[8] The Snowden revelations on the National Security Agency's (NSA) PRISM program provided a catalyst for global data sovereignty discussions.
[9] The program was designed “to "receive" emails, video clips, photos, voice and video calls, social networking details, logins and other data held by a range of US internet firms” such as American tech companies like Facebook, Apple, Google, and Twitter among others.
[12][13] Microsoft refused, stating that this transfer would result in the company breaking data localization and protecting laws in the EU.
[14] The initial ruling was in favor of the US government, with Magistrate James Francis concluding that American companies “must turn over private information when served with a valid search warrant from US law enforcement agencies".
It is believed that by restoring control over data, new possibilities for improvement will open and lead to increased understanding, dialogue, accountability, and even "informed decision-making"[19] which one could argue would give the power back to indigenous people.
In fact, it is believed that if statistical capacity is increased it could be the exact pivoting point that indigenous peoples will need in order to better "assert data sovereignty".
[23][24] Some scholars argue that in order for the creation of a complete global genomic conservation effort to be feasible, it will need to work within the framework of Indigenous data sovereignty.
[23] At the United Nation’s level, the UN General Assembly formally agreed to adopt the UN’s Declaration on the Rights of Indigenous Peoples.
As part of Canada's IT strategy for the years 2016–2020, data localization measures were discussed as a way to uphold citizens' privacy.
[11] In 2017, it was discovered that Shared Services Canada and the Communications Security Establishment were "exploring options for sensitive data storage on U.S.-based servers" with Microsoft".
It also includes an addendum that establishes extraterritorial jurisdiction for its rules to extend to any data controller or processor whose subjects are EU citizens, regardless of the location the holding or processing is conducted.
This forces companies based outside of the EU to reevaluate their sitewide policies and align them with another country's law.
A common criticism of data sovereignty brought forward by corporate actors is that it impedes and has the potential to destroy processes in cloud computing.