China’s Rules on Cross-border Data Transfers : A Case Study from International Economic Law Perspective
Article Sidebar
Main Article Content
Abstract
From 2016, China has tightened control over cross-border data flow by implementing strict rules in which entities that meet certain conditions must seek approval from the Cyberspace Administration of China for outbound data transfer. From our research on international economic agreements that China has joined including the WTO framework (especially GATS) and the RCEP or on international economic agreements that China has requested to join including the CPTPP and the DEPA, we found that these agreements are unable to regulate or incentivize China to readjust its stringent domestic policies on cross-border data transfers. This finding points to the divergence between China’s approach on cross-border data regulation that puts emphasis on national security and cyber sovereignty and the emergent international approach led by the US that seeks to encourage free flow of data across borders.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
The copyright in this website and the material on this website (including without limitation the text, computer code, artwork, photographs, images, music, audio material, video material and audio-visual material on this website) is owned by Chulalongkorn University Law Journal and its licensors.
1. Chulalongkorn University Law Journal grants to you a worldwide non-exclusive royalty-free revocable license to:
- view this website and the material on this website on a computer or mobile device via a web browser;
- copy and store this website and the material on this website in your web browser cache memory; and
- print pages from this website for your use.
- All articles published by Chulalongkorn University Law Journal are licensed under the Creative Commons Attribution 4.0 International License. This permits anyone to copy, redistribute, remix, transmit and adapt the work provided the original work and source is appropriately cited.
2. Chulalongkorn University Law Journal does not grant you any other rights in relation to this website or the material on this website. In other words, all other rights are reserved. For the avoidance of doubt, you must not adapt, edit, change, transform, publish, republish, distribute, redistribute, broadcast, rebroadcast or show or play in public this website or the material on this website (in any form or media) without appropriately and conspicuously citing the original work and source or Chulalongkorn University Law Journal prior written permission.
3. You may request permission to use the copyright materials on this website by writing to journal@law.chula.ac.th.
4. Chulalongkorn University Law Journal takes the protection of its copyright very seriously. If Chulalongkorn University Law Journal discovers that you have used its copyright materials in contravention of the license above, Chulalongkorn University Law Journal may bring legal proceedings against you seeking monetary damages and an injunction to stop you using those materials. You could also be ordered to pay legal costs.
If you become aware of any use of Chulalongkorn University Law Journal's copyright materials that contravenes or may contravene the license above or any material on the website that you believe infringes your or any other person's copyright, please report this by email to journal@law.chula.ac.th.
References
Alex He, “Trade Deals Might Induce Beijing to Bend on Data Restrictions,” [online] Available from : https://www.cigionline.org/articles/trade-deals-might-induce-beijing-to-bend-on-data-restrictions. [12 February 2024]
Andrew D. Mitchell and Neha Mishra, “WTO Law and Cross-Border Data Flows An Unfinished Agenda,” in Big Data and Global Trade Law, ed. M. Burri (Cambridge: Cambridge University Press, 2021)
Annex I of DEPA
Appellate Body Report, United States — Measures Affecting the Cross-Border Supply of Gambling and Betting Services, Para. 307, WTO Doc. WT/DS285/AB/R (7 April 2005).
Article 10 of Security Assessment Measures 《数据出境安全评估办法》
Article 12.15(2) of RCEP
Article 12.15(3) of RCEP
Article 12.15(3)(a) of RCEP
Article 14 of Security Assessment Measures 《数据出境安全评估办法》
Article 14.11(3) of CPTPP
Article 14.11(3)(b) of CPTPP
Article 14A.1 of DEPA
Article 2 of Critical Information Infrastructure Security Protection Regulations 《关键信息基础设施安全保护条例》 (2021)
Article 28 of Personal Information Protection Law of the People’s Republic of China 《中华人民共和国个人信息保护法》 (2021)
Article 31 of Data Security Law of the People’s Republic of China 《中华人民共和国数据安全法》 (2021)
Article 37 of Cybersecurity Law of the People’s Republic of China 《中华人民共和国网络安全法》 (2016)
Article 38 of Personal Information Protection Law 《中华人民共和国个人信息保护法》
Article 4 of Personal Information Protection Law 《中华人民共和国个人信息保护法》 (2021)
Article 4(2) of Security Assessment Measures 《数据出境安全评估办法》
Article 4(3) of Security Assessment Measures 《数据出境安全评估办法》
Article 4.3(3) of DEPA
Article 6 of Security Assessment Measures 《数据出境安全评估办法》
Article 7 of Security Assessment Measures 《数据出境安全评估办法》
Article 8 of Cybersecurity Law 《中华人民共和国网络安全法》 (2016)
Article 9 of Critical Information Infrastructure Security Protection Regulations 《关键信息基础设施安全保护条例》 (2021)
Article VI:1 of GATS
Article XIV of GATS
Article XVI of GATS
Article XVII of GATS
British Chamber of Commerce in China, “The Cross-Border Data and Innovation Report 2021,” [online] Available from : https://www.britishchamber.cn/wp-content/uploads/2021/11/BritCham-China-Cross-Border-Data-and-Innovation-Report.pdf. [12 February 2024]
Cybersecurity Law 《中华人民共和国网络安全法》 (2016) and Article 38 and 40 of Personal Information Protection Law 《中华人民共和国个人信息保护法》
David Cyranoski, “China’s Crackdown on Genetics Breaches Could Deter Data Sharing,” [online] Available from : https://www.nature.com/articles/d41586-018-07222-2. [12 February 2024]
Fengan Jiang, “China’s Legal Efforts to Facilitate Cross-border Data Transfers: A Comprehensive Reality Check”, in Asia Pacific Law Review, 32, 1 (2024): 81-101, 87.
Henry S. Gao, “Data Regulation with Chinese Characteristics,” in Big Data and Global Trade Law, ed. M. Burri (Cambridge: Cambridge University Press, 2021)
Joshua P. Meltzer, “China’s Digital Services Trade and Data Governance: How Should the United States Respond?,” [online] Available from : https://www.brookings.edu/articles/chinas-digital-services-trade-and-data-governance-how-should-the-united-states-respond. [12 February 2024]
Leika Kihara, “DAVOS – Nearly Half WTO Members Agree to Talks on New E-Commerce Rules,” [online] Available from : https://www.reuters.com/article/davos-meeting-ecommerce-idUSL3N1ZP329. [12 February 2024]
Linxin Dai, “A Survey of Cross-Border Data Transfer Regulations Through the Lens of the International Trade Law Regime”, in New York University Journal of International Law and Politics, 52 (2019): 955-966.
Maria A. Carrai, “Can China Succeed in Joining the CPTPP?,” [online] Available from : https://www.hinrichfoundation.com/research/wp/ftas/china-cptpp-comprehensive-and-progressive-trans-pacific-partnership. [12 February 2024]
Measures on Standard Contracts for the Export of Personal Information 《个人信息出境标准合同办法》 (2022)
Ministry of Commerce, People’s Republic of China, “China Has Submitted an Official Application to Join the Digital Economy Partnership Agreement (DEPA),” [online] Available from : http://english.mofcom.gov.cn/article/newsrelease/significantnews/202111/20211103214781.shtml. [12 February 2024]
Mira Burri, “Data Flows and Global Trade Law,” in Big Data and Global Trade Law, ed. Mira Burri (Cambridge University Press, 2021)
Mira Burri, “The Regulation of Data Flows Through Trade Agreements”, in Georgetown Journal of International Law, 48, 1 (2017): 413-414.
OECD, “Mapping Approaches to Data and Data Flows: Report for the G20 Digital Economy Task Force, Saudi Arabia (2020),” [online] Available from : https://www.oecd.org/sti/mapping-approaches-to-data-and-data-flows.pdf. [12 February 2024]
OECD, WTO and IMF, “Handbook on Measuring Digital Trade (2020),” [online] Available from : https://www.oecd-ilibrary.org/trade/handbook-on-measuring-digital-trade-second-edition_ac99e6d3-en. [12 February 2024]
Para 2.2 of A Guide to Cybersecurity Standard Practices – Guidelines for Classification and Grading of Network Data 《网络安全标准 实践指南—网络数据分类分级指引》 (2022)
Practice Guidelines for Cyber Security Standards – Security Certification Specifications for Cross-Border Processing of Personal Information V2.0 《网络安全标准实践指南—个人信息跨境处理活动安全认证规范V2.0》(2022)
Security Assessment Measures and Guidelines for the Application for Security Assessment for Outbound Data Transfer (First Edition) 《数据出境安全评估申报指南(第一版)》 (2022)
Shin-yi Peng and Han-wei Liu, “The Legality of Data Residency Requirements: How Can the Trans-Pacific Partnership Help”, in Journal of World Trade, 51, 2 (2017): 195-197.
Susannah Hodson, “Applying WTO and FTA Discipline to Data Localization Measures”, in World Trade Review, 18, 4 (2019): 579-607.
Timothy Wu, “The World Trade Law of Censorship and Internet Filtering”, in Chicago Journal of International Law, 7 (2006): 263-287, 264.
Work Programme on Electronic Commerce, Non-Paper from the United States, JOB/GC/94 (2016)
WTO, Joint Statement on Electronic Commerce, Communication from China, 24 April 2019, INF/ECOM/19.
WTO, Joint Statement on Electronic Commerce, Ministerial Conference, 11th Session, Buenos Aires, 10–13 December 2017, WT/MIN(17)/ST/60 (2017).
Xinhua, “Commerce Ministry: China Advancing Negotiations on Joining DEPA,” [online] Available from : https://english.www.gov.cn/statecouncil/ministries/202208/23/content_WS6304085dc6d02e533532f955.html. [12 February 2024]
Yik-Chan Chin and Jingwu Zhao, “Governing Cross-Border Data Flows: International Trade Agreements and Their Limits”, in Laws, 11(4), 63 (2022): 1-22.
