[House Hearing, 113 Congress]
[From the U.S. Government Publishing Office]
CROSS-BORDER DATA FLOWS: COULD FOREIGN PROTECTIONISM HURT U.S. JOBS?
=======================================================================
HEARING
BEFORE THE
SUBCOMMITTEE ON COMMERCE, MANUFACTURING, AND TRADE
OF THE
COMMITTEE ON ENERGY AND COMMERCE
HOUSE OF REPRESENTATIVES
ONE HUNDRED THIRTEENTH CONGRESS
SECOND SESSION
__________
SEPTEMBER 17, 2014
__________
Serial No. 113-176
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Printed for the use of the Committee on Energy and Commerce
energycommerce.house.gov
______________________
U.S. GOVERNMENT PUBLISHING OFFICE
95-852 PDF WASHINGTON : 2015
_________________________________________________________________________________
For sale by the Superintendent of Documents, U.S. Government Publishing Office,
Internet:bookstore.gpo.gov. Phone:toll free (866)512-1800;DC area (202)512-1800
Fax:(202) 512-2104 Mail:Stop IDCC,Washington,DC 20402-001
COMMITTEE ON ENERGY AND COMMERCE
FRED UPTON, Michigan
Chairman
RALPH M. HALL, Texas HENRY A. WAXMAN, California
JOE BARTON, Texas Ranking Member
Chairman Emeritus JOHN D. DINGELL, Michigan
ED WHITFIELD, Kentucky FRANK PALLONE, Jr., New Jersey
JOHN SHIMKUS, Illinois BOBBY L. RUSH, Illinois
JOSEPH R. PITTS, Pennsylvania ANNA G. ESHOO, California
GREG WALDEN, Oregon ELIOT L. ENGEL, New York
LEE TERRY, Nebraska GENE GREEN, Texas
MIKE ROGERS, Michigan DIANA DeGETTE, Colorado
TIM MURPHY, Pennsylvania LOIS CAPPS, California
MICHAEL C. BURGESS, Texas MICHAEL F. DOYLE, Pennsylvania
MARSHA BLACKBURN, Tennessee JANICE D. SCHAKOWSKY, Illinois
Vice Chairman JIM MATHESON, Utah
PHIL GINGREY, Georgia G.K. BUTTERFIELD, North Carolina
STEVE SCALISE, Louisiana JOHN BARROW, Georgia
ROBERT E. LATTA, Ohio DORIS O. MATSUI, California
CATHY McMORRIS RODGERS, Washington DONNA M. CHRISTENSEN, Virgin
GREGG HARPER, Mississippi Islands
LEONARD LANCE, New Jersey KATHY CASTOR, Florida
BILL CASSIDY, Louisiana JOHN P. SARBANES, Maryland
BRETT GUTHRIE, Kentucky JERRY McNERNEY, California
PETE OLSON, Texas BRUCE L. BRALEY, Iowa
DAVID B. McKINLEY, West Virginia PETER WELCH, Vermont
CORY GARDNER, Colorado BEN RAY LUJAN, New Mexico
MIKE POMPEO, Kansas PAUL TONKO, New York
ADAM KINZINGER, Illinois JOHN A. YARMUTH, Kentucky
H. MORGAN GRIFFITH, Virginia
GUS M. BILIRAKIS, Florida
BILL JOHNSON, Ohio
BILLY LONG, Missouri
RENEE L. ELLMERS, North Carolina
_____
Subcommittee on Commerce, Manufacturing, and Trade
LEE TERRY, Nebraska
Chairman
LEONARD LANCE, New Jersey JANICE D. SCHAKOWSKY, Illinois
Vice Chairman Ranking Member
MARSHA BLACKBURN, Tennessee JOHN P. SARBANES, Maryland
GREGG HARPER, Mississippi JERRY McNERNEY, California
BRETT GUTHRIE, Kentucky PETER WELCH, Vermont
PETE OLSON, Texas JOHN A. YARMUTH, Kentucky
DAVID B. McKINLEY, West Virginia JOHN D. DINGELL, Michigan
MIKE POMPEO, Kansas BOBBY L. RUSH, Illinois
ADAM KINZINGER, Illinois JIM MATHESON, Utah
GUS M. BILIRAKIS, Florida JOHN BARROW, Georgia
BILL JOHNSON, Ohio DONNA M. CHRISTENSEN, Virgin
BILLY LONG, Missouri Islands
JOE BARTON, Texas HENRY A. WAXMAN, California (ex
FRED UPTON, Michigan (ex officio) officio)
(ii)
C O N T E N T S
----------
Page
Hon. Lee Terry, a Representative in Congress from the State of
Nebraska, opening statement.................................... 1
Prepared statement........................................... 3
Hon. Pete Olson, a Representative in Congress from the State of
Texas, opening statement....................................... 4
Hon. Janice D. Shakowsky, a Representative in Congress from the
State of Illinois, opening statement........................... 4
Hon. Jerry McNerney, a Representative in Congress from the State
of California, opening statement............................... 5
Hon. Marsha Blackburn, a Representative in Congress from the
State of Tennessee, opening statement.......................... 5
Prepared statement...........................................
Hon. Henry A. Waxman, a Representative in Congress from the State
of California, prepared statement.............................. 83
Witnesses
Linda Dempsey, Vice President, International Economic Affairs,
National Association of Manufacturers.......................... 7
Prepared statement........................................... 9
Answers to submitted questions............................... 84
Brian Bieron, Executive Director, Public Policy Lab, eBay, Inc... 24
Prepared statement........................................... 26
Answers to submitted questions............................... 91
Laura K. Donohue, Professor of Law, Director, Center on National
Security and the Law, Georgetown University Law Center......... 34
Prepared statement........................................... 37
Sean S. Heather, Vice President, Center for Global Regulatory
Cooperation, Executive Director, International Policy and
Antitrust Policy, U.S. Chamber of Commerce..................... 57
Prepared statement........................................... 59
Answers to submitted questions............................... 96
Submitted Material
Letter of September 16, 2014, from Howard Fienberg, Director of
Government Affairs, Marketing Research Association, to Mr.
Terry and Ms. Schakowsky, submitted by Mr. Terry............... 77
Letter of April 3, 2014, from Myron A. Brilliant, Executive Vice
President and Head of International Affairs, U.S. Chamber of
Commerce, to John P. Holden, Assistant to the President for
Science and Technology Policy, submitted by Mr. Terry.......... 79
CROSS-BORDER DATA FLOWS: COULD FOREIGN PROTECTIONISM HURT U.S. JOBS?
----------
WEDNESDAY, SEPTEMBER 17, 2014
House of Representatives,
Subcommittee on Commerce, Manufacturing, and Trade,
Committee on Energy and Commerce,
Washington, DC.
The subcommittee met, pursuant to call, at 2:04 p.m., in
room 2322, Rayburn House Office Building, Hon. Lee Terry
(chairman of the subcommittee) presiding.
Members present: Representatives Terry, Lance, Blackburn,
Harper, Guthrie, Olson, Bilirakis, Long, Schakowsky, McNerney,
and Barrow.
Staff present: Leighton Brown, Press Assistant; Graham
Dufault, Policy Coordinator, Commerce, Manufacturing, and
Trade; Melissa Froelich, Counsel, Commerce, Manufacturing, and
Trade; Kirby Howard, Legislative Clerk; Paul Nagle, Chief
Counsel, Commerce, Manufacturing, and Trade; Michelle Ash,
Democratic General Counsel; and Lisa Goldman, Democratic
Counsel.
Mr. Terry. I want to thank all of you for being here. We
have a couple of Democrats and a couple of Republicans. I think
we are ready to go. So I want to thank our witnesses for being
here. I am going to start with my opening statement.
OPENING STATEMENT OF HON. LEE TERRY, A REPRESENTATIVE IN
CONGRESS FROM THE STATE OF NEBRASKA
Good afternoon to all. Welcome to our hearing entitled
``Cross-Border Data Flows: Could Foreign Protectionism Hurt
U.S. Jobs?''
I want to mention, before we get started, that eBay is here
to testify today. And I am especially thankful for you that
because eBay owns PayPal, which employs about 4,000 people in
my district.
We are here today to discuss an emerging trend among many
countries around the globe that could potentially have a
negative impact on our economy. First of all, what are data
flows, and why are they important? The flow of data across
borders simply refers to the ability to send an email, a file
transfer, video, or other electronic data from one country to
another. And because very little business is done today without
some form of electronic data, data flows are a big deal for
manufacturing, energy, agribusiness, health care, financial
institutions, retailers, advertisers, insurance, and tech
companies.
But several countries have proposed or enacted restrictions
on cross-border data flows or have required companies to locate
data centers within their own borders. For example, Russia has
made a law restricting data flows. Brazil proposed a, quote,
``civil Internet framework,'' end quote, that would have
authorized the government to require data to be stored in
Brazil.
The governments of Indonesia, Singapore, and India have
also issued proposals that would either subject cloud computing
to additional regulation or require data to remain stored
inside respective countries. Sadly, these are but a few of the
countries where it is an issue.
Proposals to require local data centers have been aptly
named forced localization and come with varying rationales. The
European Commission, for example, has argued that localization
of data could be a way to promote domestic industry and create
jobs. But as we will hear from some of the witnesses today, it
is doubtful that such policies would achieve these intended
goals. More likely, they would take away the benefits that
digital trade brings to that country and to the U.S. companies.
Other proponents of data flow restrictions argue that the
revelations concerning U.S. intelligence surveillance justify
balkanizing the flow of data.
The United States should send a clear message that forced
localization and other restrictions on data flows are
commercial regulations that affect businesses, and recent
headlines cannot be used to force concessions from U.S.
companies that cost us jobs here in the U.S.
Over 300 Federal and State privacy laws are on the books in
the U.S., and that proves that we do have privacy policies in
the U.S. We have more privacy and risk officers in the U.S.
than anywhere else in the world.
Companies are reacting to the market and giving consumers
more control, like Facebook's recent policy that permit users
to remove themselves from the categories of advertising. And
there are very few nations with a better record for the rule of
law than the United States. Intelligence surveillance is being
tackled, as it should, with input from Congress and our
national security agencies.
When it comes to trade, the U.S. cannot allow
protectionism. Whether it is under the pretext of privacy or
whatever, it threatens U.S. jobs and U.S. competitiveness. Our
trade negotiators with USTR and the International Trade
Administration have stressed to the counterparts overseas that
the negotiations must focus on the commercial flow of data,
which is of great value to everyone involved.
There are many pieces that touch on data flows, the Trans-
Pacific Partnership, the Trade and Services Agreement, the
Transatlantic and Investment Partnership, and the Safe Harbor
Framework. We cannot falter in any of these. I am hopeful that
Congress will send a unified message to current and future
trading partners that trade barriers will not be tolerated, and
that we will protect our economic interest in data flows.
I want to thank our witnesses for being here today.
[The prepared statement of Mr. Terry follows:]
Prepared statement of Hon. Lee Terry
Good afternoon, and welcome to our hearing entitled,
``Cross-Border Data Flows: Could Foreign Protectionism Hurt
U.S. Jobs?''
I want to mention before we get started, that eBay is here
to testify today, and I am especially thankful for that because
eBay owns PayPal, which has an office of over 4,000 employees
in the Omaha area.
We are here today to discuss an emerging trend among many
countries around the globe that could potentially have a
negative impact on our economy.
First of all, what are data flows and why are they
important?
The flow of data across borders simply refers to the
ability to send an e-mail, a file transfer, video, or other
electronic data from one country to another.
And because very little business is done without some form
of electronic data, ``data flows'' are a big deal for
manufacturing, energy, agribusinesses, health care, financial
institutions, retailers, advertisers, insurers, and tech
companies.
But several countries have proposed or enacted restrictions
on cross-border data flows or have required companies to locate
data centers within their own borders.
For example, Russia has made a law restricting data flows.
Brazil proposed a ``Civil Internet Framework'' that would have
authorized the government to require data to be stored in
Brazil.
The governments of Indonesia, Singapore, and India have
also issued proposals that would either subject cloud computing
to additional regulation or require data to remain stored
inside the respective countries. Sadly, these are but a few of
the countries where this is an issue.
Proposals to require local data centers have been aptly
named ``forced localization,'' and come with varying
rationales.
The European Commission, for example, has argued that
localization of data could be a way to promote domestic
industry and create jobs.
But as we'll hear from some of the witnesses today, it's
doubtful that such policies would achieve these intended goals.
More likely, they would take away the benefits that digital
trade brings to that country and to U.S. companies.
Other proponents of data flow restrictions argue that the
revelations concerning U.S. intelligence surveillance justify
balkanizing the flow of data.
The United States should send a clear message that forced
localization and other restrictions on data flows are
commercial regulations that affect businesses, and recent
headlines cannot be used to force concessions from U.S.
companies that cost us jobs here in the U.S.
Moreover, it is simply not accurate to say that there are
not privacy protections in the U.S.
Over 300 Federal and State privacy laws on the books in the
U.S. prove otherwise. FTC enforcement proves otherwise. And our
marketplace shows otherwise.
We have more privacy and risk officers in the U.S. than
anywhere else in the world. Companies are reacting to the
market and giving consumers more control--like Facebook's
recent policy announcement that permits users to remove
themselves from categories of advertising.
And there are few nations with a better record for the rule
of law. Intelligence surveillance is being tackled as it
should, with input from Congress and our national security
agencies.
When it comes to trade, the U.S. cannot allow
protectionism-under the pretext of privacy-to threaten U.S.
jobs and U.S. competitiveness. Our trade negotiators with USTR
and the International Trade Administration have stressed to
their counterparts overseas that the negotiations must focus on
the commercial flow of data which is of great value to everyone
involved.
There are many pieces that touch on data flows: the Trans-
Pacific Partnership (TPP), the Trade in Services Agreement
(TiSA), the Transatlantic Trade and Investment Partnership
(TTIP), and the Safe Harbor Framework. We cannot falter in any
of these.
I am hopeful that Congress can send a unified message to
current and future trading partners that trade barriers will
not be tolerated, and that we will protect our economic
interest in data flows.
I thank the witnesses for being here today to shed more
light on this issue and for giving our subcommittee the
opportunity to spearhead Congress' activity in this area.
Mr. Terry. I have 1 minute, if anybody wants it.
Gentleman from Texas.
OPENING STATEMENT OF HON. PETE OLSON, A REPRESENTATIVE IN
CONGRESS FROM THE STATE OF TEXAS
Mr. Olson. Thank you, Mr. Chairman, for holding this
hearing today.
And thank you to our witnesses for your patience.
As we listen and discuss data policies around the world, it
is important to think about the answers to these questions:
Number one, in what country has the Internet flourished? In
what country, number two, are the majority of Internet
headquarters located? Question three, does any other country
have anything like Silicon Valley? If not, why not?
I look forward to this discussion today. Thank you. I yield
back.
Mr. Terry. Well done.
I recognize the gentlelady from Illinois.
OPENING STATEMENT OF HON. JANICE D. SCHAKOWSKY, A
REPRESENTATIVE IN CONGRESS FROM THE STATE OF ILLINOIS
Ms. Schakowsky. Thank you, Mr. Chairman, and thank you to
the witnesses. This is a very complex issue and one that is
deserving of this committee's attention.
From a video chat between family members thousands of miles
apart, to instant access to news and research, to buying
tickets or music or sporting events at the click of a button,
the Internet has made our world more interconnected than most
would have imagined maybe only 20 years. That growth has helped
to support some of the most innovative companies in the world,
providing not just entertainment and information, but also
supporting millions of jobs here at home.
With the value of e-commerce estimated at $8 trillion per
year worldwide and U.S. digital exports in the hundreds of
billions of dollars each year, we have to do all we can to
promote responsible growth of the Internet.
The U.S. has been the undisputed leader in the development
and commercialization of the Internet. But just like at home,
people abroad have doubts about the privacy and security
practices of American companies. We have seen this most acutely
in terms of efforts to restrict cross-border data flows or the
transmission of data across national boundaries. Many major
economic powers around the world have considered and enacted
restrictions on cross-border data flows, and many individuals
around the world have sought out alternatives to U.S.-based
companies for services from email to e-commerce.
Distrust of American companies and our Government is high.
Massive data breaches, like those that occurred at Target and
Home Depot, have made data privacy and security a central issue
in trade talks with countries and with the European Union. Last
year's revelations about the NSA's data collection practices
just heightened concerns that already existed in many
countries, adding fuel to the fire.
I support the USA Freedom Act, legislation passed in the
House in May to limit bulk data collection and require prior
judicial approval for collection of sensitive information. The
bill would also establish enhanced oversight and transparency
mechanisms. The United States does not have comprehensive
privacy or data security protections in place, and I support
taking that step.
I am an original cosponsor of H.R. 4400, the Data
Accountability and Trust Act, which Mr. Rush introduced earlier
this year. That bipartisan bill would require the FTC to
establish clear standards for collecting, storing, and
disposing of sensitive data and would require entities to
inform the public in the event of a breach.
Enactment of the USA Freedom Act and the Data
Accountability and Trust Act, as well as steps to strengthen
the Electronic Communications Privacy Act, would provide much
needed assurances regarding the privacy of data held on U.S.
servers. Doing so would, first and foremost, provide peace of
mind to Americans concerned about the security of their
personal information, and it would also make American
businesses even more competitive in the global economy.
I look forward to hearing from our witnesses and getting
your perspectives on this important issue and the steps we
should take in order to remain the undisputed world leader in
the Internet economy.
Do either of the gentlemen wish to--OK. And I would like to
yield to Mr. McNerney whatever time is left.
OPENING STATEMENT OF HON. JERRY MCNERNEY, A REPRESENTATIVE IN
CONGRESS FROM THE STATE OF CALIFORNIA
Mr. McNerney. I thank the ranking member and also the panel
for giving your time and effort on this hearing.
There is a lot of data that flows across our national
border, an awful lot of data. That raises questions of privacy,
it raises questions of commerce, of national security. Some of
our companies that are innovators are saying that our national
security posture is hurting their businesses, and that opens up
the opportunity for countries across the world to take steps
against our country that they say, again, our companies are
saying, costing them commerce.
So, as the ranking member said, this is a very complicated
issue, and I hope this hearing sheds a little light on that.
And then we will be glad to ask questions and try and shed a
little bit more light on it.
So with that, I will yield back.
Mr. Terry. Mr. Barrow, do you have a statement?
Mr. Barrow. No.
Mr. Terry. You yield back your time?
Ms. Schakowsky. I yield.
Mr. Terry. No other statements on--oh, Ms. Blackburn, you
are recognized for 5 minutes.
OPENING STATEMENT OF HON. MARSHA BLACKBURN, A REPRESENTATIVE IN
CONGRESS FROM THE STATE OF TENNESSEE
Ms. Blackburn. Thank you, Mr. Chairman. And I apologize
that I am late getting to the committee. We have a few things
on the floor and had to do a little bit of work there.
I just am so pleased that we are doing something on the
cross-border data flow and the importance that this has in our
economy. I have had the opportunity to work with Peter Welch,
and we cochaired the Privacy Working Group this year. And we
brought in a group of business and consumer stakeholders so
that we could look a little bit more into this issue and have
the time to just do a roundtable discussion. It was important
to formulating some opinions and views, and we are appreciative
that we had the time to do that.
And we think that it is imperative that our committee
seriously examine the restrictions on data flows that are
emerging as a primary nontariff trade barrier to the
international marketplace that come in the form of digital
protectionism and poses a direct threat to U.S. economic
development and job creation.
It should be a priority for this Congress and the
administration to ensure that U.S. trade agreements cover new
and emerging digital technologies. They need to address
measures that restrict legitimate cross-border data flow, and
they should reexamine emerging policy and legal restrictions
that could potentially harm innovation.
I would also like to point out that one of our Privacy
Working Group's participants earlier this year was Laura
Donohue from Georgetown University Law Center, who is with us
today. And it is good to see you again. And we are pleased that
you are here to share your thoughts today.
And I yield back my time.
Mr. Terry. Mr. Guthrie, statement?
Mr. Bilirakis?
Mr. Bilirakis. No. Thank you.
Mr. Terry. All time being yielded back, we will now
recognize our witnesses. I am going to introduce you all first.
And then, Ms. Dempsey, we will start with you and go from my
left to right.
So we are pleased to have Linda Dempsey here today. She is
the vice president of international economic affairs for the
National Association of Manufacturers.
Mr. Bieron, senior director, eBay Public Policy Lab, thank
you.
Ms. Donohue is here. She is a professor of law at
Georgetown University Law Center, Center on National Security
and the Law. Thank you for being here.
And Mr. Heather, vice president, Center For Global
Regulatory Cooperation, executive director, international
policy and antitrust policy of the U.S. Chamber.
So now, Ms. Dempsey, you are recognized for your 5 minutes.
And there should be the little red light. We keep things easy
for us here. Green means go. Yellow means wrap it up. Red means
really wrap it up. You are recognized for 5 minutes.
STATEMENTS OF LINDA DEMPSEY, VICE PRESIDENT, INTERNATIONAL
ECONOMIC AFFAIRS, NATIONAL ASSOCIATION OF MANUFACTURERS; BRIAN
BIERON, EXECUTIVE DIRECTOR, PUBLIC POLICY LAB, EBAY, INC.;
LAURA K. DONOHUE, PROFESSOR OF LAW, DIRECTOR, CENTER ON
NATIONAL SECURITY AND THE LAW, GEORGETOWN UNIVERSITY LAW
CENTER; AND SEAN S. HEATHER, VICE PRESIDENT, CENTER FOR GLOBAL
REGULATORY COOPERATION, EXECUTIVE DIRECTOR, INTERNATIONAL
POLICY AND ANTITRUST POLICY, U.S. CHAMBER OF COMMERCE
STATEMENT OF LINDA DEMPSEY
Ms. Dempsey. Good afternoon, Chairman Terry, Ranking Member
Schakowsky, members of the subcommittee. I welcome the
opportunity to testify today on behalf of the National
Association of Manufacturers. The NAM is the oldest and largest
trade association with over 12,000 manufacturing members in
every State and every sector of the manufacturing economy. And
as this subcommittee knows well, manufacturing is an engine
that drives the U.S. economy, directly employing more than 12
million men and women.
A robust and multifaceted trade policy is a key component
to growing manufacturing in the United States. With most of the
world's consumers outside our borders and over $11 trillion in
manufactured goods traded worldwide, exports in sales present
enormous opportunity. Where there is a level playing field,
manufacturers in the United States are succeeding, as shown by
the fact that nearly half of all U.S. manufactured goods are
shipped only to our 23 trade agreement partners, with which we
also have a manufacturing trade surplus.
To grow more opportunities for manufacturers, we need more
trade agreements with more countries, and those trade
agreements must be strong, comprehensive, and tailored to meet
the challenges of the 21st century.
One of the biggest new commercial challenges globally is
the proliferation of new barriers to cross-border data flows
and foreign government localization barriers related to
information technology infrastructure. The use of digital
platforms, including sharing data and information across
national borders, is increasingly important to many businesses,
particularly manufacturers.
While some of our manufacturers produce and manage those
information technology infrastructure, most manufacturers are
actually consumers of these technologies. New information
technologies and services, such as cloud computing and software
as a service, machine-to-machine or M2M technologies, and
advanced analytics are advancing manufacturers' ability to
grow, be more productive, and more competitive.
These technologies are particularly vital to small and
medium-sized businesses, enabling them to acquire information,
market their products, and communicate with and serve foreign
customers much faster and in a much more cost-competitive
manner than ever before.
As information and communication technologies have
advanced, however, many countries are moving to restrict the
movement of data and where data can be stored for nothing more
than good old protectionist reasons. Manufacturers have seen
barriers adopted and considered in many markets, from Brazil,
China, India, and Korea, to Indonesia, Nigeria, Vietnam, and
Russia. And many governments are claiming national security
concerns, although the measures proposed go far beyond the
concerns expressed.
For companies that maintain their own servers, the
imposition of these types of restraints impede their ability to
implement their own business strategies, raises costs, and
could potentially force companies to make the choice between
doing business in a foreign country or not. These restrictions
also undermine cloud computing by reducing economies of scale,
forcing service providers to locate servers based on Government
mandate, not business decisions. The loss of cost-effective
cloud solutions would be particularly harmful to small business
manufacturers that increasingly rely on these technologies to
market and sell overseas.
Given the importance of this issue, in March the NAM board
of directors unanimously approved new policy language urging
that disciplines on these practices be included in U.S. trade
agreements going forward. We have seen efforts to address these
issues globally by APEC and the OECD, bilaterally by the United
States and Europe, and with Korea. Yet the trading system has
not fully kept place.
The NAM therefore urged the inclusion of negotiating
objectives on this issue as part of a new and modernized trade
promotion authority. And in January, the NAM welcomed the
bipartisan Congressional Trade Priorities Act of 2014, which
answered that call by including negotiating objectives to
include such disciplines in future agreements.
The NAM is working with U.S. negotiators in support of
binding provisions in future trade agreements, including both
the final TPP and TTIP talks, that will allow manufacturers and
other industries to move, access, and store information across
borders, prohibit requirements to establish or use local
servers, and ensure nondiscriminatory treatment of digital
products and services.
We agree that there can be areas where legitimate
exceptions to such binding commitments should be permitted,
such as with respect to national security, intellectual
property, privacy, and law enforcement. But such exceptions
should not be used to create unwarranted or protectionist-based
barriers.
We are seeking strong rules in the TPP and TTIP that can
set a global model. As manufacturers continue their efforts to
rebound after the recession, the last thing they need are
additional barriers or unnecessary costs. It is important that
the Congress and the administration work together to modernize
the trade rules through new trade agreements and a new trade
negotiating framework to address these growing barriers.
[The prepared statement of Ms. Dempsey follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Terry. Thank you.
Mr. Bieron, you are recognized for 5 minutes.
STATEMENT OF BRIAN BIERON
Mr. Bieron. Chairman Terry, Ranking Member Schakowsky, and
members of the subcommittee, thank you for giving eBay Inc. the
opportunity to testify on the role of cross-border data flows
in promoting commerce, economic growth, and opportunity.
Our company is a truly global business. 60 percent of our
marketplace business is outside the United States. We serve
over 152 million PayPal users in 2003 countries.
EBay Inc. is using technology to power global trade. The
eBay marketplace, PayPal payment service, and eBay Enterprise
enable hundreds of thousands of U.S. entrepreneurs and small
businesses, as well as midsized and large business, to reach
customers around the world. This is transforming trade by
allowing Main Street businesses to directly take part in
globalization, reaping the benefits of markets previously only
open to the largest global companies.
The 21st century global economy is built on data flows.
Every business that operates internationally depends on access
to digital services, including technology, logistics, finance,
and professional services. The Internet alone powers 21 percent
of GDP growth in advanced economies and facilitates $8 trillion
in e-commerce. It drives global economic and social progress,
and the U.S. Internet industry leads the way. But it should be
clearly understood that much of the benefit is gained by
traditional industries and businesses, 75 percent according to
McKinsey.
So, not surprisingly, America's leading industries are
united in their concerns about data protectionism. But our
unique experience at eBay and PayPal leads us to stress how the
Internet and mobile technology are now powering global trade by
small and microbusinesses. These entrepreneurial traders, such
as Tracey Johnson, who employs three people in Valley,
Nebraska, or Esther Ben Porat, who employs 12 people in
Lincolnwood, Illinois, they will be undermined in their
businesses if open cross-border data flows are restricted.
My team conducts research on the growth of global trade by
technology-enabled small businesses. In brief, the Internet and
platforms like eBay and PayPal are revolutionizing this global
trade. In the U.S., only 4 percent of traditional small
businesses export. On eBay, 95 percent export. Traditional
small business exporters reach an average of 2 markets a year.
On eBay, the average small business exporter reaches 30 markets
a year.
Technology-enabled small businesses survive at a higher
rate, and newcomers capture a larger share of the overall
market than in the traditional offline world. The global trade
regime is literally changing before our eyes, as enterprises
that historically were too small to break into global trade can
now directly participate.
This new inclusive globalization depends on four components
that make up what we call the Global Empowerment Network. They
are, one, access to the Internet; two, access to the global
services that exist on top of the Internet; three, an efficient
small package shipment logistics network; and, four, an
educational system for small businesses to learn about online
opportunities. Each of these components is undermined by data
restrictions requiring businesses to locate data centers, store
data, or process data in a specific country. These restrictions
impose meaningful economic and security harms.
These are nontariff trade barriers. Like all trade
barriers, they lead to inefficiencies, higher prices, and harms
to businesses and consumers. They harm U.S. businesses. But
just as importantly, they hurt businesses and consumers in the
markets that employ them.
Data localization proposals in countries like Brazil,
China, the EU, India, Indonesia, Korea, Vietnam have been
estimated to impact GDP from potentially a 10th of a percent to
1.7 percent, depending on the market. Small and midsized
technology-enabled business in each of those countries are
threatened.
Of course, the U.S. impact is key as well. The U.S.-based
global corporations will be harmed by the entire range of data
protectionist proposals. Costs are imposed, inefficiencies are
forced into the system, and opportunities are lost. But now,
because of Internet-enabled global commerce, small and midsized
businesses in every State and region of the United States will
be impacted.
Today we are witnessing the dawn of a new era of
globalization. Small and midsized businesses contribute to
their local economy and regularly serve customers around the
world at the same time. This is good economics because it means
more growth and wealth, and it is good for society because it
means a more inclusive form of globalization.
U.S. leadership is key to maintaining open global data
flows and pushing back on data protectionism. This should be a
top trade policy priority, to protect and promote growth at all
levels. And I look forward to answering any questions.
[The prepared statement of Mr. Bieron follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Terry. Thank you, Mr. Bieron.
Professor Donohue, you are now recognized for your 5
minutes.
STATEMENT OF LAURA K. DONOHUE
Ms. Donohue. Thank you very much. I would like to thank
you. Thank you, Ranking Member Schakowsky, and also members of
the committee for inviting me here today.
As you have noted, U.S. Companies dominate the digital
space: Web browsing, search, email, social networking,
traditional computing devices, smartphones, tablets. There are
few foreign analogs to Google, Facebook, LinkedIn, Twitter,
Instagram, Pinterest, myriad others who could compute with us
on a global basis. But the U.S.' position is now imperiled.
Documents released over the past year detailing the
National Security Agency's call record program and the
interception of content under the Foreign Intelligence
Surveillance Act directly implicated U.S. high technology
companies in Government surveillance. The result has been an
immediate and detrimental impact on U.S. industry.
The first documents revealed that the Government had served
orders on Verizon, directing the company to turn over telephony
metadata under Section 215 of the USA Patriot Act. The
following day, The Guardian published classified slides on
PRISM, detailing how the NSA had intercepted email, video, and
voice chat, videos, photos, stored data, Voice over Internet
Protocol, file transfers, video conferencing, online social
networking details. And the companies read like a who's who of
U.S. Internet giants: Microsoft, Yahoo, Google, Facebook,
PalTalk, YouTube, Skype, AOL, and Apple.
Slides showing the extent of so-called upstream collection
similarly stunned the public, showing that the NSA had bypassed
companies' encryption, intercepting data as it transferred
between servers and the cloud, and it had obtained millions of
email address books.
Beyond these revelations, reports show that the NSA has at
times posed as U.S. companies without their knowledge in order
to gain access to foreign targets. I have documented all of
this information in my written remarks. Three points follow.
First, these programs have cost the United States billions of
dollars. Second, they have pushed foreign countries to erect
trade barriers through data localization laws. And, third, they
have undermined U.S. national security.
This subcommittee is uniquely poised to address the problem
by supporting changes to FISA and U.S. privacy laws. It can
also push for the insertion of economic and commercial
representation throughout the national security infrastructure
to prevent this situation from occurring again.
So, first, the economic impact. In short, billions of
dollars are on the line because of worldwide concern that the
services provided by U.S. information technology companies are
neither secure nor private. Perhaps nowhere is this more
apparent than in cloud computing, arguably one of the most
important industrial sectors for the future. The Information
Technology and Innovation Foundation estimates that declining
revenues for U.S. cloud computing could reach more than $35
billion over the next 3 years. Other commentators have put the
losses as high as $180 billion by 2016, unless something is
done to restore confidence in U.S. industry.
The impact extends to high technology. Cisco, Qualcomm,
IBM, Microsoft, and Hewlett-Packard have all claimed declining
revenues as a result of the NSA programs. Servint, a Web-
hosting company next door here in Virginia, reports that its
international clients have dropped by 50 percent.
As a senior analyst at the Information Technology and
Innovation Fund explained, it is clear to every single tech
company that this is affecting their bottom line. In return,
companies have had to spend billions of dollars on new
encryption. And even as U.S. companies are losing money,
foreign companies are seeing their revenues increase.
The NSA's involvement in these programs also revealed the
extent to which it had became embedded in the architecture of
the Internet itself. And as a result there has been a backlash
that has led some commentators to raise concern that the
Internet will never be the same. At risk is the balkanization
of the Internet, undermining a traditional culture of open
access and increasing the cost of doing business.
As of today, China, Greece, Malaysia, Russia, South Korea,
Venezuela, Vietnam, and others have already implemented data
localization requirement laws. Turkey has introduced new
privacy regulations, preventing the transfer of personal data
overseas. Other countries, such as Argentina, Brazil, India,
and Indonesia, are actively considering new data localization
laws. Germany and France are considering a Schengen routing
system, retaining as much online data in the European Union as
possible.
The Snowden release has further implicated our multilateral
and bilateral trade negotiations. Two of the most important
underway are TTIP, the Transatlantic Trade and Investment
Partnership, and the Trans-Pacific Partnership.
Although the U.S. Trade Representative is trying to put
data protections on the table for the TTIP negotiations, the EU
has steadfastly resisted this. And as long as the European
public is strongly opposed to giving the United States access
to European data the future does not bode well for our efforts.
TPP, in turn, accounts for about 40 percent of global GDP,
about \1/3\ of world trade. Two of our objectives in those
negotiations are directly implicated by the Snowden releases:
e-commerce, telecommunications, and intellectual property
rights. The NSA programs weaken the USTR's hand with regard to
open access and safeguards against cyber surveillance.
This subcommittee has an opportunity to make a difference.
The most important thing you could do is to curb the NSA's
authorities under the Foreign Intelligence Surveillance Act. In
January 2014 the President announced the telephony metadata
program would be discontinued within 2 months. As of last
month, it was continued for another 90 days. The Section 702
program is more complicated. Overseas collection from non-USP's
is a concomitant of the foreign affairs powers of the
Government and outside the confines of the Fourth Amendment.
I would like to conclude. In addition to recognizing a
residual right in privacy that is held with third-party data
and passing new privacy acts, one of the greatest and least
discussed problems, international security infrastructure, is
the lack of economic and commercial representation. The
National Security Act does not include the Secretary of
Treasury as a statutory member. That is done by PPD. Other
economic concerns are not represented at a programmatic level
of the national security infrastructure. This committee could
change that structure to prevent this from happening in the
future.
[The prepared statement of Ms. Donohue follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Terry. Thank you, Professor.
Mr. Heather, you are now recognized for 5 minutes.
STATEMENT OF SEAN S. HEATHER
Mr. Heather. Thank you, Mr. Chairman and Ranking Member,
members of the subcommittee, for the opportunity to be here
today.
Members of the U.S. Chamber, large and small alike, across
all sectors of the economy rely on cross-border data flows to
run their businesses as well as create better products and
services. Let me share with you some examples of where cross-
border data flows are necessary as part of today's economy.
From anywhere in the world, medical diagnostic equipment
can now be serviced and even repaired remotely, saving valuable
downtime. Financial transactions take place globally in the
form of credit card services or the purchase or sale of stocks
and bonds. Every package that ships has data associated with
it, and as that package physically moves across borders so does
the data electronically. Insurance companies store policy
information in multiple server locations to be sure they can
access it in case of disasters. And perhaps most obviously, any
company with employees in multiple countries needs to have an
IT network that moves company emails.
For all of these reasons and thousands more, we must
understand that cross-border data flows affect all businesses,
not just ICT companies. Despite the paramount importance of and
benefits derived from having the ability to transfer data
across borders, some foreign governments continue to push for
restrictions on cross-border data flows. Within the last year,
we have seen more than a dozen countries consider such
measures.
Efforts to restrict cross-border data flows have been
fueled by revelations regarding U.S. Government surveillance.
This issue, while important, ultimately conflates concerns
about Government access and use of data with commercial access
and use of data. Attempts to limit the movement of commercial
data ignore the fact that a completely separate legal regime
often governs law enforcement activities.
In reality, foreign government efforts to require forced
localization of servers or to put in place local content
requirements are at their core often attempts to bolster
homegrown ICT industries.
The Chamber, as a part of an educational awareness campaign
in Indonesia earlier this year, assembled a panel of Indonesia
ICT startups. Their message to their government underscored
their need for cross-border data flows in order for them to be
successful. Their voice has sent a powerful message that data
localization efforts effectively walled them off from the rest
of the world.
Still, some foreign governments believe that requiring data
centers will be a boon to job creation. The truth is data
centers cost hundreds of millions of dollars but require fewer
than 150 employees to operate. Foreign governments often fail
to realize that jobs are created by businesses that rely on
cross-border data flows, exhibiting a fundamental failure to
understand how the digital economy operates and running a risk
of cutting the world out of the World Wide Web.
Cross-border data flow restrictions can also arise through
the complexity of complying with privacy frameworks across
multiple jurisdictions. All companies must abide by privacy
rules in the countries in which they operate. Many times
privacy regulations from country to country are nuanced and
rooted in important cultural and societal differences.
However, conflicting privacy rules between jurisdictions
can present significant problems to moving data. Thus, it is
imperative that governments work together to develop solutions
to ensure that privacy regimes facilitate trade in goods and
services that increasingly rely on data flows while protecting
privacy.
This is especially important as consumers too are mobile
and their expectations are that they can access information
when traveling, while at the same time they have assurances
that their data, regardless of where it is transferred, stored,
or accessed, is protected. The Chamber believes privacy
objectives and seamless movement of data can both be achieved.
Trade agreements can help. For example, the U.S.-Panama and
U.S.-Korea Trade Agreement both recognize the importance of
seamless flow of information. The Chamber's members support
ambitious cross-border data flows obligations in the TPP, TTIP,
and TISA. Ideally, these agreements should address data
transfers by including three key elements: one, a commitment to
allow cross-border data transfers; two, a prohibition on data
localization and local content requirements; and, three, a
nonexhaustive list of data transfer mechanisms.
In closing, the key takeaways from my remarks are, first,
cross-border data flows are critical to all sectors of the
economy, not just ICT companies; two, concerns over Government
access and use of data will not be addressed through laws
targeting commercial data; three, ICT industries are best
fostered where data flows seamlessly; four, privacy concerns by
Government must not mask protectionism aims; five, legitimate
privacy objectives can be supported through cross-border
cooperation between regulators; and, finally, going forward,
trade agreements must support cross-border data flows, push
back against forced localization and local content
requirements, endorse the seamless flow of data, and encourage
interoperability among privacy regimes.
It is well understood that the free flow of capital across
borders is important to the global economy. Without it, markets
seize up and economic growth stagnates.
Today I would submit, in this increasingly digital age, the
same can be said about the importance of data flows across
borders. Like capital flows, our economy and the world economy
are relying on cross-border data flows for businesses to
operate and for economic growth.
The Chamber appreciates the opportunity to be here before
the committee. Today's hearing importantly raises the profile
of this issue at a critical time. And we look forward to
working with this committee to preserving the movement of data
seamlessly across borders. Thank you.
[The prepared statement of Mr. Heather follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Terry. Thank you, Mr. Heather.
And well done, everyone. Appreciate the input. Now it is
our turn to ask questions to kind of dive deeper into your
statements.
But just my first question is a shallow question, but one
that helps us really define the significance of cross-border
data. And so to Ms. Dempsey, Bieron, and Mr. Heather, can you,
in your best estimate, tell us just either by dollar amount or
the percentage of your members or clients engage in cross-
border data transfers? Ms. Dempsey? Hundred percent? Fifty
percent? Ten percent?
Ms. Dempsey. Thank you, Mr. Chairman. That is a tough one
to answer quantitatively for NAM. I think information
technologies are clearly a driver of global trade. And the
growth in global trade that we have seen, particularly among
small businesses, has been driven in significant part by that.
We obviously have over $200 billion last year in actual
computer and electronic equipment, but the gains are much, much
more than that. But beyond that quantification----
Mr. Terry. OK.
Mr. Bieron. In the United States, the eBay commercial
sellers--so these would be when we have done our research
globally, we sort of pick $10,000 in sales a year simply
because we had to pick a number and that seemed like a nice
round number--so at that level in the United States, 97 percent
of them are exporting. And so they are interacting with
customers globally. And that number, in the upper 90s, tends to
be with our commercial sellers almost everywhere in the world.
So it is nearly everybody.
Mr. Terry. So out of that group, 97 percent. But how big is
that group?
Mr. Bieron. Hundreds of thousands in the United States and,
you know, about 2 times that globally.
Mr. Terry. Awesome.
Mr. Heather.
Mr. Heather. I, like the NAM, have a hard time quantifying
what the number would be in the U.S. Chamber's membership. But
I think, from talking with our members, what you see is the
frequency by which they are increasingly relying on cross-
border data flows. So you may have a small business that 5
years ago only once may have been looking online to source a
product that they needed outside of the United States, and
today they are doing that a dozen times in a year.
And so what I can speak to more is the frequency in which
companies are increasingly relying on cross-border data flows,
but some absolute number to give you across the membership
would be difficult.
Mr. Terry. All right.
Professor Donohue.
Ms. Donohue. Yes. Just to add to that, outside of e-
commerce, for the IP industry alone about 40 million American
jobs are tied directly to IP-intensive industries, which
stimulate about 60 percent of our exports, our merchandise
exports. So it is enormous numbers.
Mr. Terry. They are enormous numbers, and that is why we
want to set the table about how important this is.
The next part is we have all talked about how this has to
be discussed and negotiated in our trade agreements. Do you
think it would help Congress to weigh in with some level of
resolution, instructing or suggesting to USTR and the
Department of Commerce? Would that be helpful? And we will
start from right to left, just to be different.
Mr. Heather.
Mr. Heather. I think absolutely. If you look at language
that has been drafted in, for example, the trade promotion
authority legislation that has been out there for examination,
there is very positive language in that proposed legislation on
this issue. I think it would be important for this committee to
echo that, not only in order to give encouragement to the U.S.
Chamber of Commerce, who are working these issues hard, but to
send a signal to those trading partners that there is an
expectation that USTR brings that home when they bring home an
agreement for the Congress to consider.
Mr. Terry. Professor Donohue.
Ms. Donohue. So I would say it is not just important, but
essential that this committee actually weigh in on that. And it
is essential that they both weigh in on the importance of data
flows and data transfers and also doing something to give our
industry the ability to say things have changed, to increase
consumer confidence.
So really going after the source of the problem that is
really accelerated this movement toward data localization, to
say, no, we have now curved these surveillance authorities,
they are more transparent, we have more oversight. So you take
away the reason people might give for otherwise doing this. And
this committee can play a unique role in both ways.
Mr. Terry. Mr. Bieron.
Mr. Bieron. In a word ``yes.'' And to expound on that, I
think that trade negotiations and the global trade sort of
infrastructure moves very slowly. We all know that trade
agreements tend to be built on the previous trade agreement,
which is built on the previous trade agreement. They all take,
let's say, a decade to negotiate.
When you are dealing with the changes that are wrought by
the Internet where the global economy is changing so rapidly,
they very much need a very forceful direction to rapidly change
how the Internet is accounted for in our negotiating
objectives, because if we move our trade policy at the normal
speed that it moves, we will, like, miss most of what is
happening in the Internet.
Mr. Terry. That is a good point.
Ms. Dempsey. And I am out of time, so make it quick.
Ms. Dempsey. I agree. And I will just add, I concur with
all that my colleagues have said. It is so important for the
United States to speak with one voice on this issue. It is
moving fast. We are seeing this proliferation of other
countries trying to impose very protectionist policies under
the guise of security or privacy concerns. It is important for
you all to work together to move this issue forward.
Mr. Terry. Thank you.
Gentlelady from Illinois is recognized.
Ms. Schakowsky. Thank you, Mr. Chairman.
Mr. Bieron, I have--did I say that right?
Mr. Bieron. Yes.
Ms. Schakowsky. OK. I have a number of questions for you.
One of the reasons other countries are considering laws that
restrict cross-border data flow is the fear that their personal
and financial information is not being properly protected from
criminal cyber attacks. Earlier this year, this subcommittee
held a hearing on the Target and Neiman Marcus data breaches
that occurred late last year. And since then, we have heard of
a number of other large-scale data breaches, Michaels, Home
Depot.
In May of this year, news broke that eBay's system had been
breached and an unknown number of eBay's 145 million customers'
personal information, including names, phone numbers, home
address, emails, and encrypted passwords, were compromised. So
I am asking you if you have any sense now, more than 3 months
after the breach, of how many customers had their data exposed
during the breach?
Mr. Bieron. I don't believe that we know exactly how many
customers had their data accessed. The cyber attack that
resulted in the essentially stealing of names--as you said,
names, addresses, phone numbers--did prompt eBay to ask and
require all of our users to change their passwords before they
could reaccess the site.
So what it prompted, in our case, was the decision to, for
safety's sake, require everybody to change their password,
because user passwords, although accessed in an encrypted form,
they were accessed, encrypted passwords were accessed. And we
decided that the smartest and safest thing to do was to require
a password reset, which we implemented.
Ms. Schakowsky. Did the breach compromise eBay's customers
in countries other than the United States?
Mr. Bieron. It impacted our eBay customers globally.
Ms. Schakowsky. So I am sure you recall that eBay received
some criticism at the time the breach was announced about its
public response to the attack. There was an article in Wired
which noted that the initial warning about the breach was a
note on the eBay corporate Web site, not eBay.com. A statement
was also posted to PayPal's Web site that warned in its title
that eBay users should change their password, but the body of
the post offered no information, other than the words, quote,
``placeholder text,'' unquote.
And so in what ways, then, did you notify customers that
they should change their password, other than that?
Mr. Bieron. Well, I mean----
Ms. Schakowsky. PayPal.
Mr. Bieron. Sure. When we discovered that there had been a
breach of our system, the company rapidly worked to determine
what the extent of that breach was, when it was determined,
what the extent was. And we realized that the proper course of
action would be to have everyone reset their password.
Ms. Schakowsky. You still don't have a number?
Mr. Bieron. No. We still don't have a number because data
files we know were accessed that had names and addresses and
passwords and phone numbers. And as I would note, the passwords
were encrypted. They were accessed, but even now the exact
number of the data points in the files, we don't know exactly
how many ended up being withdrawn. So we know that----
Ms. Schakowsky. Well, I am just asking a simple question:
How many customers had their data exposed, not what happened
or----
Mr. Bieron. And that is what I am saying, we do not know
based on how the breach occurred exactly the number that was
accessed.
Ms. Schakowsky. Don't think that is important, and how are
you proceeding then?
Mr. Bieron. Well, how we proceeded was to require all of
our customers to reset their passwords.
Ms. Schakowsky. So are you ever going to know?
Mr. Bieron. I am not sure if our technical people will ever
know exactly the number. We do know that all of our users have
had to reset their passwords because of that. And actually I
believe that we have received quite a bit of praise for how
rapidly we were able to put in place a system to have everybody
have to reset their passwords and to notify all of our users.
Ms. Schakowsky. OK. Well, let me ask you. Different
countries have different laws regarding breach notification. So
how does eBay handle notification in the many different
countries in which it operates, or did you have the same
procedure, just change your password?
Mr. Bieron. We had the same procedures. We notified
everybody. And then when they were coming to our site, they
were stopped from proceeding and using the site until they
changed their password.
Ms. Schakowsky. In addition to that, have you made any
changes to your security and breach response procedures since
May that would respond to any future attacks?
Mr. Bieron. Yes. I think that I would prefer, if we could,
to respond in writing to give you a specific set of examples of
things that we have done. But there is no question that the
company looked very much at the kind of threats that are always
coming at an Internet business like ours and did make some
changes to address the way that this attack occurred.
Ms. Schakowsky. Thank you. I yield back.
Mr. Terry. Gentleman from New Jersey, vice chairman of the
subcommittee, is recognized for 5 minutes.
Mr. Lance. Thank you very much. And I did change my
password on eBay.
Ms. Dempsey, one of the chief concerns of the Energy and
Commerce Committee and certainly this subcommittee is to
promote the policies that reinvigorate the American
manufacturing economy and we hope create jobs here at home.
What do you think restrictions on data flows would have as a
result, based on what we would like to do to reinvigorate the
American economy?
Ms. Dempsey. Thank you, Congressman. And thank you for the
work of this committee.
On manufacturing, obviously, it is NAM's mission to grow
manufacturing in the United States. My position is to grow
manufacturing through international trade policies and
investment policies.
Restrictions on data flows, server localization barriers
are going to drive a stake through the heart of the growth in
manufactured exports that we have witnessed over the past
decades. We have seen more than a doubling of U.S.-manufactured
exports since 2002. We are at a record high, $1.38 trillion in
manufactured exports, which helped fuel the biggest
manufacturing output for the United States of over $2 trillion
in 2013. That is great news.
The bad news? There is $11 trillion traded outside our
borders in manufactured goods every year. The United States,
while we have increased manufactured goods exports, we have
lost market share. Our ability to compete overseas is
increasingly tied to different policies. Eliminating barriers
overseas, as I indicated, with new trade agreements.
These are some of the barriers that are becoming most
pernicious and are continuing to grow. We can succeed when we
have strong trade agreements, when we eliminate these barriers
overseas. We see that with our trade agreement partners. So if
we want to continue to grow exports and continue to have that
to be a source of manufacturing growth, eliminating these types
of barriers will go a long way.
Mr. Lance. And we have lost market share because the pie
has grown so much?
Ms. Dempsey. Yes. So other, new emerging countries. China,
obviously. The United States used to be the largest
manufactured goods exporter. We were overtaken by Germany and
then by China. We are number two. And we are doing well, but we
can do better. And we have a lot of other countries out there
who are working hard.
But I will say that some of the countries that are really
growing are those that are doing more to grow export
opportunities, grow trade agreements. I am always disheartened
to hear that companies are sometimes choosing Mexico as a venue
to put new factories. Not because of NAFTA. It is because
Mexico has a trade agreement with Brazil, and they have a lot
more in Japan and a lot more trade agreements than we do that
eliminate barriers.
So those are the types of things that impede us and putting
the United States back on the track to lead and lead in the
types of rules that we are going to have in the international
economy.
Mr. Lance. Thank you.
Is there anyone else on the panel who would like to
comment?
Seeing none, Mr. Chairman, I will yield back the balance of
my time.
Mr. Terry. Thank you.
I recognize the gentleman from California. You are
recognized for 5 minutes.
Mr. McNerney. Thank you, Mr. Chairman. I am glad I came to
the hearing today. It is a very interesting discussion, and I
appreciate that.
I am going to start with you, Professor Donohue. Your
testimony was pretty stark actually. I was on the Privacy
Working Group, so I have heard some of this before, the impact
of NSA activities and the disclosures about that on American
businesses. And it is not very comforting.
You said that this subcommittee has a role to play in
restricting NSA. Would you give us some suggestions or ideas.
Ms. Donohue. Sure. Sure. Thank you, Congressman McNerney. I
appreciate it. It is nice to see you again.
I think there are three roles, really, that this committee
could play. The first role is in supporting legislation passing
through Congress right now dealing with the Foreign
Intelligence Surveillance Act. Now, there are many bills
underway. Some of them accomplish different things to different
extents. But something needs to be done. Otherwise, our
industry and our USTR are in a position where they can't really
argue changed circumstances at all. And so I think it is very
important that something be done.
The second thing that this committee can do is to take a
look at the privacy laws and the ways in which consumer privacy
is or is not actually protected. So the U.S. and the EU, a lot
of ink has been spilled about how the two countries are so
different in terms of their privacy laws. I disagree. And my
written remarks go into some detail as to why I think we are
actually not that far apart from Europe.
But two ways in which we differ significantly that are
important are, first, in terms of third-party data and, second,
in terms of having an omnibus statute as opposed to single
statutes that drill down deeper, but in very narrow areas. In
the second instance, Europe has broader statutes, directives
that cross different areas. We have more narrow ones.
So one thing that this committee could do is look at a more
overarching framework. The Privacy Act is 40 years old this
year and is really a defunct piece of legislation. So that
needs to be looked at.
The first part of this, though, the third-party data
rights, the idea that you still have a right in information,
even though a third party holds it or a company holds it. Our
case law comes from the 1970s, from Smith v. Maryland. And we
have seen recently that the Supreme Court is coming to the
conclusion that the privacy implication and the privacy rights
implicated by new technologies are significantly deeper than
they were at a time when all we had were land lines. Now your
cell phones tells where you are 24 hours a day, who you are
with, what you are doing, what you read, what you believe, all
of this information.
And so this committee could get out ahead of the Supreme
Court in some ways and really recognize a consumer right to
privacy in an omnibus statute and in this way bring the U.S.
into line with the European Union on our own terms, but in a
way that again helps our USTR and TTIP and other negotiations.
Mr. McNerney. I mean, that sounds like something that could
happen on a bipartisan basis as well.
Ms. Dempsey. Oh. Absolutely. Yes. Yes.
The third, and this has gotten almost no attention, but I
have been really struck actually, and I say this as a scholar,
just looking at how this has played out, the National Security
Act does not include the Secretary of Treasury on the National
Security Council. So PPD-1 does. That is up to the President.
And when international economic issues are on the agenda,
then the President may invite the Secretary of Commerce, the
USTR, the Assistant to the President for Economic Policy, or
the Chair of the Council of Economic Advisors to NSC meetings.
The problem is, if the issue isn't front-and-center
international trade or international implications, that
economic representation is not there, the consumer side of
this, the commercial side of it, everywhere from the NSC down
to a programmatic level. And so there are ways that the
national security infrastructure fails to take account of the
things that this committee cares about in a way that would help
to prevent this kind of situation from arising in the future.
And I think the committee could play a very strong role there
by insisting that economic security, which from the founding
has been central to U.S. national security, that economic
security be taken into account as well.
Mr. McNerney. Thank you.
Mr. Chairman, I was wondering if I could have another 5
minutes. Just joking.
Mr. Terry. No. You can have 53 seconds.
Mr. McNerney. Mr. Heather, I think on your closing
statement you had five items that you mentioned. And the second
one I think you mentioned was that data-flow problems cannot be
addressed directly by dealing with commercial data. Did I
misunderstand that?
Mr. Heather. The second point was that concerns about
Government use of data and access of data are not going to be
addressed with regard to laws about commercial data. In other
words, concerns about NSA often conflate commercial use of data
versus Government use of data. So the solutions to dealing with
concerns about Government use are going to be different than
solutions for use by commercial data.
Mr. McNerney. Yes. Well, that is in line with what Dr.
Donohue was saying, basically.
Mr. Heather. Correct.
Mr. McNerney. All right. Mr. Chairman, I will yield back.
Mr. Terry. Thank you. I appreciate that.
Now Mr. Bilirakis, gentleman from Florida, is recognized
for 5 minutes.
Mr. Bilirakis. Thank you, Mr. Chairman.
And I thank the panel for their testimony today.
Mr. Bieron, you mentioned in your testimony that over 95
percent of small U.S.-based businesses using the eBay
marketplace platform engage in exporting versus 4 percent of
traditional businesses. Can you explain how you arrived at
these figures? In particular, what is a traditional business in
this context?
Mr. Bieron. Well, that was based on comparing data from the
eBay marketplace with data that, I believe, was Census Bureau
data that we had and a trade economist at the University of
Geneva actually analyzed. So U.S. Government data on small
business and their trading in the traditional economy compared
to the percentages of exporting going on over our marketplace.
Mr. Bilirakis. OK. Thank you. Next question, again, for Mr.
Bieron. Your testimony says that smaller businesses are
reaching roughly 10 times as many markets per year than the
traditional U.S. businesses. Please explain the difference in
these markets and their importance to the overall business
growth.
Mr. Bieron. That was simply data to explain sort of the
difference between the kind of global marketing that a small
Internet business can do. And again they are not businesses
that, like, just exist on the Internet. These are small
storefront businesses in many cases that also use the Internet.
So they are selling locally, and they are also able to reach
anyone who uses the services that they use. So if they are up
on eBay, they are being seen by 140 million customers
potentially around the world.
So the traditional business export model for small
businesses tends to be--and this is why only about 4 percent do
it--oftentimes they are small businesses that are either
located near a border, so they have customers coming across the
border regularly, or they have family connections, let's say,
to a particular country, so they have export relationships
through that. Or maybe they are a business that is part of
another bigger business' supply chain. So maybe they are
supplying a particular business in another country. This is why
small businesses traditionally have oftentimes only exported to
one or two countries a year.
In the Internet global business model, where you can be a
really tiny business but now you are literally being seen by
individual customers around the world and you are using your
Internet, combined with services like eBay and PayPal, combined
with then UPS, FedEx, the Postal Service to then ship packages,
so, like I said, on our site, the average number of export
markets for our--they are still tiny, microbusinesses in many
cases--ended up being just under 30 per year.
Mr. Bilirakis. OK. In your opinion, how difficult would it
be for a small business to reach the international marketplace
without cross-border data flows?
Mr. Bieron. Essentially impossible. I mean, today, as we
have heard, whether you are a giant, multibillion-dollar
business or you are an individual who wants to send an email to
somebody, at the end of the day it involves cross-border data.
So, I mean, you can't get paid by somebody outside the country
generally if you don't have an ability to have cross-border
data flow. So it underpins, whether you are a tiny individual
entrepreneur or a giant business, it underpins the way all kind
of cross-border business gets done.
Mr. Bilirakis. Thank you.
Thank you. I yield back, Mr. Chairman. Appreciate it.
Mr. Terry. That is all the folks that we have to ask
questions, so I guess that completes our hearing today, except
that all committee members, whether they were here or not, have
the opportunity to submit written questions to you. I don't
know if there will be any, but if there are any submitted to
you, I would appreciate about a 14-day turnaround. I think that
is pretty reasonable.
So with that, let's see, we do have two letters for the
record. Letter on behalf of the Marketing Research Association,
dated September 16, 2014, addressed to the ranking member and
myself.
Then the second one is a letter on behalf of the
International Affairs Division of the U.S. Chamber of Commerce
dated April 3, 2014, addressed to the Office of Science and
Technology Policy. Unanimous consent to submit those. No
objection, so ordered.
[The information follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Terry. And that concludes our hearing. Thank you very
much.
[Whereupon, at 3:05 p.m., the committee was adjourned.]
[Material submitted for inclusion in the record follows:]
Prepared statement of Hon. Henry A. Waxman
Today's hearing is on efforts to limit the electronic
movement of information across national boundaries.
The United States leads the world in technological
innovation. Digital trade-related exports totaled more than
$350 billion in 2011, up from about $280 billion in 2007.
In today's heavily digital commercial environment, cross-
border data flows are not just a normal part of doing business,
but also essential to the innovative capacity of U.S.
enterprises. Any limits on international trade, including
digital trade, will have an effect on the American economy and
American jobs. Recent industry reports find that the efforts of
foreign countries to restrict data flows--or even the threat to
do so--can hurt American businesses.
There is no doubt that foreign trust in the United States
Government and of U.S.-based companies has been hurt by
revelations since last year about the NSA's online surveillance
programs.
But other factors are also at work. Just like Americans,
citizens of other nations are concerned about the massive
amount of personal information being collected by private
companies and whether this information is secure. In Europe,
for example, the efforts to limit private data mining and to
ensure basic data security protections began long before Mr.
Snowden's name was known.
For example, in 2012, an Austrian law student sparked
outrage in Europe over his discovery that Facebook possessed
files of personal information on individual users that were
hundreds of pages long. Even earlier, several European
countries took action against Google's Street View service
after it was revealed that Google's Street View cars collected
personal information as they drove through the streets.
One way to help alleviate those fears and build trust is
for the United States to establish effective baseline privacy
and data security protections. That is why I have supported,
and continue to support, efforts to establish such protections
for consumers' information.
Regaining the trust of consumers worldwide is crucial to
the continued growth of Internet and communications technology
sector in the United States. That requires a multi-faceted
approach--through appropriate legislation and regulation, as
well as through trade negotiations and other administration
efforts to prevent harmful restrictions on cross-border data
flows.
I look forward to the witnesses' testimony and to our
discussion today of this important topic. Thank you.
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]