Data Privacy Role Unclear in Trump’s NAFTA Renegotiation Plan

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Jimmy H. Koo

The scope of data privacy and security in the renegotiation of the North America Free Trade Agreement isn’t clear, even though digital economy issues are briefly mentioned in May 18 letters from the Office of the U.S. Trade Representative alerting members of Congress to President Donald Trump’s intention to revisit the trade pact.

Adding data privacy and security provisions in the trade pact with Canada and Mexico would modernize the agreement to more accurately reflect the scope of commerce in the age of the internet. Doing so would give companies and consumers privacy protection benchmarks as data are transferred from the U.S. to its northern and southern neighbors.

The letters from Robert E. Lighthizer to leaders in both houses of Congress, including Sens. Orrin Hatch (R-Utah) and Charles E. Schumer (D-N.Y.) and Reps. Paul Ryan (R-Wisc.) and Nancy Pelosi (D-Calif.), said that “digital trade was in its infancy when NAFTA was enacted,” and that many chapters in the trade agreement are “outdated and do not reflect modern standards.”

The administration’s letter demonstrates that it is using the need to modernize NAFTA as a reason to renegotiate the agreement, and that “data flow and privacy issues are a prime example of what has changed in the 25 years since NAFTA was written,” Jonathan Meyer, an international trade partner at Sheppard, Mullin, Richter & Hampton LLP in Washington, told Bloomberg BNA May 18.

“Data flows and their accompanying privacy concerns seem likely to be included in any new NAFTA negotiations,” Meyer, previously deputy general counsel at the Department of Homeland Security, said.

However, Meyer said that the letters may signal to Congress that the trade representative “realizes achieving major changes to NAFTA could be difficult.” The emphasis on modernization—rather than changing the basic terms of NAFTA—is a messaging effort, and may be an attempt to lower expectations, he said.

BSA | The Software Alliance said in a May 18 statement that “modernizing NAFTA by guaranteeing the cross-border flow of data would safeguard and expand US commerce and jobs.” NAFTA was negotiated before the proliferation of the internet and lacks proper rules protecting digital trade, BSA said.

Brian Hengesbaugh, data protection partner at Baker McKenzie in Chicago, told Bloomberg BNA May 18 that data privacy and localization provisions requiring companies to store personal data within a country’s borders should be included in all trade deals. Unchecked data privacy laws and regulators “make it more difficult to do business” and causes “cross border digital commerce” to be more challenging, he said.

The USTR didn’t immediately return Bloomberg BNA’s email requests for comments.

Canadian, Mexican Intentions

The U.S. government aims to add new provisions to NAFTA address intellectual property rights and regulatory practices, and establish effective enforcement of commitments, in order to “address the challenges faced by U.S. consumers, businesses, farmers, ranchers, and workers in an increasingly global economy,” the letters said.

The administration intends to start negotiations with Canada and Mexico “as soon as practicable, but no earlier than 90 days from the date of this notice,” they said.

Industry professionals have previously told Bloomberg BNA that Canada would likely agree to include digital commerce provisions in a renegotiated NAFTA. Alan Wm. Wolff, chairman of the National Foreign Trade Council and senior counsel at Dentons in Washington, said that cross-border data flows will be a centerpiece in updating NAFTA.

Mexico’s top privacy regulator said it won’t finalize any strategy for adding privacy provisions to NAFTA until the Trump administration issues a formal proposal on the trade pact’s renegotiation.

Privacy attorneys in Mexico told Bloomberg BNA that privacy protections for personal data should be a top priority in any digital trade discussions, because of Mexico’s stringent individual privacy laws.

With assistance from George R. Lynch in Washington and Daniel R. Stoller in Washington

To contact the reporter on this story: Jimmy H. Koo in Washington at

To contact the editor responsible for this story: Donald Aplin at

For More Information

The full text of the letters are available at

Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Bloomberg Law: Privacy & Data Security