US official cites network separation, data localization policies as 'barriers' to Korea's AI rise
Russ Headlee, senior bureau official for cyberspace and digital policy at the State Department, speaks during a forum hosted by the National Bureau of Asian Research in Washington, June 23. Yonhap
WASHINGTON — A senior U.S. official on Tuesday cited South Korea's requirements for physical isolation of government servers and data localization policies as "barriers" to the rise of artificial intelligence (AI) in the Asian country, calling for a shift toward "modernized" digital regulations.
Russ Headlee, senior bureau official for cyberspace and digital policy at the State Department, made the remarks during a forum in Washington, warning against "appeals to digital sovereignty" that are "designed to discriminate against American companies."
"In the Republic of Korea (ROK), the rapid advancement of AI has hit barriers, including requirements for physical isolation of government servers and blanket data localization policies that, from our point of view, pose a significant risk for the ROK itself," he said during the forum hosted by the National Bureau of Asian Research.
"Our position is that digital sovereignty should mean verifiable control, not physical possession ... Shifting toward modernized regulations with logical server separation and cross-border data flows for low- to moderate-tier data would allow the ROK to harness the benefits of AI for the public sector, particularly for cyber defense," he added.
He was referring to cybersecurity measures in South Korea that require government networks managing sensitive data to be separated from public networks. He also pointed to policies requiring certain data to be stored, processed and transferred locally within national borders for privacy and security reasons.
Tuesday's forum focused on Korea's cyber regulatory landscape in the AI era -- a topic that Seoul and Washington have been discussing as part of efforts to deepen cooperation in the fast-growing technology field.
Headlee argued that in "most cases," regulatory policies born out of a push for "AI sovereignty" or "digital sovereignty" do not enhance national security interests, as he enumerated a set of policy measures that South Korea has considered or pushed for.
"Some of those policy measures ... include unnecessarily restrictive data localization requirements, blanket restrictions on foreign cloud providers, network usage fees targeting content platforms, and procurement rules that limit the government's ability to choose the most capable technology providers," he said.
"In most cases, these measures do not strengthen national security (and) economic security. They do not strengthen government oversight, and they do not strengthen domestic economies. What they do is raise costs, reduce competition, and critically, in many cases, they enhance security risks."
He then warned, "What the United States cannot accept in this area is appeals to digital sovereignty that are designed to exclude or discriminate against American companies."
Moreover, he made an implicit call for South Korea to partner with American tech companies, saying that "real AI sovereignty" means choosing partners "who will empower rather than create new dependencies," as well as pursuing a sovereign AI capability.
"American companies — this is true of AI companies, but it's true of American tech companies more broadly — can build large-scale independent infrastructure with secure supply chains. Indeed, no one does it better," he said.