BSA | The Software Alliance Issues Public Comment on Office of Trade Representative Notice

WASHINGTON, Nov. 3 -- Joseph Whitlock, director of policy at BSA | The Software Alliance, has issued a public comment on the Office of U.S. Trade Representative notice entitled "National Trade Estimate Report on Foreign Trade Barriers". The comment was written on Oct. 29, 2020, and posted on Oct. 30, 2020:

* * *

BSA | The Software Alliance/1 provides the following information in response to your request/2 for written submissions to the Trade Policy Staff Committee (TPSC) regarding significant trade barriers for inclusion in the National Trade Estimate on Foreign Trade Barriers (NTE Report). The efforts of the Office of the US Trade Representative (USTR) to support open markets and combat trade barriers are critical to supporting global economic response and recovery to COVID-19.

The World Trade Organization (WTO) has reported that some 80 countries have imposed export and other trade restrictions in reaction to the COVID-19 epidemic, in addition to a growing number of digital trade barriers that impact the movement of information across borders. Such trade barriers and cross-border data transfer restrictions impede the ability of populations to comply with social distancing mandates, reduce the spread of disease, and remain economically productive.

At this time of unprecedented economic challenges and rising digital protectionism, BSA strongly endorses USTR's work to identify significant barriers to U.S. exports of goods and services, U.S. foreign direct investment, and the protection and enforcement of intellectual property rights for inclusion in the NTE Report.

I. Executive Summary

The global outbreak of COVID-19 presents one of the most complex challenges governments have faced in modern times. No sector of the global economy has been spared. International trade -- and particularly digital trade -- has come to play an increasingly important role in attenuating the impact of the pandemic. Vigilance against trade barriers and digital protectionism is imperative.

A. Software, Digital Trade, and COVID-19 Response and Recovery

With many governments implementing measures to increase the social distancing within populations to reduce spread of the virus, the pandemic has rapidly forced many aspects of public life to a remote or virtual environment. Continued economic vitality and employment depend increasingly upon cross-border access to software and cloud computing services. As governments around the world continue to navigate and respond to the public health crisis, policymakers should maintain a strong commitment to trade-related policies that will foster the economic response and recovery to COVID-19.

The US software industry -- and the millions of researchers, engineers, publishers, data scientists, and other workers that it employs -- depends upon such forward-looking digital trade policies to help advance COVID-19 response and recovery efforts. This includes, most obviously, the remote work, remote health, and remote educational software tools that have helped provide resilience and operational continuity for the organizations upon which workforces, students, and patients depend. These remote software tools are supported by a range of other cloud-enabled software solutions, including encryption, data analytics, machine learning, and cybersecurity software features. In this way, today's COVID-19 response and recovery efforts rely on digital trade policies that allow for the delivery of cloud-enabled software solutions seamlessly and securely across borders.

B. Software and Digital Trade -- Statistical Overview

Over the past decade, the US software industry and cross-border digital trade have become a primary driver of the global economy. As illustrated below, the US software industry has helped build stability and resilience into the US economy at a time of unprecedented economic uncertainty:

* Software drives growth: As of 2019, the US software industry (including US software exports) were responsible for $1.6 trillion of total US value added GDP and 14.4 million jobs -- jobs that pay more than twice the national average for all occupations./3

* Software drives innovation: For example, BSA members are counted among the top US patent recipients (accounting in 2018 for nearly 80 percent of all US patents issued to US companies among the top 10 patent grantees)/4 and among the major US copyright and trademark holders. Annual US software research and development (R&D) investments exceed US$80 billion./5

* Software drives economic opportunity: Jobs in software development, computer programming and related fields are growing so rapidly that the US Bureau of Labor Statistics estimates 1 million computer programming jobs need to be filled in the United States./6

Internationally, these trends are also pronounced, and they have only accelerated in the wake of the COVID-19 pandemic:

* Digital trade drives the global economy: Pre-2020, software-enabled cross-border data transfers were estimated to contribute trillions of dollars to global GDP,/7 with 75 percent of the value of cross-border data transfers benefitting traditional industries like agriculture, logistics, and manufacturing./8

* Digital trade is key to a global economic recovery: Post-2020, the shift to cloud- and software-enabled activity has accelerated. For example, the number of employees working remotely in mid-2020 is estimated to have grown (at least) four-fold over prior years,/9 while telehealth services are expected to grow seven-fold by 2025./10

Digital trade is the critical factor in global economic growth today. In every sector and at every stage of the production value chain, cloud- and software-enabled data transfers enable the digital tools and insights that are critical to enabling entrepreneurs and companies of all sizes to create jobs, boost efficiency, drive quality, and improve output./11

C. NTE Report Statutory Criteria and Policy Priorities for Software and Digital Trade

Unfortunately, trade barriers and digital protectionism are growing at the very time that digital trade and connectivity are helping to sustain economic activity and employment. Against this background, USTR's review of trade barriers under Section 181 of the Trade Act of 1974, as amended (19 USC Sec. 2241), has ever greater salience. The statute requires USTR to "identify and analyze acts, policies, or practices of each foreign country which constitute significant barriers to, or distortions of--

* United States exports of goods or services (including ... property protected by trademarks, patents, and copyrights exported or licensed by United States persons);

* foreign direct investment by United States persons, especially if such investment has implications for trade in goods or services; and

* United States electronic commerce./12

In this submission, we address all three statutory elements of Section 181 of the Trade Act as they relate to the trade-related challenges that BSA members increasingly face abroad, and as they relate to the trade-related aspects of BSA's COVID-19 Response and Recovery Agenda;/13 BSA's Digital Trade Agenda;/14 and BSA's Cloud Computing Scorecard./15

Drawing on these BSA resources, BSA's NTE submission address policies of concern in the following markets: Brazil, China, India, Indonesia, South Korea, Thailand, Vietnam, and the European Union (EU).

D. Digital Market Access and Intellectual Property (IP) Issues in Select Economies

Both to recover from COVID-19 and to realize the full potential of digital trade, it is important to establish legal frameworks that foster innovation and promote confidence in the digital economy. BSA's Cloud Computing Scorecard examines the critical factors of such legal frameworks, including in relation to international trade, privacy, cybersecurity, IP, voluntary standard-setting, and information technology (IT) readiness. Japan, Singapore, and the United States score well in this report due to their forward-looking trade, IP, and innovation policies (including their support for rules to permit data analytics). In contrast, China, India, Indonesia, Russia, and Vietnam receive the lowest rankings of all countries reviewed, due to policies that undermine investment in software innovation and market access for software-enabled services and products.

1. Digital Market Access Issues

We highlight the following digital market access issues: (1) cross-border data flows and data localization; (2) discriminatory trade barriers including discriminatory digital taxes; (3) customs requirements on electronic transmissions; (4) security; (5) standards; (6) procurement restrictions, and (7) intellectual property rights (IPR).

Cross-Border Data Flows and Data Localization: The ability of US companies to continue leading global advances in innovative technology is under a rising threat from foreign government policies that restrict digital trade and market access. Data-related market access barriers take many forms. Sometimes the policies expressly require data to stay in-country or impose unreasonable conditions on sending data abroad. In other cases, the policies require the use of domestic data centers or other equipment, or the need for such data centers to be operated by local vendors. Sometimes these measures are based on privacy or security concerns, but too often the real motivation appears to be protectionist, as reflected in their design and operation. For example, these measures may:

* Reflect a choice of policy tools that are significantly more trade-restrictive than necessary to achieve the stated public policy goal;

* Constitute unnecessary, unjustified and/or disguised restrictions on data transfers across borders, or may be more restrictive of data transfers than necessary; or

* Treat cross-border data transfers less favorably than domestic data transfers.

Sustained attention to these threats is critical. Unfortunately, some markets, including China, India, South Korea, Indonesia, and Vietnam, have adopted, or have proposed, rules that prohibit or significantly restrict companies' ability to provide data services from outside their national territory.

Among several Chinese measures that restrict the ability to transfer data across borders, the draft 2017 Critical Information Infrastructure Protection regulations -- as further elaborated in 2020 guidelines -- would effectively require all cloud computing services providers (CSPs) to store data in-country./16

India too has imposed data localization requirements, including through India's Directive on Storage of Payment System Data issued by the Reserve Bank of India in 2018, which imposes data and infrastructure localization requirements./17

South Korea's Cloud Security Assurance Program (CSAP) requires use of local data centers for a broad range of cloud services./18

The proposed implementation regulation for Indonesia's Government Regulation 71/2019 and OJK Regulation 13/2020 also contain data localization requirements. Likewise, Vietnam's 2018 Cybersecurity Law/19 and draft implementing regulations impose improper data localization requirements. These guidelines raise significant market access concerns for companies offering software, IT, and data services overseas.

Egypt,/20 Nigeria,/21 and Pakistan/22 each issued measures or proposals in 2020 that raise questions and potential concerns from a cross-border data policy perspective. Although we do not address these three countries in additional detail below, it is important to continue monitoring these developments. Finally, BSA continues to monitor the application of measures in the EU that govern cross-border data flows, as well as the EU's bilateral and plurilateral trade negotiations and developing policies and legal jurisprudence, which could dramatically restrict cross-border data flows with third countries.

Discriminatory Trade Measures, including Discriminatory Digital Taxes: BSA members often face discriminatory measures in trading partner markets./23

These measures include rules that afford less favorable treatment:

* To imported digital products vis-a-vis their domestic analogues in respect of sale, use, investment, technical regulations, etc./24

* To non-national services or service providers vis-a-vis domestic counterparts./25

* To digital products created in another country or by non-national relative to a digital protect created domestically or by a national./26

Similarly, such measures include discriminatory digital service taxes that would impose significant tax liability on US enterprise cloud and software providers, while effectively exempting local enterprise cloud and software providers. Such taxes would raise concerns under international trade law, insomuch as they would appear to constitute internal taxes or charges on imported products (imposed directly or indirectly) in excess of those imposed on like domestic products,/27 and/or taxes and charges applied so as to afford protection to domestic production./28

For example, arbitrary value thresholds, definitional scoping, and other specific features that afford protection to domestic digital products, while burdening imported digital products, could raise concerns.

Customs Requirements on Electronic Transmissions: Across a broad cross-section of economic sectors, there are growing concerns about proposed domestic policies to improperly impose customs duties and other requirements on software and other electronic transmissions. Since 1998, World Trade Organization (WTO) Members have maintained a moratorium on customs duties on electronic transmissions. However, in 2018 Indonesia issued Regulation No.17/PMK.010/2018 (Regulation 17), which amends Indonesia's Harmonized Tariff Schedule to add Chapter 99: "[s]oftware and other digital products transmitted electronically."/29

Some countries, including India and South Africa, have also expressed support for the imposition of customs duties on electronic transmissions. If successful, these misguided efforts would increase costs of digital products and services and reduce productivity and competitiveness for local industries in the implementing countries.

Security: Governments have a legitimate interest in ensuring software-enabled products, services, and equipment deployed in their countries are reliable, safe, and secure. However, some markets -- including Brazil, China, India, South Korea, Thailand, and Vietnam -- are using or proposing to use security concerns to justify de facto trade barriers. Requiring cloud service providers to confine data in-country does not improve security but instead ultimately hinders it. First, storing data at geographically diverse locations can enable companies to maintain redundancy and resilience for critical data in the wake of physical damage to a storage location and obscure the location of data to reduce the risk of physical attacks. In addition, cross-border data transfers allow for cybersecurity tools to monitor traffic patterns, identify anomalies, and divert potential threats in ways that depend on global access to real-time data.

Standards: Technology standards play a vital role in facilitating global trade in software-enabled services and IT. When standards are developed through voluntary, industry-led processes and widely used across markets, they generate efficiencies of scale and speed the development and distribution of innovative products and services. Unfortunately, some countries have developed or are developing country-specific standards. The adoption of country-specific standards creates de facto trade barriers for BSA members and raises the costs of cutting-edge technologies for consumers and enterprises. Countries adopting nationalized standards for IT products include China and South Korea.

Procurement Restrictions: Governments are among the biggest consumers of software products and services, yet many impose significant restrictions on foreign suppliers' ability to serve public-sector customers. Not only do such policies eliminate potential sales for BSA members, but they also deny government purchasers the freedom to choose the best available products and services to meet their needs. US trading partners with existing or proposed restrictions on public procurement of foreign software products and services include Australia, China, South Korea, and India.

2. Intellectual Property Issues

Trade Secrets and Other Proprietary Information: BSA members rely on the ability to protect valuable trade secrets and other proprietary information to maintain their competitive position in the global marketplace. Countries with weak trade secret protection rules, or that have (or are proposing) policies requiring disclosure of sensitive information include China, India, and Indonesia. In addition, countries including China and South Korea have implemented or proposed policies, such as sector-specific outsourcing or IT risk management frameworks, that require source code review of technologies or services.

Patents: BSA members depend around the world upon effective patent protection to eligible computer-implemented inventions, in line with their international obligations.

Copyrights: Innovation in the digital environment requires legal frameworks that provide copyright holders with the tools necessary to effectively enforce their copyrights. An effective framework for online copyright enforcement must balance the legitimate needs and interests of all parties with a role in driving innovation, including content creators, Internet service providers, online platform providers (i.e., intermediaries), and members of the public. These interests are best accommodated through safe harbor frameworks that provide online intermediaries with limitations on monetary liability for third party content in exchange for removing content upon notification of claimed copyright infringement from a relevant rights holder. Although a statutory safe harbor framework is a well-established international best practice reflected in the US and Singaporean legal systems (among others), other countries have yet to modernize their copyright frameworks in this regard.

Artificial Intelligence and Machine Learning: IP frameworks are critical to data-enabled innovations, including artificial intelligence (AI), machine learning, cloud-based analytics, and the Internet of Things (IoT). AI, machine-learning, and data analytics systems are "trained" by ingesting large data sets to identify underlying patterns, relationships, and trends that are then transformed into mathematical models that can make predictions based on new data inputs. Countries around the world are taking a range of approaches to modernize their legal frameworks for AI systems. This includes Japan's May 2018 Copyright Law Amendment Act ("the Act") and Singapore's January 2019 Copyright Review Report, which permit data analytics to be performed for both non-commercial and commercial purposes subject to requirements of lawful access -- e.g. via a paid subscription./30

The EU has also recently incorporated text and data mining exceptions to its copyright regime. Finally, in the United States, the "non-consumptive" reproductions that are necessary for the development of AI-related technologies are considered fair use. BSA urges the US government to continue promoting such AI-focused legal frameworks, including in countries like Australia/31 and Brazil, to foster innovation and creativity./32

Software License Compliance: The use of unlicensed software by enterprises and governments is a major commercial challenge for BSA members, having a commercial value of at least US$46 billion./33

Unlicensed software also presents a serious security risk: Malware from unlicensed software costs companies worldwide nearly US$359 billion a year, and a single malware attack can cost a company US$2.4 million on average and can take up to 50 days to resolve. One means of mitigating these risks is through voluntary compliance measures, such as effective, transparent, and verifiable software asset management (SAM) procedures, where enterprises and government agencies implement the necessary processes to efficiently manage their software assets, including for licensing purposes. Governments should lead by example and adopt such measures for their own procurement and IT maintenance systems.

E. Conclusion

BSA welcomes the opportunity to provide this submission to inform the development of the NTE Report and the United States' engagement with important trading partners in 2021. We look forward to working with USTR and the US agencies represented on the TPSC to achieve meaningful progress in addressing the barriers to trade, investment, and e-commerce identified in this submission.

View full comment at: https://www.regulations.gov/contentStreamer?documentId=USTR-2020-0034-0025&attachmentNumber=1&contentType=pdf

* * *

Footnotes:

1/ BSA | The Software Alliance (www.bsa.org) is the leading advocate for the global software industry before governments and in the international marketplace. Its members are among the world's most innovative companies, creating software solutions that spark the economy and improve modern life. With headquarters in Washington, DC, and operations in more than 30 countries, BSA pioneers compliance programs that promote legal software use and advocates for public policies that foster technology innovation and drive growth in the digital economy. BSA's members include: Adobe, Atlassian, Autodesk, Bentley Systems, Box, Cadence, CNC/Mastercam, IBM, Informatica, Intel, MathWorks, Microsoft, Okta, Oracle, PTC, Salesforce, ServiceNow, Siemens Industry Software Inc., Sitecore, Slack, Splunk, Trend Micro, Trimble Solutions Corporation, Twilio, and Workday.

2/ 85 Fed. Reg. 55925, September 10, 2020.

3/ Software.org, Growing US Jobs and the GDP (Sept. 2019), available at: software.org/wp-content/uploads/2019SoftwareJobs.pdf.

4/ IFI Claims Patent Services, 2018 Top 50 US Patent Assignees (accessed Oct. 1, 2019) ("2018 Top 50 US Patent Assignees"), available at: https://www.ificlaims.com/rankings-top-50-2018.htm. BSA members accounted for 16,348 of the 20,771 patents issued to US companies within the top 10 patent recipients in 2018).

5/ Software.org, Growing US Jobs and the GDP (Sept. 2019), available at: software.org/wp-content/uploads/2019SoftwareJobs.pdf.

6/ BSA | The Software Alliance, A Policy Agenda to Build Tomorrow's Workforce (2018), available at: https://www.bsa.org/files/policyfilings/05022018BSAWorkforceDevelopmentAgenda.pdf.

7/ See Global Data Alliance, Cross-Border Data Transfers Facts and Figures (2020), at https://www.globaldataalliance.org/downloads/gdafactsandfigures.pdf.

8/ Ibid.

9/ See generally, Global Data Alliance, Cross-Border Data Transfers and Remote Work (2020), https://www.globaldataalliance.org/downloads/10052020cbdtremotework.pdf. Prior to the COVID-19 crisis between five and fifteen percent of US employees worked remotely. Today, studies indicate that 50 percent or more of employees are working remotely, with even higher percentages in certain regions and certain professions.

10/ See generally, Global Data Alliance, Cross-Border Data Transfers and Remote Health Services (2020), available at: https://www.globaldataalliance.org/downloads/09152020cbdtremotehealth.pdf.

11/ See Global Data Alliance, The Cross-Border Movement of Data: Creating Jobs and Trust Across Borders in Every Sector (2020), at https://www.globaldataalliance.org/downloads/GDAeverysector.pdf ; See Global Data Alliance, Jobs in All Sectors Depend Upon Data Flows (2020), at https://www.globaldataalliance.org/downloads/infographicgda.pdf.

12/ 19 USC 2411 et seq.

13/ BSA | The Software Alliance, Response and Recovery Agenda (2020), at: https://www.bsa.org/files/policyfilings/05272020bsaresponserecoveryagenda.pdf.

14/ BSA | The Software Alliance, Digital Trade Agenda (2018), at: https://www.bsa.org/files/policyfilings/05072019bsa_advancingdigitaltradeagenda.pdf.

15/ BSA | The Software Alliance, Cloud Computing Scorecard (2018), at: https://cloudscorecard.bsa.org/2018/.

16/ Critical Information Infrastructure Protection Regulations (Draft for Comment), July 11, 2017 (Chinese) at: http://www.cac.gov.cn/2017-07/11/c_1121294220.htm.

17/ Reserve Bank of India Storage of Payment System Data Directive (2018) at: https://www.rbi.org.in/scripts/NotificationUser.aspx?Id=11244&Mode=0 and Ministry of Electronics and Information Technology Guidelines for Government Departments on Contractual Terms Related to Cloud Services at: https://www.meity.gov.in/writereaddata/files/Guidelines-Contractual_Terms.pdf.

18/ Act on the Development of Cloud Computing and Protection of its Users (Cloud Computing Promotion Act) (2015). English translation at: http://www.law.go.kr/eng/engLsSc.do?menuId=2§ion=lawNm&query=cloud+computing&x=0&y=0#liBgcolor1.

19/ Vietnam's 2018 Cybersecurity Law at: https://luatvietnam.vn/an-ninh-quoc-gia/luat-an-ninh-mang-2018-luat-an-ninh-mang-so-242018-qh14-164904-d1.html#noidung.

20/ In July 2020, Egypt enacted its first general privacy legislation, the Data Protection Law. The Law, which limits the grounds for data transfers, is due to take full effect following the passing of Executive Regulations, expected in or before April 2021.

21/ On 19 August 2020, the Nigerian Identification Management Commission published a draft Data Protection Bill. The Bill is intended to replace the existing Data Protection Regulation, issued by the Nigerian IT Ministry in 2018. The bill does not clearly establish the legal mechanisms for cross-border data transfers, which could engender regualtory uncertainty regarding an organization's ability to transfer data across international borders.

22/ In February 2020, Pakistan published a draft Data Protection Bill which includes two potential data localization requirements and which leaves key terms (e.g., scope of "critical data") undefined. The bill requires data mirroring for all personal data and local processing of all critical personal data , and prohibits the transfer of that data abroad. See Global Data Alliance, Comments to the Ministry of Information Technology and Telecommunication of the Islamic Republic of Pakistan on The Personal Data Protection Bill 2020 (May 15, 2020), at www.globaldataalliance.org/downloads/051420pakistanpdpbill.pdf

23/ See e.g., India Equalization Levy (as amended April 2020); Indonesia Electronic Transactions Tax (2020); Vietnam Tax Administration Law (July 1, 2020).

24/ See GATT Art. III:4, TBT Art. 2.1, TRIMS Art. 2.1; etc.

25/ See GATS Art. XVII.

26/ See e.g., USMCA Art. 19.4.

27/ See GATT Art. III:2.

28/ See GATT Art. III:1.

29/ Regulation 17 purports to cover a wide array of categories, classified in Indonesia's tariff schedule between subheadings 9901.10.00 to subheading 9901.90.00, including "multimedia (audio, video or audiovisual)"; operating system software; application software; "support or driver data, including design for machinery system"; and a broad catch-all category covering "other software and digital products."

30/ Singapore Ministry of Law, Singapore Copyright Review Report, pp. 32-34 (Jan. 17, 2019), available at: https://www.mlaw.gov.sg/content/dam/minlaw/corp/News/Press%20Release/Singapore%20Copyright%20Review%20Report%20 2019/Annex%20A%20-%20Copyright%20Review%20Report%2016%20Jan%202019.pdf.

31/ The copyright regime in Australia does not have an exception allowing the use of text and data mining for the purposes of develop AI algorithms. The current round of copyright reforms in Australia failed to address the private sectors' concerns and focused on non-commercial and government use exceptions. They are detailed at: https://www.communications.gov.au/departmentalnews/copyright-access-reforms.

32/ See BSA | The Software Alliance, Comments on the Draft 2018-2022 Strategic Plan of the United States Patent and Trademark Office (September 18, 2018), pp. 4-5, available at: www.bsa.org/~/media/Files/Policy/IntellectualProperty/09202018USPTOCommentsonDraft20182022StrategicPlan.pdf.

33/ See BSA Global Software Survey - In Brief (June 2018), available at: https://gss.bsa.org/wpcontent/uploads/2018/06/2018_BSA_GSS_InBrief_US.pdf.

* * *

The notice can be viewed at: https://www.regulations.gov/document?D=USTR-2020-0034-0001

TARGETED NEWS SERVICE (founded 2004) features non-partisan 'edited journalism' news briefs and information for news organizations, public policy groups and individuals; as well as 'gathered' public policy information, including news releases, reports, speeches. For more information contact MYRON STRUCK, editor, [email protected], Springfield, Virginia; 703/304-1897; https://targetednews.com