Research On Exception Rules Of Cross Border Data Flows

Chapter 1: Overview of Cross Border Data Flows.With the development of the economy and society,the liberalization of data flows,the diversification of data types,and the complexity of cross-border situations,such as the expansion of the scope of "data" from individuals to business data and national data,the main data inflow and outflow of "cross-border" situations,and the connotation of "cross-border data flows" is constantly changing.The high openness and liquidity of cross-border data have brought enormous economic value to the world,but on the other hand,cross-border data flows pose huge challenges to the regulation and jurisdiction of countries.Many countries have taken protective measures such as data localization to restrict cross-border data flows.The regulatory measures taken for cross-border data flows are mainly based on data privacy theory,data sovereignty theory,and data economic value theory.The protection of online privacy has put forward requirements for the formulation of international rules for cross-border data flows,and it is necessary to integrate personal privacy protection into regulatory mechanisms in cross-border data flows;The data sovereignty theory legitimizes the power of countries to process data from a legal perspective,and countries will exercise sovereignty over data within their jurisdiction based on sovereignty.The data sovereignty theory is the premise and foundation for the formulation of international rules for cross-border data flows;In the digital economy era,the economic value of data lies in its potential to increase the value of organizations,industries,departments,or business ecosystems.Chapter 2: Basic Models on Cross Border Data Flows.The current global cross-border data flows models can be summarized into three types: the first is the US model,which is characterized by commercial driven cross-border data free flow rules,with the goal of minimizing restrictions on cross-border data flows as much as possible;The second is the EU model,which is characterized by strict restrictions on cross-border data flows with human rights first.From the perspective of the EU,data is a fundamental right of individuals,and everyone should have the ability to access and control data.The EU’s data governance model is based on strong data protection and privacy principles,rather than focusing on the free flow of data.The third is the Russian model,which is characterized by data localization storage rules under the principle of sovereignty.Although the data localization measures implemented by Russia have played a certain role in maintaining domestic data sovereignty and network security,their implementation effect is not ideal.Data localization measures are only a way of regulating cross-border data flows,and data localization does not necessarily mean an absolute ban on cross-border data flows.Chapter 3: Analysis on the Application of WTO General Exception Rules of Cross Border Data Flows.The WTO exception rules are about determining the reasonableness of a non compliant measure.The general exception rules of the WTO are mainly reflected in Article 20 of GATT and Article 14 of GATS.Under the WTO system,measures related to cross-border data flows are more closely related to the relevant provisions of GATS.Although GATS is not a specialized agreement on cross-border data flows and lacks specific applicable rules of cross-border data flow,cross-border data flows are closely related to cross-border service trade,and compared to other WTO rules,GATS has a higher correlation with cross-border data flows issues.The restrictive measures imposed by the state on cross-border data flows are likely to constitute a violation of trade rules,and many countries will use exception clauses under trade rules to seek remedies.Exploring the application of the general exception rule of Article 14 of GATS to cross-border data flows issues has important practical significance.So far,there has been no precedent in WTO dispute cases to explain cross-border data flows restrictive measures using the general exception rule in Article 14 of GATS.The analysis of this provision poses significant legal uncertainty and unpredictability,and there are still a series of potential unresolved issues.Chapter 4: Analysis on the Application of WTO Security Exception Rules of Cross Border Data Flows.The security exception rule,as an important legal pillar of the World Trade Organization agreements,was initially established to alleviate political crises and was a compromise towards achieving economic integration.Compared to general exception clauses,security exception clauses are considered as "gentlemen’s agreements" in World Trade Organization agreements,and WTO members try to avoid using this clause in dispute settlement practices.The logic behind it is that members believe that maintaining the ambiguity of the application of security exception clauses is meaningful,as they are not yet able to determine the position they will take in interpreting national security matters after future changes in circumstances.The essential security interests of a country include "maintaining its public order and public morals".If a measure is referred to the WTO dispute settlement body by citing the above provisions,the defendant may defend and explain the measure from two aspects: firstly,restricting the free flow of cross-border data is necessary for the government to protect public morals and maintain public order,Because this information may violate religious or social values within the member’s territory,or have inciting violence or hatred.Secondly,from the GATS perspective,restricting data flow is necessary to ensure compliance with laws or regulations that are inconsistent with the provisions of the agreement,especially to prevent fraudulent and fraudulent behavior,including issues related to online fraud(such as false access to financial data or investment or charitable fraud)and cybercrime(such as money laundering or drug sales).Chapter 5: Analysis on Exception Rules of Cross Border Data Flows in Free Trade Agreements.Most current free trade agreements prohibit members from restricting the free flow of cross-border data,but they differ in achieving regulatory exceptions and exceptions to legitimate public policy objectives.The strictness of cross-border data flows regulation varies among various free trade agreements,with an extreme case such as the US-Mexico-Canada Agreement(USMCA)only providing exceptions to legitimate public policy objectives in its provisions.On the contrary,at the other extreme,agreement such as the Regional Comprehensive Economic Partnership Agreement(RCEP)provides for broader exceptions,including wording for the country implementing the measure to determine its legality.USMCA and UJDTA have the strictest exceptions for cross-border data flows,with only exceptions set in the agreement to achieve legitimate public policy objectives;Singapore led DEPA and SADEA,on the other hand,hold a relatively relaxed attitude towards cross-border data flows compared to American led USMCA and UJDTA;The RCEP led by developing countries has added exceptions to legitimate public policy objectives that are independently recognized by contracting parties.Chapter 6: Cross Border Data Flows and Public Interest Protection.Every country has data sovereignty,and a government has jurisdiction over the cross-border flows of its own data.The regulation and supervision of cross-border data flows is one of the government’s management functions,and has many functions such as maintaining national sovereignty and data security,safeguarding economic interests,and safeguarding citizens’ data privacy.When participating in international regulations or regional free trade agreements on cross-border data flows,special attention should be paid to the public interest clauses in them.International regulations on cross-border data flows aim to eliminate potential or actual damage and threats to domestic industries caused by the flow and storage of data both domestically and internationally.In practical application,developed countries and developing countries have different degrees of protection based on the principles of public interest protection.Due to different considerations of national conditions and interests,developing countries pay more attention to the protection of public interests,which is actually a focus on national interests and data sovereignty.Overall,the principle of exceptions to public interest protection is recognized by the international community and follows the stance of human rights and sovereignty.Chapter 7: Suggestions for Improving the Exception Rules of China’s Cross Border Data Flows.Currently,the global economy has entered the era of digital economy,and the significance of data for economic development and national governance is becoming increasingly important.Looking at the regulatory status quo of cross-border data flows in China,the legislative system is not perfect,data governance capacity needs to be improved,and international cooperation participation is still low.When conducting cross-border data flows in China,if certain restrictive measures are implemented on key information infrastructure,important data and personal information in other fields,and other personal information,and are questioned by other members,China can consider invoking relevant exception rules for defense.Faced with the problems in China’s cross-border data flows regulation,China needs to clarify the value choices of cross-border data flows,determine the model of cross-border data flows regulation,further improve the legislative system,improve regulatory mechanisms,actively participate in international cooperation and global rulemaking,and improve the comprehensive ability and international influence of data protection.