The Caribbean Internet Governance Policy Framework

The Caribbean Internet Governance Policy Framework (CIGPF) is a regional reference document for Internet governance policy. First published in 2009 and now its fourth edition, the CIGPF is a product of the Caribbean Internet Governance Forum (CIGF), the world’s first established regional Internet Governance Forum. The CIGF is convened annually by the Caribbean Telecommunications Union (CTU), CARICOM’s specialised institution for ICT.

The CIGPF operate within the working definition of Internet governance established by the World Summit on the Information Society (WSIS) Tunis Agenda (2005): the development and application, by governments, private sector and civil society, of shared principles, norms, rules, decision-making procedures and programmes that shape the evolution and use of the Internet. This definition anchors the CIGPF six thematic areas:

• Infrastructure for Connectivity
• Internet Technical Infrastructure and Operations Management
• Legal Frameworks and Enforcement
• Internet Content Development and Management
• Public Awareness and Capacity Building
• Research

What Is Data Governance

Data governance refers to the frameworks, policies, rules and institutions that determine how data is collected, stored, processed, shared, transferred across borders, monetised and used, by governments, businesses and individuals. Data governance is not limited to data generated on, transmitted by or accessed via the Internet. It can encompass data created in any context including:

• Health records compiled offline
• Agricultural sensor data collected in the field
• Government administrative records
• Financial transaction data
• The outputs of artificial systems trained on all of the above.

For Caribbean Small Island Developing States (SIDS), where data is generated across agriculture, fisheries, health, climate and financial services, the majority of systems built to process data are outside the region and controlled from there as well. This presents a sovereignty and development concern. A lack of governance frameworks to assert sovereignty and ensure benefits for those generating the data has lead to an increasing outflow of data that is processed elsewhere which can then be returned as services for which the Caribbean pays.

This scope can be viewed as what separates data governance from Internet governance.

What the CIGPF Addresses

While data is mentioned in the CIGPF, it is within the specific context of the listed six strategic areas. These mentions, given the greater understanding of the importance of data in 2026, do not constitute a guide or framework, as gaps exist.

CIGPF Section	Current Data Reference	Gap
3.1.3 Legal Frameworks and Enforcement	Recommends the establishment and uphold laws and regulations that ensure secure, protected, and privacy-respecting electronic transactions, in line with UN standards on digital privacy.	Lack of framework for data ownership, cross-border data flows, data sovereignty or the governance of data generated offline or outside Internet transactions and subsequently used via the Internet.
3.1.4 Internet Content Development	Recommends creating and making available “open data sets to promote transparency and entrepreneurship.”	No governance framework for open government data, public sector data standards or conditions under which public data may be used.
3.1.2 Technical Infrastructure – Cybersecurity	Address data security as a network operations and cybersecurity concern, including incident response, ISO 27000 standards and CSIRT frameworks	Security of data in transit over the Internet is addressed. However, governance of data at rest, data in AI systems and data generated in offline contexts is absent.

The above three mentions do not equate a framework or guide to data governance and reflects the scope of the Internet governance framework. The WSIS definition of Internet governance, which grounds the CIGPF, does not encompass the full spectrum of data governance questions.

The Global Digital Compact and WSIS+20 Review

The Global Digital Compact (GDC) and the WSIS+20 review outcome have explicitly elevated data governance to a primary international policy concern, both having direct obligations and opportunities for the Caribbean.

The GDC identifies data governance as one of its foundational pillars and called on all countries and regional bodies to develop governance frameworks addressing:

• Data protection and privacy
• Cross-border data flows
• Equitable access to data
• The governance of data used in AI systems

The GDC explicitly recognises that the current absence of harmonised data governance frameworks disadvantages developing countries and SIDS, and called for regional architectures to address this gap.

The WSIS+20 review concluded with an adopted resolution titled “Outcome document of the high-level meeting of the General Assembly on the overall review of the implementation of the outcomes of the World Summit on the Information Society” (A/RES/80/173​). In this resolution data governance has been treated as a distinct topic separate from Internet governance, with linkages to development, human rights, innovation and economic growth. These are not primarily Internet governance concerns.  

CIGPF Inclusion vs a New Digital Governance Framework

Should data governance be incorporated into a future CIGPF issue, or does the Caribbean require a new companion Caribbean Digital Governance Policy Framework (CDGPF)?

Data governance can be viewed as the governance of what the Internet has made possible and not the governance of the Internet itself and would apply to offline activities.

Given the need for regulatory and institutional frameworks that may go beyond the ICT sector, the CTU invites all stakeholders to consider:

1. Whether data governance can be adequately housed within the CIGPF’s Internet governance mandate
2. Whether the CTU should initiate a multistakeholder process for the development of a Caribbean Digital Governance Policy Framework as a companion to the CIGPF.

REGISTER

Caribbean Internet Governance Policy Framework Consultation – Data Governance

Draft Agenda

Time	Session
13:00	Opening Remarks and Welcome • Welcome and meeting objectives • Importance of the consultation to the Caribbean digital policy landscape
13:05	Overview of The Caribbean Internet Governance Policy Framework (CIGPF) and Emerging Data Governance Issues • Overview of the CIGPF • Emerging regional and global data governance considerations
	Global Developments — Global Digital Compact (GDC) and WSIS+20 Review Outcomes • International policy developments • Data governance obligations and opportunities • Relevance for regional frameworks
	Internet Governance vs Data Governance — Similarities, Differences and Areas of Convergence • Comparative overview • Governance scope distinctions • Implications for Caribbean SIDS • AI, sovereignty and digital economy considerations
13:45	Multistakeholder Consultation and Open Discussion Guiding Questions: • Can data governance be adequately incorporated into the CIGPF? • Does the Caribbean require a companion Caribbean Digital Governance Policy Framework (CDGPF)? • What governance gaps should be prioritised? • What institutional arrangements may be required? • How should AI and emerging technologies be addressed?
14:55	Summary of Key Recommendations and Emerging Consensus Areas • Priority issues identified • Proposed next steps • Stakeholder contributions and follow-up process
15:00	Closing Remarks

OPEN IN NEW WINDOW

Concept Note

VIEW SESSION