The global possibilities of communication over interlinked networks, over which large amounts of data can be exchanged in a timely manner at a low cost, has freed data processing from its spatial limitations. Data location is therefore becoming less and less important, as are national borders. This led to an increase in transborder data flow due to the advantage of computer technology in allowing virtually unlimited data availability regardless of time, distance, source, form and purpose. In addition, the appropriate technical knowledge of how to perform these processing operations at each stage is provided as a service by computer manufacturers, software houses, database operators, network operators or service facilities. These newer forms of technology influence use models of personal data in the private sector, the public sector, and every individual whose personal data are concerned. They have brought all participants in today´s Digitalization from a world of scarce information, typically separated according to social spheres and economic areas of activity, into a world of excessive amounts (“Big Data”) as well as availability, flexibility and scalability of data (“Cloud Computing”).
Transborder data flows therefore affect various dimensions in todays´ society, including those of the law. They have implications for - inter alia - data protection law, private and public international law, human rights law and Internet law. In the 1960s, governmental and private institutions in all the world´s democracies started reacting to these affects, such as what personal data may be collected, where and how data could be stored, where data could be transferred and how this could have consequences for the lives of data subjects.
However, data protection laws worldwide might currently not appropriately address the rapid development. States undertake, according to their positive and negative dimensions of State duties, different measures in trying to find a balance between national security matters, enhancing the free flow of data and setting up safeguards for the rights of the individuals concerned. As a result, national data protection levels differ. This complicates, among other things, the lawful behavior of multinational companies within the global economy. In addition, State legislation is bound to its enforcement procedures at the national level whilst the Internet cannot be restricted to national borders.
At the center of this work lies the question of the best possible solution to harmonize global data protection rules and remedy the existing shortcomings. Such a harmonization could eventually be achieved through a binding instrument in international law which regulates transborder data flows. This instrument could take shape of a uniform law drafted by legal experts in a “multi stakeholder setting” that is then incorporated into an international treaty.