The Chapman Law Review is proud to publish Michelle Norris’s article: “Senator . . . I’m Singaporean!”: Privacy Regulation and Data Transfers in Cross-Border Corporations. Below, you will find the abstract from the article.

“Senator . . . I’m Singaporean!”: Privacy Regulation and Data Transfers in Cross-Border Corporations

Michelle Norris

Abstract

A recent congressional hearing involving social media companies, including TikTok and Facebook, made headlines when Senator Tom Cotton of Arkansas grilled the TikTok CEO, Shou Zi Chew, repeatedly asking him if he had ties to China or its Communist Party. The Singaporean CEO, who has served as TikTok’s CEO since 2021, repeatedly replied, “Senator . . . I’m Singaporean!” While Senator Cotton, evoking McCarthy-era sentiments, was severely criticized for his racism and what appears to be a lack of understanding about corporate governance, another problem emerged.

TikTok, which is a subsidiary of the Chinese-owned ByteDance, operates in countries around the world and stores its data in Malaysia, Singapore, and the United States. In today’s global privacy landscape, each of these countries has differing privacy laws that, at times, conflict regarding how to handle and transfer data. The lack of consensus on how to store and transfer consumer data exposes corporations to the potential risk of hacking if proper oversight and precautions are not followed.

Accordingly, with data becoming a new global currency for expanding businesses, governments must work together to find a solution that streamlines the handling, storage, and transfer of data. Using the United States-Mexico-Canada Agreement as a baseline to create a cross-border data transfer treaty, this Article proposes a multilateral agreement akin to the General Data Protection Regulation to protect consumer data and remove confusion about conflicts of law.