The Latest Legislative Dovelopment Of Personal Data Protection In The European Union And The United Kingdom And Its Reference On China S Legislation

This paper aims to offer intellectual support to domestic scholars on the study of General Data Protection Regulation(GDPR)and 2018 Data Protection Act(DPA 2018)through systematic interpretation of the main content and characters of the above two pieces of legislation;to provide objective assessment for China's referencing the above legislation by critical analysis of their differences and potential problems;to point out the relevant issues in the domestic data protection legislation and propose legislative solutions accordingly based on the national situations.The research methods,including comparative analysis,document research and empirical analysis,have been applied to introduce and analyse GDPR and DPA 201 8 in terms of their content and characters.GDPR is firstly introduced and interpreted in this paper,involving areas like legislative purposes,scope of application,principles,lawful basis for processing,individual rights,accountability and governance and international transfers;the actual application of the legislation in practice is illustrated through latest or typical cases.The paper then interprets DPA 2018,focusing on its relationship with GDPR and pointing out the differences.A discussion of Brexit and its impact on UK data protection law comes after with seminal cases illustrating the important use of relevant terms.On the previous basis,this paper critically analyses the potential issues that may arise in practice.Following that is a general description of current domestic legislation on personal data protection and a typical case on Cookies technology is provided for clarification.Finally,this paper points out the problems in current legislation and proposes relevant solutions based on GDPR and DPA 2018.This paper clarifies some controversial issues on GDPR.By comparing GDPR and DPA 2018,it identifies the differences between the two,especially on how DPA 2018 modifies GDPR based on the national situations,which sets a good example of domestic application of GDPR.Through a comparison of GDPR and DPA 2018 with domestic data protection legislation,it identifies deficiency of the latter which merits improvement,such as "lack of special legislation on personal data protection""lack of special regulator on personal data protection""insufficient system of data protection law" and "lack of unified standards on internal transfers".The abalysis of Brexit and its impact on UK data protection law catches up with the latest development and predicts the potential challenges that UK data protection law may face.In the final chapter,legislative proposals are given with focus on "the introduction of 'data context' and 'risk-based approach' theories" "weakening the consent basis and expanding other lawful basis for data processing" "building and completing rules on international transfers for personal data" and "how to deal with Long Arm Jurisdiction of GDPR".This paper concludes that GDPR and DPA 2018,as the world's highest level of data protection legislation and a good example of domestic application of GDPR respectively,unify and update the law on personal data protection within their jurisdiction,providing great value for our domestic data protection legislation.When introducing the relevant legislation,the legislators in China should consider the potential issues that may arise and make a critical assessment of its applicability,making our own domestic data protection law based on the national situations so as to reach a flexible balance between data protection and digital economic development.