Cybersecurity & Tech Foreign Relations & International Law

Framework Interoperability: A New Hope for Global Digital Governance

Cedric (Yehuda) Sabbah
Monday, May 13, 2024, 9:52 AM

Governance of AI, human-machine interface, immersive, and quantum technologies will require balancing global integration and regulatory autonomy.

Participants at the World Economic Forum Global Technology Governance Retreat 2022 (World Economic Forum,; CC BY-NC-SA 2.0 DEED;

Published by The Lawfare Institute
in Cooperation With

Imagine how “Star Wars” would have turned out if the stolen data disk containing the Death Star plans did not fit in R2D2’s slot. This example, taken from Star Wars and Standards, illustrates the importance of technical interoperability. But an interconnected world requires more than technical interoperability: For cross-border interactions to occur, countries’ domestic frameworks also need to be interoperable. Bounty hunters like Boba Fett were able to operate freely across the galaxy because of common rules, recognized by different planets, that immunized them from law enforcement by domestic authorities. 

Enter framework interoperability: the ability of different frameworks to coexist and communicate with one another, thereby reducing regulatory friction between jurisdictions. Framework interoperability enables countries and international institutions to advance common policy goals while preserving some degree of domestic regulatory autonomy. Internet governance scholar Rolf Weber tackled this concept 10 years ago. While his paper focuses on interoperability of legal frameworks with respect to internet governance, it remains acutely relevant to digital governance generally. Notably, Weber notes that framework interoperability can strike a balance between the need for global integration in how the internet operates and countries’ push for regulatory autonomy. 

Framework interoperability is already a focus of global digital governance discussions. “Digital sovereignty,” “sovereign AI” and “tech nationalism” are all commonly used terms that signal a preference for greater regulatory autonomy. At the same time, notes Joel Trachtman, expansion of cross-border trade requires greater integration of regulatory frameworks; interoperability features prominently in international texts on digital governance, such as the U.S. Declaration for the Future of the Internet and the G7 Hiroshima Leaders’ Communique. The UN General Assembly’s AI Declaration refers to it no less than seven times, suggesting that interoperability may be called upon to play a greater role in global digital governance discussions.

The role of framework interoperability can be fully harnessed only with a deeper understanding of the concept, its uses, and its limitations. In this article, I build on Weber’s paper, with a focus on global governance of artificial intelligence (AI), immersive technologies, human-machine interface technologies, and quantum communications, with the hope of enriching global digital policy discussions.

An Overview of Framework Interoperability

Framework interoperability has long existed in the “analog” world. Take, for example, mutual recognition treaties in different fields (technical standards, of arbitral awards and foreign judgments, of professional degrees and qualifications). Mutual legal assistance treaties in criminal matters are premised on a similar assumption, whereby each country recognizes the basic validity and fairness of the other country’s criminal process, despite domestic differences. In a sense, most multilateral treaties that tackle major issues (human rights protection, transnational organized crime, trade, climate change) also promote framework interoperability, in that they create general obligations that countries can apply in a tailored fashion. Model laws, such as the UNCITRAL Model Law on International Commercial Arbitration, create interoperability, by developing uniform provisions that can be replicated by different countries, while allowing each country to make minor modifications to suit their domestic preferences. Interoperability can also stem from a court decision: for example, the European Court of Human Rights’s “margin of appreciation” doctrine. 

Examples of framework interoperability exist in the digital sphere as well. The Organization for Economic Cooperation and Development’s (OECD’s) Declaration on Government Access to Personal Data Held by Private Sector Entities sets forth shared principles, to preserve privacy in the context of law enforcement access to data held by companies, while acknowledging diverse privacy approaches between various OECD jurisdictions. Another example is the Internet & Jurisdiction Policy Network’s set of toolkits for DNS takedowns, access to data, and content moderation, which constitutes a comprehensive—though nonprescriptive—approach to each issue that can be adopted by countries and companies alike. (Note: The General Data Protection Regulation (GDPR) and its predecessor, the 1995 Directive on Data Protection, are also examples of framework interoperability, but one of a different kind: Here, the interoperability is one sided, not reciprocal, in that the non-EU country that seeks an adequacy determination must adapt its framework to that of the EU.) 

There are some recurring patterns in how interoperability emerges and how it can vary. For example:

  • Top-down vs. bottom-up: Interoperability can occur spontaneously, such as when countries replicate each other’s laws and policies (for instance, major elements of the GDPR have been replicated by various jurisdictions outside Europe). Interoperability can also occur through a deliberate decision by an international institution. When this occurs, a “meta-framework” is developed to host and facilitate countries’ domestic frameworks. Examples of meta-frameworks include the OECD AI principles, the Hiroshima Process, and the upcoming Global Digital Compact
  • Binding nature: When a decision is made to create a meta-framework, interoperability can manifest through different forms: declarations, taxonomies, mutual recognition agreements, treaties, and standards. Note how the OECD AI principles have substantially influenced countries’ AI strategies without being binding, highlighting the role of soft law. Subsequently, the Council of Europe’s Framework Convention on AI (not yet opened for signature) is largely based on the same principles and even adopts the OECD’s definition of AI, but an institutional choice was made to develop a binding convention as opposed to recommendations (Disclosure: I was part of Israel’s delegation in the negotiations.)
  • Level of integration: Some regimes are highly detailed about how interoperability occurs (like the Internet & Jurisdiction toolkits), while others are more generic and flexible, offering mere “compatibility” (for instance, the OECD declaration on government access to data).
  • Components of framework interoperability: Weber describes different types of interoperability: legal, organizational, semantic, and technical. In the internet context, it has typically been associated with technical standards such as those developed by the Internet Engineering Task Force (IETF), the World Wide Web Consortium (W3C), the Institute of Electrical and Electronics Engineers (IEEE), and the Internet Corporation for Assigned Names and Numbers (ICANN). Their development has enabled the internet’s complex array of physical infrastructure, protocols, and devices to function as a global meta-network, and they will no doubt continue to play an important role for the global diffusion of other emerging technologies. However, standards alone cannot ensure the continued functionality of a global internet. As the famous Yahoo vs. LICRA case demonstrates, countries have typically sought to overcome the borderless nature of the internet by enforcing domestic regulations. 

A deeper understanding of framework interoperability and its components allows meta-frameworks to be designed more deliberately and adaptively, to better address the autonomy/integration debates. Given the current and expected global impact of AI, immersive, human-machine interface, and quantum technologies, it’s important to explore how framework interoperability can be integrated in global digital governance discussions. 

Digital Governance: Framework Interoperability Awakens

As Weber indicated, framework interoperability can play an important role in balancing countries’ quest for digital sovereignty while avoiding full-fledged fragmentation. The challenge for international institutions is to develop appropriate meta-frameworks for different areas of digital governance. Below are some potential scenarios and suggestions.

Artificial Intelligence

The global AI governance landscape has become clearer over the past few years, and legal interoperability is already beginning to take hold. Global frameworks designed to accommodate diverse domestic approaches have been developed: the OECD AI Principles, the G7 Hiroshima Process, and the Bletchley declaration on frontier AI. Perhaps the most salient example of legal interoperability is the recent finalization of a Framework Convention on Artificial Intelligence, at the Council of Europe, where the EU, the U.S., Switzerland, the U.K., and other countries such as Canada, Japan, Australia, Mexico, and Israel took part in the negotiations. The subject of AI standards seems particularly promising: While the EU and the U.S. have each begun forging their own path toward AI standards, the International Standards Organization and IEEE have entered the fray of AI ethics. One interesting aspect of this work is that it connects the purely technical aspects of AI development and deployment, with human rights, social sciences, and ethics. 

Immersive technologies

The metaverse as it currently exists is essentially a set of proprietary “walled gardens” operated by different companies, functioning independently of one another. If the metaverse is to evolve into a universal ecosystem of immersive technologies (presumably, if the companies that have developed their respective metaverses see a financial benefit in doing so), then international framework interoperability can be expected to play a major role. Such a role would transcend the “gaming” aspects (allowing users within, say, Roblox, to use their skins and preserve their scores across platforms) but, rather, would cover the majority of interactions that occur in the metaverse—among businesses, governments, and citizens. To a large extent, existing legal regimes governing internet interactions continue to be relevant to metaverse interactions: civil law, criminal law, cybersecurity law, human rights, and so on. However, as the metaverse evolves and aspires to provide a seamless, cross-platform immersive experience, governments may seek to regulate metaverse-specific questions such as government authority over digital spaces, payment systems, the use of avatars in different contexts, and the like. Once governments begin to regulate aspects of the metaverse domestically, familiar discussions about the necessity to preserve its global character are bound to take place. This could, in turn, require new interoperable frameworks between countries.

Human-Machine Interface 

Companies wishing to develop and commercialize new human-machine interface (HMI) devices, such as Neuralink and the Meta Reality wristband, are bound by domestic legislation. Nita Farahany has urged the international community to address the human rights aspects of HMI devices by recognizing a right to cognitive liberty. This would likely entail agreement between countries on a common principle, which might be applied differently across jurisdictions. 

Quantum Communications 

Among the main applications of quantum physics, quantum communications appears the most susceptible to requiring some kind of technical interoperability, notably for quantum key distribution and quantum encryption. For example, the use of advanced encryption techniques could impel governments to address new iterations of the “going dark” debate, by attempting to regulate what kind of encryption can be provided by which actors, and to whom. Additionally, should governments wish to implement post-quantum cryptography requirements for sensitive sectors or critical infrastructure, it may be necessary for them to harmonize their approach in order to enable cross-border data flow. 

I have not discussed quantum sensing and quantum computing here, because the diverse nature of applications and technologies does not seem to suggest a particular trajectory for global framework interoperability at the current time. This assessment may need to be revisited as the use cases of technologies evolve. 


As Master Yoda memorably put it, “Always in motion, the future is.” To address the global governance challenges brought about by technological change, meta-frameworks established by international organizations are crucial. Initiatives such as the UN’s Global Digital Compact, the OECD Global Forum on Technology, and the U.S.-EU Trade and Technology Council embody a recognition that global digital governance is needed to provide some kind of balance in a world of conflicting forces and complex geopolitics. Framework interoperability can help achieve this balance by providing a space within which disparate domestic frameworks can coexist and interact. 

However, in harnessing this concept, international policymakers will face a number of challenges. First, for framework interoperability to be useful in addressing the fragmentation/integration dilemma, international institutions should make a conscious effort to implement it in the early stages of policy development. This requires an openness to information sharing and policy experimentation, as well as a careful assessment of the type of meta-framework that can produce the best outcome. Additionally, multi-stakeholder input should be channeled so as to ensure that, in the design of a meta-framework, the various layers of interoperability (technical, legal, semantic, and organizational) are duly taken into account. Indeed, global governance of technologies can be described as “polycentric,” and its multilayered complexities must be taken into account.  

Second, interoperability is not a goal in and of itself but a means to an end, namely to ease cross-border regulatory friction when countries deem it appropriate. At the same time, it should be borne in mind that the vast majority of today’s technological developments are driven by private companies of all sizes. International institutions that seek to promote framework interoperability may wish to include small and midsize enterprises in the global conversation, as well as the plethora of stakeholders.

Finally, in promoting framework interoperability between countries, geopolitical divides remain a “phantom menace” that must not be ignored. The discussions of a new cybercrime treaty at the UN show the limits of interoperability: In some cases, deeper alignment may simply not be possible. This raises the questions of how much effort should be invested in creating interoperability at the global level and whether we are moving toward a partially fragmented model of governance, in which interoperability is not global but, instead, exists between a limited number of countries based on geopolitical alignment

This article was written in the author’s personal capacity and does not represent the views of the Ministry of Justice or the government of Israel.

Cedric Sabbah is Director, Emerging Technologies, at the Office of the Deputy Attorney General (International Law), at Israel's Ministry of Justice. He is a Ph.D. candidate at the Hebrew University of Jerusalem, researching extraterritorial jurisdiction and internet governance.

Subscribe to Lawfare