Research On The Legal Regulations Of Eu Personal Data Cross-border Flow

In the era of big data,data becomes "new oil".Enterprises can create huge economic value by collecting and using data.Economic globalization has led to frequent economic and trade exchanges between countries and increased cross-border data flow.Due to different levels of data protection in different countries,when data flows from countries with higher levels of protection to countries with lower levels,the risk of personal data infringement may increase.Therefore,more and more countries or regions begin to pay attention to data protection issues in the cross-border flow of data,and formulate or improve relevant laws to regulate them.As the EU started earlier in the field of regulation of the cross-border flow of personal data,its entire system of cross-border protection of personal data is in a leading position in the world,especially the General Data Protection Regulation(2018).After referred to as “GDPR” instead of “The EU Data Protection Directive”(hereinafter referred to as “ 95 Directive ”)as the EU Data Charter,the European Union 's influence in the field of global data regulation has further increased and it has become a global data protection.An important leader of trends.The first part of the main text introduces the theoretical basis of the regulation of the cross-border flow of personal data.First,it clarifies personal data and its related concepts,and emphasizes the basic attribute of recognizability.At the same time,the concept of cross-border flow of personal data is also briefly explained.Secondly,it mainly highlights the value conflicts and coordination between personal data protection and cross-border flow of personal data,and actually reflects the social demands for the protection of personal data self-determination and the pursuit of economic interests by economies.Countries will make corresponding value choices based on their own digital economy development and the historical tradition of data protection,but their purpose is to achieve the balance and coordination of digital economy development and personal data protection.In the end,the EU decided to choose the appropriate regulatory model in consideration of its legal tradition ofprotecting basic human rights and the goal of constructing an institutional voice under the current development of the digital economy.The second part mainly elaborated the main features of the regulation measures of cross-border flow of personal data in the EU GDPR.On the one hand,the EU has set up a diversified but restrictive cross-border data transmission mechanism in the GDPR,which specifically includes the principle of sufficiency,appropriate safeguards,and exceptions under special circumstances.On the other hand,in order to ensure that personal data can still be under the protection of the EU system after leaving the country,GDPR has also added extraterritorial effectiveness rules based on the principle of impactism,extending the scope of application outside the EU,avoiding the use of data to circumvent EU law.In addition,the European Union has established an independent data supervision agency,which is divided into two levels: EU and member states,which are responsible for review and supervision.The third part of the main text focuses on the challenges faced by the EU's rules for the cross-border flow of personal data when they are effective.Expanding the scope of GDPR's extraterritorial application will definitely cause conflicts between the EU's cross-border data transfer supervision laws and the laws of third countries,and will also face certain difficulties in implementation.In terms of international data cooperation,whether it is the twists and turns experienced by the European and American parties from the failure of the Safe Harbor Agreement to the conclusion of the Privacy Shield Agreement,or the participation of regional mechanisms,due to the"stubborn" adherence to their own value standards,the "Transatlantic The negotiations on the Transatlantic Trade and Investment Partnership(TTIP)are in a stalemate,and mutual recognition with the "APEC Privacy Protection Framework"(Cross-Border Privacy Rules,CBPR)mechanism has also made limited progress.Since there is no global uniform rules for the cross-border flow of data,there may be potential conflicts when evaluating EU personal data protection rules under the existing multilateral trading rules system.The fourth part of the main body introduces the current status of the regulation of cross-border flow of personal data in China,and also puts forward suggestions for the improvement of the system.At present,the cross-border flow of personal data in China is mainly regulated by the "Network Security Law" and its supporting regulations.Although a basic framework has been established,there is still a lack of a special "Personal Information Protection Law",chaotic data classification,a singledata outbound evaluation mechanism,lack of extraterritorial effectiveness regulations,decentralized and inefficient data supervision,and low international participation in data protection.problem.In response to the above problems,the system of "Personal Information Protection Law" was proposed,the different nature of data was set up with different regulatory paths,the implementation of a diversified data outbound evaluation mechanism,the establishment of China's applicable rules outside the domain,the establishment of a dedicated personal data supervision agency,and active data Recommendations such as international collaboration on cross-border mobility regulations to improve China 's personal data protection and cross-border mobility systems and enhance international voice and influence in the digital field.