Not so long ago, the world’s economy was flat, and data was borderless. Currency – in the form of bits of data – was exchanged freely, across country borders, continents, and oceans. This transactional freedom powered the world’s economy.
Today, things are different. The economy is still powerful, but global trade is much less flat than it used to be and countries are taking more restrictive approaches to data sharing. Indeed, as outlined in an important New York Times article, more than 50 countries, including many of the U.S.’s closest allies, are racing to create digital borders to control their sovereign data like never before.
This is a good thing.
Data sovereignty protects citizens, governments, and businesses. It’s especially critical now, in an environment where geopolitical forces are disrupting the global economy, supply chain shortages are prevalent, and the threat of cybersecurity attacks is ever-present.
It’s ironic, though, while the world is now digitally interconnected, individual countries are enacting regulations dictating the terms of such interconnectedness, especially as it pertains to data ownership and sovereignty. Against this backdrop, a critical question is begged:
How can organizations continue to share sensitive data with third-party partners without sacrificing control, security, privacy, or sovereignty?
One potential solution is the Trusted Data Format (TDF). The TDF is an open standard and data-centric policy control engine that exists at the core of Virtru’s business. The TDF gives people, developers, and organizations a simple and easy way to share data without sacrificing an ounce of data sovereignty.
Rather than taking a macro approach to security – an approach that is no longer sufficient in a borderless data world – TDF allows information owners to take a micro approach to data protection. With TDF organizations can assign unique policies to protect the sovereignty of data flowing across borders via emails, files, and SaaS applications. Essentially TDF is a protective wrapper that can be easily applied to granular data objects – a digital bodyguard that follows the data wherever the data flows for as long as the data lives.
Protected by TDF, data remains secure and private no matter where it resides. That could be within the European Union, which enforces the General Data Protection Regulation (GDPR); in South Africa, with its Protection of Personal Information Act; or in any of the 50+ countries that plan to enact stringent data sovereignty rules.
Most notably, the data remains protected even as it passes outside those countries' borders. It can be freely exchanged and remain secure, at rest and in flight.
Ownership and control of the data are maintained by whoever created the data. It doesn’t matter if it’s an individual working at a corporation in Paris, a representative of a Berlin-based government agency, or a citizen of Toronto. TDF gives the owner the power to attach rule-based access controls to their data, dictating who has access to it, what level of access they have, how it can be used, and so forth. Owners can rescind access, manage the flow of information, and adjust security policies as necessary.
Since the advent of data sovereignty laws, many users and organizations have raised concerns about the ability to exchange information in a world that seems to be closing its borders on international data sharing. They acknowledge the need for data protection but worry about how data sovereignty rules will impact their ability to work with international partners and impede business growth, innovation, and even national security.
Simply stated, the world is begging for an open industry standard to enable organizations (companies and countries) to share data with one another without sacrificing security, privacy, control, or sovereignty.
We believe TDF should be the standard, with its ability to secure sharing using encryption that keeps data protected and under the data owner's control. Take a peek for yourself and see what you think. You’ll be surprised at how easy it can be to share data without sacrificing digital sovereignty.