The Current Situation of Legal Regulation of Cross-border Data Flow and the Countermeasures
——from the Perspective of International Rules and the Data Security Law(Draft)
Abstract:In the context of global connectivity,cross- border data flow is an essential element to realize the balanced development of economic and technological globalization. At the same time ,data security is closely related to national security, personal privacy,etc.,and the regulatory scale of cross-border data flow has become a focus issue of data security. At present, the representative of cross-border data flows regulation is European model and American model. The European model focuses on personal privacy and human rights protections,and severely restricts the cross-border data flow beyond the European Union ;and the American model advocates the free cross- border data flow and continues to broaden its global jurisdiction. China has now initially established the rules of cross-border data flow taking the Cyber Security Law and the Data Security Law(draft)as the main content. However,compared with the above-mentioned international rules ,there are still some problems with China's rules concerning cross-border data flow,such as the too broad adjustment object that cannot be accurately limited to electronic data , and so on. We should,first,further clarify the definition of data,narrow the adjustment scope,and exclude the non-electronic data from the protection object of data security law ;second,we should establish a scientific and reasonable data classification system and a cross- border flow review system in line with international rules ;and third,we should establish a“data security audit system”to strengthen the enterprise's compliance with the law and self-monitoring mechanism ,so as to properly regulate the cross-border data flow.
Key words:data;cross-border data flow;international rules;Data Security Law(draft)