Unravelling cross-country regulatory intricacies of data governance: the relevance of legal insights for digitalization and international business

In an era of digital transformation, where data is often referred to as the 'new oil' of business, with data privacy and cyber-security incidents recurrently making the headlines, international business (IB) scholars are increasingly grappling with the challenges posed by disparate data governance regulations. Recognizing the growing importance of this topic for IB research and policymaking, our paper seeks to offer a comprehensive examination of cross-country regulatory intricacies of data governance, frequently described by IB scholars as 'complex' and 'pluralistic' institutional contexts. This allows us to explore the various implications of diverse data governance regulations on international business, thus laying the groundwork for rigorous IB policy studies in this area. As a preliminary finding, we highlight a greater need for international cooperation, where both policymakers and multinational enterprises play a pivotal role. Using the EU data governance framework as an illustrative example, we structure our discussion around four policy areas of data governance: data use; data transfers; data storage; and data flows. We aim for this categorization to serve as a foundational basis for future IB research, aiding in tackling one of the most pressing digital challenges of this day and age: reconciling data privacy and security with data-driven innovation.