Can nation states, especially those in the Global South effectively regulate Global Tech Companies? Should they try? Why is it important to separate the data localization issue from data protection? GDPR is not fully enforceable even in Europe; should it be the model for countries in the Global South? I explored these questions and more in a keynote given at the Policy and Internet Conference organized by University of Sydney September 28-29, 2022.