

Data sovereignty may be seen as a hurdle, but innovative and forward-thinking companies know how to find their way around. They can forge industry collaborations and turn responsible data-handling practices into useful tools to unlock the full potential of digital marketing in an increasingly data-driven world.