Yik-Chan Chin,Jingwu Zhao

DOI: https://doi.org/10.3390/laws11040063

2022-08-16

Laws

Abstract:In modern international competition and cooperation, digital trade rules centered on the cross-border flow of data have become a competitive advantage for countries. Under the guidance of commercial freedom, the United States chooses to actively promote the free flow of data across borders. The European Union has placed the protection of personal data rights before the cross-border flow of data through the General Data Protection Regulation (GDPR), and developing countries generally reserve space for industry policy interpretation. As one of the world’s largest economies, facing the needs of domestic industrial development and the pressure of international systems, China’s cross-border data flows’ policy is to ensure data flows under the premise of security, protection of personal information, seek international coordination of rules, and the freedom of transmission. The key question, therefore, is how to facilitate interoperability or find a middle ground among the divergent approaches in order to avoid the fragmentation of the digital trade system. The article suggests that a thin and narrowly scoped WTO agreement on e-commerce rules on cross-border data flows with sufficient policy space to accommodate different needs, policy preferences and priorities, and local contexts via legitimate exception provisions would be a welcome movement.

W.Gregory Voss,

DOI: https://doi.org/10.17323/1996-7845-2022-01-03

2022-03-15

International Organisations Research Journal

Abstract:Today, cross-border data flows are an important component ofinternational trade and an element of digital service models. However, they are impededby restrictions on cross-border personal data transfers and data localization legislation. ThisArticle focuses primarily on these complexities and on the impact of the new EuropeanUnion (“EU”) legislation on personal data protection—the GDPR. First, this Articleintroduces its discussion of these flows by placing them in their economic and geopoliticalsetting, including a discussion of the results of a lack of international harmonization of lawin the area. In this framework, rule overlap and rival standards are relevant. Once thissituation is established, this Article turns to an analysis of the legal measures that havefilled the gap left by the lack of international regulation and the failure to harmonize law:extraterritorial laws in the European Union (regional legislation) and the United States(state legislation); and data localization laws in China and Russia. Specific provisionsrestricting cross-border personal data transfers are detailed under EU legislation, as are theinternational agreements that have been invaluable in allowing flows between the UnitedStates and the European Union to continue—first the Safe Harbor, and now the Privacy Shield. Finally, in this context, the role of data governance is investigated, both in thecontext of data controllers’ accountability for the actions of other actors in global supplychains under EU law and under the Privacy Shield. Thus, this Article goes beyond the lawitself, to place requirements in the context of the globalized business world of data flows,and to suggest ways that companies may improve their compliance position worldwide.

Hao Xu

DOI: https://doi.org/10.61173/kqm1nt77

2024-06-06

Abstract:International digital trade is accelerating the speed of economic globalization and is becoming a new driver of economic growth. Data, as a key production factor, is ubiquitous in digital trade. This paper combines research on the topics of economy and trade in the digital era and further relates to cross-border data flows, to analyze regulations and governance of data flows in different economies, especially comparing the core elements involving cross-border data flows in regional agreements such as the CPTPP, the DEPA and the RCEP, to explore the rationality and necessity of various types of regulations. Besides, from investigating the specific development of the international community to discuss the real governance dilemma about strict regulation and fragmentation of data flows, to explore the solution to the problem of balancing cross-border data flows and risk prevention in international trade from legal regulation.

Chao Wu

DOI: https://doi.org/10.1016/j.techsoc.2024.102457

IF: 6.879

2024-01-01

Technology in Society

Abstract:In recent years, data privacy has attracted increasing public concerns, especially with public scandals from top Internet companies, emerging over inappropriate data collection, lack of transparency in data usage, and manipulation of users' preferences. This has led to responsive efforts from multiple sectors of society to constrain the violation of individuals’ data privacy. Among these efforts, the regulations like GDPR are the most influential, which are believed to be able to change the foundation of the whole data ecosystem. The main concern of current regulation is data transparency, designed to enable individuals to make rational decisions about their data. However, I argue that transparency cannot mitigate a key issue of data privacy, which is the right of receiving benefits from data. This issue is getting severe with the rapid development of the data economy and will become the essential problem of social welfare and fairness in the AI era. I further point out that the key to solving this issue is to migrate the current centralized data utilization paradigm to a new decentralized paradigm. Based on the recent technical advancements, I propose an applicable pathway to implement such a paradigm. And to realize a fair and sustainable data eco-system, joint efforts should be made within this paradigm.

Xuezhu Zhao

DOI: https://doi.org/10.54254/2753-7064/37/20240178

2024-05-31

Abstract:The arrival of the big data era has made most countries realize the importance of data resources for economic development. On the one hand, data flow promotes trade between countries, and on the other hand, the rapid expansion of the scale of multinational business giants has led to a proliferation of incidents of illegal collection and utilization of user privacy, putting national security at risk.In 2019, WTO members of the e-commerce negotiations put forward proposals for cross-border data flow based on their own positions, and major countries such as China, the United States, Russia and other major countries have all put forward different proposals.It can be seen that data flow regulation has become a key topic in the international arena nowadays, with sufficient necessity and practical significance. As a result, this paper adopts the comparative analysis method, normative analysis method and other research methods to analyze the issue and make suggestions on the direction of China's legislation.

Zhuoru Zhang

DOI: https://doi.org/10.54097/49setj81

2024-08-08

Abstract:In the context of globalization and the rapid development of digital economy, data has become a new factor driving the development of productivity, and cross-border data flow has also become a key factor promoting international trade, investment and knowledge exchange. As two major data economies, the United States and the European Union have different legal frameworks and practice models in the management of cross-border data flows. The United States adopts a relatively decentralized and market-driven approach, regulated mainly through industry guidelines and federal and state laws. In contrast, the EU has formed a relatively unified legal system centered on personal privacy protection based on the General Data Protection Regulations (GDPR). This paper analyzes the cross-border data flow governance strategies of the United States and Europe to develop a suitable framework for China that incorporates international best practices while adapting to China's specific context. It suggests that China should learn from these advanced economies to create a flexible and effective data flow management system, ensuring a balance between data security and open communication. It also recommends enhancing China's data protection laws to align with its Civil Code and other legal systems, and advocates for China's participation in international efforts to establish global data governance standards. Ultimately, this paper outlines key considerations and strategic directions for China's future data governance strategy, offering insights and recommendations to support its modernization efforts.

Mira Burri

DOI: https://doi.org/10.1093/oxrep/grac042

2023-01-01

Oxford Review of Economic Policy

Abstract:Abstract This article is set against the complex backdrop of the evolution of the data-driven economy and its regulation, and seeks to provide a better contextualization of the topic of data protection as a matter of trade law. It looks at the recent proliferation of rules on data flows, specifically addressed in free trade agreements (FTAs), at how data protection has been framed in these treaties, as well as at the available reconciliation mechanisms developed to interface trade and privacy. The article explores the most advanced models that have been developed in this regard so far, with a focus on some US-led and EU-led treaties. These analyses build the basis for testing the conjecture as to whether trade law has gone too fast and too deep, encroaching on domestic privacy law developments that unfold at a much slower pace.

economics

F. Casalini,Javier Lopez-Gonzalez

DOI: https://doi.org/10.1787/B2023A47-EN

2019-01-23

Abstract:The ubiquitous exchange of data across borders has given rise to a range of concerns by governments and citizens about some of the effects of so much information being collected and used, often without the knowledge of data subjects. This has led countries to condition or prohibit the transfer of data abroad, affecting trade in the process. This paper develops an indicative taxonomy of domestic approaches to cross-border data flow regulation and local storage requirements; it then surveys international instruments that address the question of international data transfers. The paper then examines the issues that data flow restrictions might raise for consumers and businesses. Against this backdrop, the paper highlights the challenge of finding balance between ensuring that important objectives, such as consumer privacy and security, are met while maintaining the benefits from free flows of data, including the benefits from increased and more inclusive digital trade.

Business,Economics,Political Science

Xi Yang

DOI: https://doi.org/10.1088/1742-6596/1848/1/012026

2021-04-01

Journal of Physics: Conference Series

Abstract:Abstract Cross-border data flow is characterized by multi-direction and rapid dynamic gridding in the big data era. Accordingly, these characteristics necessitate effective regulation for crossborder data flows. The US and the European Union (EU) follow their respective regulatory models for cross-border data flows by considering each one’s economic, political, and historical traditions. The “geographically based” policy of data flows, characterized as internal and external, is the basic position adopted by the EU on cross-border data flows. Although the US regulatory path favors (in principle) the free flow of data across borders, this country actually adopts data protectionism for data involving critical technologies and security areas. Given the political system differences among China, the EU, and the US, China can learn from the experiences of the US and the EU, actively seek value balance between data regulation and free flow, construct its own regulatory model, and establish a diversified data management system. Lastly, China should also actively participate in the international regulation competition on cross-border data flows, thereby giving the country a voice in the international arena.

Dr. Seema Singh,Prerna

DOI: https://doi.org/10.69953/njrs.v9i2.9

2024-05-30

Abstract:We are living in a world where information systems are becoming a new weapon to control the future. When the data flows across national borders, it becomes an invaluable resource for economic and informational development in any nation. Today, cross-border data flows are an important component of international trade because companies are frequently transfer customer’s and employee’s data across different countries. This paper will examine the importance of the free flow of cross-border data and its privacy concerns. It also examines the failure of the Information Technology Act, 2000, and the Digital Personal Data Protection Act, 2023, to provide protection from cross-border data transfer; specifically, the Digital Personal Data Protection Act, 2023, is silent on the criteria of listing countries for data transfer and the processing of personal data of those data principals who are living outside India. Some countries have implemented laws pertaining to “data localization” as a means to restrict the movement of data outside their respective borders, but it affects international trade and development. So, it raises a question: What kind of and how much data do nations have to restrict for cross-border data transfer internationally? This paper analyse the General Data Protection Regulation of the European Union, the Cross-Border Privacy Rules of the Asia-Pacific Economic Cooperation of the United States, and the Privacy Shield Framework between the EU and the US. In the end this paper concludes with suggestions for the privacy of cross-border data and the need of uniform law for its worldwide applicability.

Yuxin Tian,Hanwen Zhang

DOI: https://doi.org/10.54254/2753-7048/16/20231127

2023-10-26

Abstract:In the era of digital economy, the power struggle and legal challenges arising from cross-border data flows have become increasingly prominent, making data governance a focal topic in the international community. Countries are competing and cooperating in formulating rules on cross-border data flows, as this phenomenon becomes more significant with the global popularity and rapid development of big data-based digital products like ChatGPT. As traditional powers in this field, the United States and the European Union have established long-arm jurisdiction systems with unique characteristics and have engaged in multiple rounds of fierce gamesmanship over dominance in global data flow governance standards, while constantly seeking power balance in bilateral cooperation. Through historical research, comparative analysis, and case studies, this paper analyzes and summarizes the governance principles, regulatory models, and competitive and compromising processes of transatlantic data flows, leading to the conclusion that Chinas data governance strategy should balance data security and data freedom, while transforming its approach to regulating data outflows and emphasizing the importance of efficiency values in maintaining data sovereignty. By expanding international cooperation and promoting the signing of regional data flow agreements, China can enhance its voice in the global data governance system.

Yijing Sun

DOI: https://doi.org/10.62051/zk428812

2024-10-10

Abstract:In the era of big data, international trade has gone through a digital transformation and developed into a new stage of digital trade. The gradual prosperity of digital trade and the increasing contribution of digital elements to the economy of countries and the international community also bring about problems such as data abuse, surveillance, privacy infringement, and regulatory difficulties. In order to adapt to the development trend of digital trade, countries are paying more attention to cross-border data flow and data privacy protection, in order to maintain national security and the data security of various entities. Therefore, this article analyzes the current situation and trends of digital trade, considers the security issues of data privacy from the perspective of different entities, links key issues such as cross-border data flow, data rights, and privacy rights, explores the current status of relevant domestic and foreign legal and regulatory systems, and conducts comparative analysis. The analysis results show that due to different values, there are significant differences in policies regarding digital trade and privacy protection among countries. The commonality is that none of them have established appropriate legal protection systems for data elements and privacy rights to promote the development of digital trade. Under the trend of technological development, data privacy will also be impacted by new technologies through digital trade. Therefore, in response to the expanding demand for data regulation, all entities should improve their privacy protection and cross-border data flow policies and standards from both internal and international perspectives.

Jingting Liu,Ulrike Sengstschmid,Yixuan Ge

DOI: https://doi.org/10.2139/ssrn.4547683

2023-01-01

SSRN Electronic Journal

Abstract:With the growing digital economy, personal data protection during data transfers has become a key concern. The study examines the landscape of cross-border data transfer regulations in the ASEAN region and the various compliance challenges faced by businesses. The analysis and discussion focus on the effectiveness and limitations of region-wide mechanisms like ASEAN model contractual clauses, the interoperability of laws, the specific challenges faced by small- and medium-sized enterprises (SMEs) and business implications of Vietnam's data protection decrees. It also evaluates external influences on ASEAN's data transfer regulations by examining the prevalence of provisions on free data flow and limiting data localisation in free trade agreements that ASEAN countries are party to. We find that Singapore is a major influencer within ASEAN, while Australia is a key external influencer in promoting free data flows and limiting data localization. However, harmonizing data regulations through trade agreements in ASEAN remains limited due to numerous exceptions to relevant clauses. To facilitate smooth data transfers within the region, we outline a policy roadmap for both national governments and ASEAN as a regional organisation: In the near term, reducing ambiguity and raising awareness of personal data regulation compliance should be prioritized. In the longer-term coherent cross-border data transfer mechanisms across the region and perhaps at an even larger scale should be goal.

Yuqian Lyu

DOI: https://doi.org/10.54097/cq74rw08

2023-12-31

Abstract:Every part of life, work and friendship has been inseparable from the Internet. When we casually click on the links on the network, when we need to enter personal information on the network due to work and policy, when enterprises are used to storing most of the data in the emerging cloud computing service platform, when the official website of the core departments of the country was maliciously attacked. We are facing more frequent information leakage in the era of big data. Especially with the trend of multinational corporations, regional interoperability, and the integration of the world economy, data and information can flow across borders without obstacles. Undoubtedly, cross-border business trade, project co-operation, geo-location, and server tracking are necessary, but the large amount of data recording, flow, and tracking brings great risks to personal privacy, business secrets, and the maintenance and stability of national security. As a result of the growing awareness of the risks and drawbacks of cross-border data flows, jurisdictions and regions have developed legislation and rules to balance the free flow of data and cross-border security.

Lei zhao

DOI: https://doi.org/10.7256/2454-0706.2024.4.70797

2024-04-01

Право и политика

Abstract:The subject of this article is the system of regulation of cross-border data flows and its legal regime. Data is a fundamental resource for the development of the digital economy. Today, with the great development of globalization, the presence of cross-border data flows in international trade is inevitable. However, the transfer of data abroad creates hidden threats to the confidentiality of personal information of citizens and national security. Many countries have established data transfer management systems to protect their own interests. Mature data transfer management regimes abroad often become an example for other countries. The adopted laws also served as a model for other countries. The most representative regimes currently exist in the EU, the USA and China, which demonstrate three ways of managing data. The purpose of this article is to compare the regimes of cross–border data transmission in the European Union, the United States and China in order to analyze the structure of the three representative regimes, as well as to study the causes of their formation and the consequences of their functioning. Considering the three systems makes it possible to show more clearly that the European Union, the United States and China have different value orientations, which directly led to the formation of three different legal systems. The free market and national security have become the main elements of national considerations in the development of laws on cross-border data. Based on the conducted research, it can be concluded that the regime of cross-border data transfer in the EU is the most complete and effective, having a demonstration effect. The Chinese system currently has serious flaws. And in recent years, US law has been increasingly focused on serving the interests of geopolitics. Laws on cross-border data transfer demonstrate trends in political instrumentalization. The Balkanization of the Internet is becoming more and more obvious.

Neha Mishra

DOI: https://doi.org/10.2139/ssrn.3689412

2020-01-01

SSRN Electronic Journal

Abstract:The unprecedented integration of digital technologies in the economic and social lives of human beings has led to strong concerns regarding the ethical use of data collected by such technologies. In response to these concerns, several intergovernmental and multistakeholder bodies as well as individual governments have started devising data ethics compliance frameworks. These frameworks integrate certain core principles such as human rights protection, ethical design, algorithmic accountability, and data privacy and security. Governments are now also imposing measures to achieve greater compliance with these core principles of data ethics including banning certain (especially foreign) data-driven applications and services; restricting cross-border transfers and processing of data; and imposing varied corporate compliance requirements for offering data-driven technologies. However, some measures aimed at protecting and promoting data ethics (Data Ethics-related Measures) can have the consequence of restricting cross-border trade, especially in digital and data-driven services and technologies. Against this background, this article assesses whether Data Ethics-related Measures are consistent with international trade law, looking at the treaties of the World Trade Organization (WTO) and several Preferential Trade Agreements (PTAs). It argues that certain Data Ethics-related Measures may be inconsistent with obligations contained in international trade agreements, including obligations on non-discrimination, market access, domestic regulation, and intellectual property protection. However, international trade law does not per se inhibit Data Ethics-related Measures. For instance, exceptions contained in international trade agreements can be interpreted to allow measures that support a human rights-centric approach to data governance. Further, rules on trade secret protection may be interpreted and applied meaningfully to balance commercial and critical public interests such as facilitating algorithmic accountability and ethical design in data-driven technologies. Finally, provisions on domestic regulation can potentially ensure that Data Ethics-related Measures are implemented in a fair and objective manner, and that technical standards and licensing requirements for data-driven digital services are transparent, objective, and not unnecessarily burdensome. However, given the legal, technological, and political uncertainties at hand, governments are unlikely to perceive trade rules as a foolproof mechanism to preserve their policy space for regulating data-driven technologies for ethical reasons. Therefore, this article explores new avenues in international trade law to accommodate data ethics norms. It argues that international trade institutions can better co-opt data ethics frameworks by facilitating enhanced high-level cooperation among countries on cross-border data transfer mechanisms as well as digital development and inclusion. For example, trade bodies, including the WTO, can proactively engage with other international, regional, and transnational or multistakeholder bodies involved in norm development in data ethics, especially on privacy/data protection, digital inclusion, and the ethical use of data in the designing and application of digital technologies. Further, where appropriate and necessary, international trade rules must acknowledge the prevailing global best practices in data-driven sectors, especially the role of multistakeholder and private technical standards and protocols in promoting ethical and robust data-driven technologies. One possible means to do so is adopting new rules at the WTO and through PTAs (especially for trade in services and electronic commerce) that recognize relevant technical standards, protocols and best practices developed by multistakeholder internet institutions and representative private sector bodies.

Wanxiu Xu,Shuo Wang,Xiaodong Zuo

DOI: https://doi.org/10.1016/j.clsr.2024.106061

IF: 2.707

2024-10-02

Computer Law & Security Review

Abstract:China and the United States have traditionally represented the 'security paradigm' and 'freedom paradigm' in their regulatory approaches to cross-border data flow. However, with the introduction of new rules governing these flows in both countries, this article challenges that perspective and explores the potential implications of this shift for global data governance. Specifically, it analyzes how the recent regulations in China and the United States serve as critical turning points affecting the transition between these paradigms, focusing on the overall regulatory frameworks and institutional developments in both nations. The article provides legal, institutional, and case-based examples to illustrate these changes. Furthermore, it offers a comparative analysis of the existing models for cross-border data flow regulation between China and the United States. Targeted compliance advice is provided for multinational corporations and other businesses frequently engaging in international operations that may be impacted by these regulatory changes. This research aims to deliver comprehensive insights into the latest regulatory developments in both countries and their existing models for cross-border data governance, thereby assisting enterprises in developing effective compliance strategies in practice.

law

Peng Qi,Yuanqi Sun

DOI: https://doi.org/10.4108/eai.8-12-2023.2344822

Abstract:. In the digital economy environment, the cross-border flow of financial data has become increasingly important, but a unified regulatory mechanism has not been formed in the world, which brings obstacles to the flow of transnational financial data. Differentiated free trade agreements (FTA) can have different effects on the transnational flows of financial data. China has a huge demand for the cross-border flow of financial data, but the potential risks can not be ignored. This paper aims to establish an effective regulatory regime to ensure data security and maximize its economic value. Considering that China's construction and participation in the supervision of cross-border financial data flow is still in its infancy, it is necessary to improve the supply level of the rules of the free trade zone, so as to promote the healthy development of China's financial service trade. Through the method of literature review and case analysis, the regulatory system of financial data flow is deeply studied. On the one hand, the existing literature is reviewed and analyzed to understand the current situation, problems and solutions of the cross-border flow of financial data; on the other hand, to explore the practice and experience of different countries in the cross-border flow of financial data. Overall, establishing an effective regulatory system is the key to ensuring the security of financial data and maximizing its economic value. In terms of cross-border flow of financial data, it is necessary to start from the two aspects of cross-border flow of financial data and data security to improve the supply level of free trade zone rules, so as to promote the healthy development of China's financial service trade.

Law

Martina F. Ferracane,Erik van der Marel

DOI: https://doi.org/10.1111/roie.12735

IF: 1.234

2024-03-27

Review of International Economics

Abstract:The regulation of personal data varies widely between countries, with potential effects on digital services. We develop a taxonomy for the regulation of cross‐border personal data transfers and systematically categorize 143 countries in one of the three data models identified, which are an open data model, a conditional model, and a control model. Using a gravity model, we then study if sharing a similar regulatory model between trading partners is associated with trade in digital services. Moreover, we assess if enacting a comprehensive data protection law impacts the relationship between data models and digital services. The open model of data transfers appears to support data flows, regardless of the the presence of a domestic regime for personal data. We find a negative effect on digital services for the conditional model that prescribes conditions that need to be fulfilled to transfer personal data across borders. Interestingly, we find that this negative effect is more than offset by the presence of a comprehensive data protection law. Finally, the control model, which has strict conditions to transfer personal data outside the country, only has a negative and significant effect when a domestic regime for data protection is implemented. The latter is likely to reflect the cost burden of firms to comply with these regulations as the trust channel might not be effective in countries characterized by government surveillance.

economics

Gui Huang,Yin Lei

DOI: https://doi.org/10.1515/ajle-2022-0065

2022-11-08

Asian Journal of Law and Economics

Abstract:Cross-border data flows is a crucial factor in digital economy. Article 12.14 (2) and Article 12.15 (2) in RCEP stipulate the prohibitive norms on data localization, aiming to ensure the data is transferred freely. Except some other clauses indirectly stipulate some circumstances for excluding the use of the prohibitive norms, Article 12.14 (3) and Article 12.15 (3) directly stipulate the exception clauses of data localization, i.e., the clause of legitimate public policy, horizontal provisions, and clause of the essential security interests. The WTO case-laws show that the aforesaid concepts should be interpreted by the Parties according to their own reality. The norms on "anti-discrimination" and "anti-disguised restriction" are to prevent the "clause of legitimate public policy" from being abused. To understand these norms, we need to evaluate the substantive purposes of the concrete measures launched by the states, and then clarify the relations between aforesaid purposes and the legitimate public policy objective.