by Atek Shuvo (Policy Intern at CELI)
Digital sovereignty is the capacity of a state to have power over its digital infrastructures, data flows, and technological reliance separately.[1] The data localisation requirements, content moderation rules, and digital services taxes (DSTs) are enforced by many states to safeguard the national interests of national security, privacy, and financial wellbeing.[2] Contrary, bilateral investment treaties (BITs), bilateral investment treaties seek to facilitate and secure cross border investment, by ensuring fair and equitable treatment (FET), non-discriminatory and compensation in case of expropriation.[3] The investor state dispute settlement (ISDS) clauses contained in most BITs allow private investors to challenge sovereign regulatory measures before international arbitral tribunals.[4]
The Expanding Definition of “Investment” in the Digital Era
Traditional BITs were drafted with tangible assets in mind. Modern arbitral practice, however, has broadened the concept of protected investment. Tribunals frequently apply the four-pronged Salini test: contribution of resources, certain duration, assumption of risk, and contribution to the host state’s economic development.[5] Increasingly, intangible digital assets satisfy these criteria. User bases, contractual rights to data flows, algorithms, and even raw datasets have been recognised at least in principle as investments when linked to substantial activity in the host state’s territory.[6]
The intangible and often extraterritorial nature of digital assets nonetheless creates uncertainty. When data is stored on cloud servers located abroad, its territorial nexus becomes contested.[7] Tribunals have adopted holistic approaches, aggregating contracts, goodwill, and data-related rights to establish jurisdiction.[8] Perhaps most significantly, trademarks a close analogue to certain digital intangibles were expressly recognised as protected investments in Bridgestone v Panama.[9]
Digital Sovereignty Measures as Potential Treaty Breaches
Measures adopted in the name of digital sovereignty frequently collide with BIT disciplines:
(a) Data localisation: India[10], Indonesia[11], and several other jurisdictions mandate local storage and processing of certain categories of data. Such requirements increase compliance costs for foreign investors and may be challenged as indirect expropriation or violation of FET[12].
(b) The EU’s GDPR: While primarily a privacy instrument, the GDPR’s strict rules on international data transfers can impair the business models of data dependent investors, giving rise to potential FET claims.[13]
(c) Digital services taxes: France, the United Kingdom, and others have introduced DSTs targeting revenue derived from digital activities within their territories. Where these taxes disproportionately affect foreign (predominantly US) firms, they risk breaching national-treatment and Most Favoured Nation obligations.[14]
(d) Content and platform regulation: India’s 2021 ban on TikTok and threatened US measures against Chinese applications illustrate how national-security-based restrictions can trigger claims of denial of justice or expropriation.[15]
Key Cases and Emerging Jurisprudence
Two ongoing or recent disputes illustrate the stakes:
- Einarsson and Geophysical Service Incorporated v Canada concerns a Canadian requirement to disclose proprietary seismic data collected at considerable expense. The claimants allege indirect expropriation and breach of FET under the Canada–US–Mexico Agreement (successor to NAFTA).[16]
- Bridgestone v Panama (2020) confirmed that trademarks qualify as investments, setting an important precedent for other intangible digital assets such as algorithms and datasets.[17]
These cases highlight the difficulty of valuing digital assets and the risk that sovereignty-driven regulation will be second guessed by private arbitrators.[18]
The Regulatory Chill Paradox and Macroeconomic Consequences
The mere prospect of multi million dollar ISDS awards creates a well-documented “regulatory chill”.[19] Developing countries, which remain heavily dependent on FDI inflows attracted by BITs, face a particularly acute dilemma: the same treaties that bring capital also constrain policy space for digital industrialisation.[20] Cross-border data flows estimated to contribute trillions to global GDP are especially vulnerable to fragmentation.[21]
Pathways Toward Reconciliation
Recent treaty practice reflects growing awareness of these tensions:
- India’s 2016 Model BIT and the Netherlands’ 2019 Model Investment Agreement contain broad “right to regulate” clauses and essential-security exceptions.[22]
- EU agreements such as CETA include explicit public-policy carve-outs and proportionality requirements.[23]
- UNCITRAL Working Group III is examining systemic ISDS reform, including greater transparency and the possible creation of a multilateral investment court.[24]
Multilateral initiatives at the WTO (Joint Statement Initiative on E-commerce) and OECD (Pillar One/Two) also seek to harmonize digital taxation and data-flow rules in ways that preserve legitimate regulatory autonomy.[25]
Thus, the bilateral investment treaties and digital sovereignty have shown a fundamental clash between state regulatory self-determination and investor safeguards in the virtual economy. In the absence of a conscious reformation by the means of reformulated treaty texts, more explicit carve-outs, and multilateral coordination, the existing structure will continue to give precedence to individual rights against general interests, subordinate the internet as a whole, and inhibit sovereign digital policy-making. Such a moderate position, where the specifics of digital objects are acknowledged and the genuine interests of the community are preserved, is not only desirable but also feasible.
[1] Martina Francesca Ferracane, ‘Data Flows and National Security: A Conceptual Framework to Assess Restrictions on Data Flows under GATS Security Exception’ (2019) 21(1) Digital Policy, Regulation and Governance 44.
[2] Anupam Chander and Uyên P Lê, ‘Data Nationalism’ (2015) 64 Emory Law Journal 677.
[3] See, eg, Agreement between the Government of the United Kingdom and the Government of the Republic of Colombia for the Promotion and Protection of Investments (signed 17 March 2010, entered into force 10 October 2014) art 2.
[4] UNCTAD, World Investment Report 2023: Investment and New Industrial Policies (UN 2023) ch III.
[5] Salini Costruttori SpA and Italstrade SpA v Kingdom of Morocco, ICSID Case No ARB/00/4, Decision on Jurisdiction (31 July 2001) para 52.
[6] Mira Burri, ‘The Governance of Data and Data Flows in Trade Agreements: The Pitfalls of Legal Adaptation’ (2017) 51 UC Davis L Rev 65.
[7] ibid 75–77.
[8] Bridgestone Licensing Services, Inc and Bridgestone Americas, Inc v Republic of Panama (ICSID Case No ARB/16/34) Award (14 August 2020) paras 170–185.
[9] ibid.
[10] Reserve Bank of India, Storage of Payment System Data, RBI/2017-18/153 (6 April 2018); Personal Data Protection Bill (India) 2019, cl 91.
[11] Republic of Indonesia, Government Regulation No 71 of 2019 on the Provision of Electronic Systems and Transactions (GR 71/2019), arts 20–21
[12] L D Cuatrecasas, ‘International Investment Policy and the Coming Wave of Data-Flow Disputes’ (2022) 11 Michigan Business & Entrepreneurial Law Review 285.
[13] Ibid.
[14]Alice Pirlot and Henri Culot, ‘When International Trade Law Meets Tax Policy: The Example of Digital Services Taxes’ (2021) European Law Open (special issue) https://ora.ox.ac.uk/objects/uuid%3A647c9873-4b09-4f2f-906b-6680726a6051 accessed 18 November 2025.
[15] Chander and Lê (n 2) 715–720.
[16] Theodore David Einarsson, Harold Paul Einarsson & Russell John Einarsson v Canada, ICSID Case No UNCT/20/6, Notice of Arbitration (18 April 2019).
[17] Bridgestone v Panama (n 8).
[18] Ferracane (n 1) 1228–1232.
[19] UNCTAD (n 4) 12–15.
[20] Georgios Dimitropoulos, ‘Investment Law and the Digital Economy’ (2025) Journal of International Dispute Settlement 16(3) idaf020.
[21] McKinsey Global Institute, Digital Globalization: The New Era of Global Flows (MGI 2016) https://www.mckinsey.com/business-functions/mckinsey-digital/our-insights/digital-globalization-the-new-era-of-global-flows accessed 18 November 2025.
[22] Model Text for the Indian Bilateral Investment Treaty (2016) arts 2.4, 5; Netherlands Model Investment Agreement (2019) art 2(3).
[23] EU–Canada Comprehensive Economic and Trade Agreement (CETA) (provisionally entered into force 21 September 2017) annex 8-A.
[24] UNCITRAL Working Group III, ‘Possible Reform of Investor-State Dispute Settlement (ISDS)’ (ongoing mandate since 2017).
[25] WTO, Joint Statement on Electronic Commerce (launched 2019) https://www.wto.org/english/news_e/news19_e/ecom_21nov19_e.htm accessed 18 November 2025.
