INFOGRAPHIC
The Sovereignty Spectrum: Digital Sovereignty through the Prism of Global Law and Policy
This infographic provides an illustrative depiction of how digital sovereignty appears through various law and policy instruments.
Published
Contributors:
William Simpson
AIGP, CIPP/US
Westin Fellow
IAPP
Additional Insights
Digital sovereignty is an increasingly prominent theme and driver for digital governance. It is being interpreted and implemented in different ways and different contexts, informed by the perspectives of divergent interests. This infographic provides an illustrative depiction of how digital sovereignty appears through various law and policy instruments.
- Data localization: e.g., China’s Personal Information Protection Law, China’s Cybersecurity Law and Russia’s Federal Law No. 242-FZ.
- Data transfer restrictions: e.g., the EU General Data Protection Regulation, Brazil’s General Data Protection Law, Nigeria’s Data Protection Act and India’s Digital Personal Data Protection Act, 2023.
- Data use: e.g., the European Data Governance Act, the EU Data Act, U.K.’s Data Use and Access Act and India’s Digital Personal Data Protection Act, 2023.
- Trade controls: e.g., the U.S. Artificial Intelligence Diffusion Rule (rescinded), China’s Export Control Law and the Netherlands’ Regulation on Advanced Production Equipment for Semiconductors.
- Public procurement: e.g., the U.S. Creating Helpful Incentives to Produce Semiconductors and Science Act and European Chips Act.
- Infrastructure mandates: e.g., the U.S. Critical Minerals Dominance Act (draft), EU Critical Raw Materials Act, EU Cloud and AI Development Act (proposed) and Chile’s National Data Center Plan.
- Access to data: e.g., the U.S. Clarifying Lawful Overseas Use of Data Act, U.K.’s Investigatory Powers Act, China’s Data Security Law and India’s Information Technology Act, 2000
- Access to technological controls: e.g., China’s National Security Law and the U.S. Supply Chain Risk Designation
- Platform and content moderation: e.g., the EU Digital Services Act, U.K.’s Online Safety Act, United Arab Emirates’ Media Regulation Law and Australia’s Online Safety Amendment (Social Media Minimum Age) Act 2024.
- Algorithmic governance: e.g., the EU AI Act, South Korea’s AI Basic Act and China’s Measures for Labeling of AI-Generated Synthetic Content.
- Competition and antitrust: e.g., the EU Digital Markets Act and Japan’s Mobile Software Competition Act.
- The EU Cyber Resilience Act, Japan’s Basic Act on Cybersecurity and New York’s 23 NYCRR Part 500.
This content is eligible for Continuing Professional Education credits. Please self-submit according to CPE policy guidelines.
Submit for CPEsContributors:
William Simpson
AIGP, CIPP/US
Westin Fellow
IAPP
Tags:
