July 16, 2021

US, EU converge on global taxation

In a move with major implications for global internet governance, the European Commission “put on hold” its work on a digital services tax (DST) until October. The announcement came after the G20 nations came to a loose agreement to adhere to a minimum corporate income tax rate of 15%. The G20 effort to eliminate jurisdictional competition over corporate tax rates was spearheaded by the Biden administration which, like the Europeans, is hungry for additional tax revenues but constrained by international forum shopping by multinationals. The U.S., however, sees a DST as unfairly targeting global platforms, almost all of which are American. Fourteen European countries have already proposed or implemented a tax on certain revenue streams of large digital companies such as Facebook, Google, Apple and Amazon. Because of their concentrated impact on American firms, the U.S. deemed DSTs discriminatory and responded with a Section 301 investigation of France that could have triggered retaliatory tariffs. An EU-wide digital tax was proposed as a replacement for this patchwork of national DSTs, but the Biden administration believed that the contentious DST proposal would undermine US-Europe collective action on the minimum corporate income tax. Apparently, the EU officials agreed and suspended its work. The EU-wide DST is only postponed, however; failure to make progress on the global minimum corporate tax could revive it.

China data paranoia stalls digital expansion

In a series of actions based on the Communist Party’s increasingly closed, isolationist approach to data and Internet governance, the Cyberspace Administration of China (CAC) has expanded the scope of cybersecurity reviews. One victim of this approach is any digital company trying to raise capital from foreign stock markets. In 2017, China passed a Cybersecurity Law and regulations that prohibited foreign cloud providers from interacting directly with Chinese customers. The law also tried to make it impossible for the data generated by platforms or stored with cloud providers to be transferred out of the country. Apparently these harsh measures did not generate a feeling of data security in China. In June of this year, it passed a new Data Security Law with even more extensive controls. On July 10, 2021 the CAC website published an amended set of Cybersecurity Review Measures based on the new Data Security law. The proposed measures broaden the scope of a cybersecurity review beyond “critical infrastructure” to any data processor and any supplier of products and services to data processors. The review is no longer limited to cybersecurity risk, but will also consider data security, supply chain security, national security, and the legal compliance status of the suppliers. Any operator that holds the personal data of more than 1 million users must apply for cybersecurity review if it plans to list in a foreign country.

In line with these changes, the government made an example of ride-hailing platform Didi Chuxing, which had rushed ahead with a NYSE listing. The CAC shut off all new users and removed it from all app stores while it underwent the required “cybersecurity review.” The actions devastated the company’s stock price and punished investors who participated in its initial public offering. China also subjected two other companies with recent U.S. listings to the review, and reports emerged that ByteDance, the owner of Tiktok, refrained from its planned IPO due to warnings from Chinese regulators.

The Chinese government’s data paranoia is disintegrating capital markets as surely as its Great Firewall has bordered internet content. The U.S. Holding Foreign Companies Accountable Act, which was signed by former President Trump in December of last year, banned foreign companies from listing on U.S. stock exchanges if their audits haven’t been inspected by American regulators. The failure of Chinese coffee firm Luckin, which cooked its books but could not be inspected, created a justifiable concern about auditing Chinese companies. Chinese data-nationalists, however, fear that inspections of Chinese companies by American regulators/auditors could reveal sensitive information about Chinese operations, owners and users.

In the meantime, China’s Ministry of Information Industry and Technology (MIIT) issued a  three-year plan to develop China’s own cybersecurity industry. China’s cybersecurity products and services sector is sized at $38B and estimated to be growing at 15% annually. In comparison, the global market is estimated at $158B and is growing at 11% per year.  Interestingly, the anodyne 3-yr plan explicitly states the need to “give full play to the role of various types of capital support.”

Cuba’s Internet shutdown

Internet blackouts and brownouts are common in Cuba, but most technical experts see the current Internet downtime as a deliberate attempt by the government to prevent the protest movement from using social media on mobile devices to communicate and coordinate. Internet connectivity analysts such as Doug Madory of Kentik identified two total blackouts on the afternoon of Sunday, July 11, when the protests occurred. The NetBlocks Internet Observatory website said that Facebook, WhatsApp, Instagram and Telegram were partially disrupted on Monday and Tuesday. Reuters reported NetBlocks director Alp Toker as saying “The pattern of restrictions observed in Cuba indicate an ongoing crackdown on messaging platforms used to organize and share news of protests in real-time.” The protests were forcibly suppressed and the next day gangs of government supporters patrolled the streets. Cuban President Miguel Díaz-Canel said in Granma, the official newspaper of Cuba’s Communist Party, that the protests were a “strategy of subversion so outrageously mounted, so perverse, so maliciously promoted on social networks.” According to Díaz-Canel,“This is media terrorism.”