Rivista Italiana di Informatica e Diritto (Jun 2021)
Cross-border Data Transfer Regulation in China
Abstract
With the growing participation of emerging countries in the global data governance, the traditional legislative paradigm dominated by the European Union and the United States is constantly being disintegrated and reshaped. It is of particular importance for China to establish the regulatory framework of cross-border data transfer, for not only it involves the rights of Chinese citizens and entities, but also the cyber sovereignty and national security, as well as the framing of global cyberspace rules. China keeps leveraging the data sovereignty to fasten the law-makings to support the development of critical technology in digital domains and infrastructure construction. This paper aims to systematise Chinese regulations for cross-border data exchange following the chronological order. The enacted and draft provisions as well as binding and non-binding regulatory rules are studied, and various positive dynamic developments in the framing of China’s cross-border data regulation are shown. Despite certain limitations, the Cybersecurity Law, together with Civil Code and Personal Information Protection Law, demonstrates great willingness towards a stronger data protection regime and more flexible regulatory mechanism.
Keywords
