When data rules diverge, digital trade suffers. Diverging data regulations hamper digital trade. This report analyses differences in G20 members' data governance rules across 45 dimensions.

Main findings include:

• Significant heterogeneity exists in data flow and sanction regulations, less so in data processing rules.
• “Fragmentary by design" policies such as data localisation pose direct risks. But subtle differences in nondiscriminatory policies also hamper international trade.
• Compliance costs, legal uncertainty and liability risks drive "bottom-line fragmentation". Firms may exit markets due to unintentional policy spillovers.

Suggested policy priorities:

• Clarify ambiguous rules at home. Learn from partners abroad. Domestic regulators should develop clear, interoperable data rules and share best practices internationally.
• Forge interoperability through mutual recognition and shared principles. Trade negotiators should build bridges between regulatory regimes through mutual recognition, internationally accepted certification and data standards as well as shared principles.

The first part of this report provides an in-depth comparative analysis of regulatory approaches to data governance across the G20 members. Along 45 dimensions, it compares regulations on data processing, data flows including localisation and transfers, as well as sanctions. This systematic comparison aims to pinpoint areas of regulatory heterogeneity that may hinder digital trade.

The report's second part then summarises the state of data governance rules in each individual G20 member. It provides an overview of major policy developments and enforcement highlights to deliver rich context. In addition, these summaries cover secondary legislation and country-specific regulations that go beyond the systematically compared 45 dimensions.