This Article evaluates the existing regulatory framework for cross-border data flows across Bahrain, Djibouti, Jordan, Kuwait, Morocco, Nigeria, Oman, Pakistan, Rwanda, and Saudi Arabia. A common factor among these countries is that they are members of the Digital Cooperation Organization (“DCO”). It considers how these countries have devised laws, regulations, and policies on cross-border data flows to enable digital trade, and how these instruments promote the growth of a robust digital economy, both domestically and internationally. The Article then offers policy recommendations for DCO members to consider in developing relevant laws and regulations on data flows.

These recommendations focus on three main areas: facilitating data enablers, improving data safeguards, and minimizing data restrictions. In terms of facilitating data enablers, the Article recommends that DCO members engage in regional negotiations to create mechanisms for cross-border data flows for digital trade, update their regulatory frameworks to participate in existing mechanisms such as the Cross-Border Privacy Rules (“CBPR”) mechanism, and actively consider participating in digital trade negotiations. For improving data safeguards, the Article recommends that DCO members implement and enforce data protection laws and regulations, consider joining the Global Privacy Assembly, and establish independent data protection authorities. In terms of minimizing data restrictions, the Article recommends that DCO members review and remove any existing data localization requirements, avoid enacting new data localization measures, and develop mechanisms for cross-border data transfers that are consistent with international standards.