In the context of today's big data and cloud computing,the global flow of data has become a powerful driver for international economic and investment growth.The EU and the U.S.have created two different paths for ...In the context of today's big data and cloud computing,the global flow of data has become a powerful driver for international economic and investment growth.The EU and the U.S.have created two different paths for the legal regulation of the cross-border flow of personal data due to their respective historical traditions and realistic demands.The requirements for data protection have shown significant differences.The EU advocates localization of data and firmly restricts cross-border flow of personal data.The U.S.tends to protect personal data through industry self-regulation and government law enforcement.At the same time,these two paths also merge and supplement with each other.Based on this,China needs to learn from the legal regulatory paths of the EU and the US,respectively,to establish a legal idea that places equal emphasis on personal data protection and the development of the information industry.In terms of domestic law,the Cybersecurity Law of the People's Republic of China needs to be improved and supplemented by relevant supporting legislation to improve the operability of the law;the industry self-discipline guidelines should be established;and various types of cross-border data need to be classified and supervised.In terms of international law,it is necessary to participate in international cooperation based on the priority of data sovereignty and promote the signing of bilateral,multilateral agreements,and international treaties on the cross-border flow of personal data.展开更多
Cross-border data flows not only involve cross-border trade issues,but also severely challenge personal information protection,national data security,and the jurisdiction of justice and enforcement.As the current digi...Cross-border data flows not only involve cross-border trade issues,but also severely challenge personal information protection,national data security,and the jurisdiction of justice and enforcement.As the current digital trade negotiations could not accommodate these challenges,China has initiated the concept of secure cross-border data flow and has launched a dual-track multi-level regulatory system,including control system for overseas transfer of important data,system of crossborder provision of personal information,and system of cross-border data request for justice and enforcement.To explore a global regulatory framework for cross-border data flows,legitimate and controllable cross-border data flows should be promoted,supervision should be categorized based on risk concerned,and the rule of law should be coordinated at home and abroad to promote system compatibility.To this end,the key is to build a compatible regulatory framework,which includes clarifying the scope of important data to define the“Negative List”for preventing national security risks,improving the cross-border accountability for protecting personal information rights and interests to ease pre-supervision pressure,and focusing on data access rights instead of data localization for upholding the jurisdiction of justice and enforcement.展开更多
基金This article is supported by Law and Technology Institute,Renmin University of China.All mistakes and omissions are the responsibility of the author.
文摘In the context of today's big data and cloud computing,the global flow of data has become a powerful driver for international economic and investment growth.The EU and the U.S.have created two different paths for the legal regulation of the cross-border flow of personal data due to their respective historical traditions and realistic demands.The requirements for data protection have shown significant differences.The EU advocates localization of data and firmly restricts cross-border flow of personal data.The U.S.tends to protect personal data through industry self-regulation and government law enforcement.At the same time,these two paths also merge and supplement with each other.Based on this,China needs to learn from the legal regulatory paths of the EU and the US,respectively,to establish a legal idea that places equal emphasis on personal data protection and the development of the information industry.In terms of domestic law,the Cybersecurity Law of the People's Republic of China needs to be improved and supplemented by relevant supporting legislation to improve the operability of the law;the industry self-discipline guidelines should be established;and various types of cross-border data need to be classified and supervised.In terms of international law,it is necessary to participate in international cooperation based on the priority of data sovereignty and promote the signing of bilateral,multilateral agreements,and international treaties on the cross-border flow of personal data.
基金This article is funded by National Social Science Foundation’s general project“Theoretical and Practical Research on International Criminal Judicial Assistance in Combating Cybercrime”(Project No.:19BFX073)National Social Science Foundation’s major project“Translation,Research and Database Construction of Cyberspace Policies and Regulations”(Project No.:20&ZD179).
文摘Cross-border data flows not only involve cross-border trade issues,but also severely challenge personal information protection,national data security,and the jurisdiction of justice and enforcement.As the current digital trade negotiations could not accommodate these challenges,China has initiated the concept of secure cross-border data flow and has launched a dual-track multi-level regulatory system,including control system for overseas transfer of important data,system of crossborder provision of personal information,and system of cross-border data request for justice and enforcement.To explore a global regulatory framework for cross-border data flows,legitimate and controllable cross-border data flows should be promoted,supervision should be categorized based on risk concerned,and the rule of law should be coordinated at home and abroad to promote system compatibility.To this end,the key is to build a compatible regulatory framework,which includes clarifying the scope of important data to define the“Negative List”for preventing national security risks,improving the cross-border accountability for protecting personal information rights and interests to ease pre-supervision pressure,and focusing on data access rights instead of data localization for upholding the jurisdiction of justice and enforcement.