For example, the question of data flows—specifically the flow of European citizens’ personal data to the US—is at the heart of disputes over the EU’s proposed Data Retention rules, the Safe Harbouragreement, and TTIP. Here’s what Article 2.1 of TISA’s e-commerce annexe would impose upon its signatories: “No Party may prevent a service supplier of another Party from transferring, [accessing, processing or storing] information, including personal information, within or outside the Party’s territory, where such activity is carried out in connection with the conduct of the service supplier’s business.”
What that means in practice, is that the EU would be forbidden from requiring that US companies like Google or Facebook keep the personal data of European citizens within the EU—one of the ideas currently being floated in Germany. Article 9.1 imposes a more general ban on requiring companies to locate some of their computing facilities in a territory: “No Party may require a service supplier, as a condition for supplying a service or investing in its territory, to: (a) use computing facilities located in the Party’s territory.”
Article 6 of the leaked text seems to ban any country from using free software mandates: “No Party may require the transfer of, or access to, source code of software owned by a person of another Party, as a condition of providing services related to such software in its territory.” The text goes on to specify that this only applies to “mass-market software,” and does not apply to software used for critical infrastructure. It would still prevent a European government from specifying that its civil servants should use only open-source code for word processing—a sensible requirement given what we know about the deployment of backdoors in commercial software by the NSA and GCHQ.
This sounds like yet another secret trade agreement the world does not need.