数据跨境网络安全审查实施的基本构建

The basic construction of the implementation of data cross-border network security review

数据跨境流动作为全球数字贸易新的增长点,给国家发展带来新的机遇,但无序的数据流动可能损害国家安全利益,故有必要研究数据跨境下的网络安全审查制度,这对实现国家数据安全保护具有重要意义。网络安全审查制度自建立以来,审查范围不断扩大,审查内容更加聚焦,审查程序逐步完善,为确保我国数据安全提供了法律保障。然而,由于网络安全审查体系分散,审查标准不明确,与其他数据出境评估制度出现审查内容重叠,导致出现重复评价的弊端,使得网络安全审查在落地实施中依然存在困境与难点。对此,需要建立数据分类分级安全审查制度,完善网络安全审查机制,整合数据跨境安全体系,提供新的救济途径,并积极参与区域数据跨境合作规则构建,从而实现数据跨境流动自由与安全的激励相容。

As a new growth point of global digital trade,cross-border data flow has brought new opportunities for national development,but disorderly data flow may harm national security.In the era of digital economy,the development of Internet information technology makes it easy to transfer data across borders.Large-scale cross-border data flow,storage and technical analysis of data aggregation have also brought new challenges and risks to countries.Therefore,some countries have taken measures to deal with the security risks of cross-border data flow.As cross-border data flow is a necessary means of national data security protection,its legal regulationis both necessary and practical.Under the dual goals of safeguarding national security and promoting economic development,China has issued a series of relevant laws and policies,and established relevant legal systems such as the data export security assessment system,including the network security review systemand the data export control system,which are of great significance for realizing the orderly flow of data and data security protection.As an important part of the national security review system,China’s network security review systemis an innovative system to improve China’s network security,data security and capabilities of guaranteeing infrastructure security for critical information.Compared with other national data evaluation systems,the network security review system has stronger national security considerations and can achieve direct legal effect.In order to implement the requirements of laws and regulations such as the Data Security Law,the network security review system has been expanding its scope since its establishment,not only reviewing the procurement of network products and services for critical information infrastructure,but also increasing the data processing activities of data processors,and defining the standards for network platform service providers to accept network security reviews.The review procedure has been gradually improved.The network security review system ensures the data security of China.At the same time,the cross-border flow of data is emerging,while there are many problems in the implementation of network security review because of the lack of the laws.It can’t be denied that China’s network security review basis is scattered,the review rules are unclear,the powers and responsibilities are unclear,and the review content overlaps with other data exit assessment systems,leading to the drawbacks of repeated evaluationand a lack of relief channels.Therefore,there are still difficultiesin the implementation of network security review.In this regard,it is necessary to take important data as the starting point,identify them,and establish both a data classification system and a classification network security review system.It is also critical to improve the network security review mechanism,enrich the network security review standards,optimize the responsibilities of network security review agencies,integrate the data cross-border security system,and distinguish the institutional arrangements for network security review and other data evaluation.Other measures to be taken include providing new relief channels,incorporating cyber security review procedures into judicial review,and actively participating in the construction of regional cross-border data cooperation rules to define the scope of application of cybersecurity review between countries,thus achieving the compatibility of incentives between the freedom of cross-border data flow and security.