數據隱私框架體系視角下數據跨境流動規則分析與中國啟示
網絡安全與數據治理
楊子碩
四川大學法學院
摘要: 歐盟與美國新近建立起包括數據隱私框架以及第14086號行政命令在內的數據跨境流動體系,填補了雙邊數據流動法律空缺。新體系通過修改規則細節以及引入雙重救濟機制,較以往協定更為完善,但仍存在數據保護審查法院獨立性不足等制度性隱患。歐盟與美國在數據治理模式上一貫存在分歧,數據隱私框架體系充分展現出雙方的談判博弈,特別是在規則制度設計上的角力。歐美分立的數據治理政策顯露出數據跨境流動規則并無定式,中國可借機探索并完善符合自身需求的數據流動規制路徑,數據隱私框架體系的雙邊談判策略及其展露的歐盟立場也可為中國參考,為未來中國與歐盟及其他國家開展數字合作提供良好借鑒。
中圖分類號:D99;TP309.2文獻標識碼:ADOI:10.19358/j.issn.2097-1788.2024.08.012
引用格式:楊子碩.數據隱私框架體系視角下數據跨境流動規則分析與中國啟示[J].網絡安全與數據治理,2024,43(8):69-75.
引用格式:楊子碩.數據隱私框架體系視角下數據跨境流動規則分析與中國啟示[J].網絡安全與數據治理,2024,43(8):69-75.
Analysis of data cross-border flow rules from the perspective of Data Privacy Framework system and its implications for China
Yang Zishuo
Law School, Sichuan University
Abstract: The European Union and the United States have recently established a system of cross-border data flows, including the Data Privacy Framework and Executive Order 14086, which fills a legal gap in bilateral data flows. The new system is better than the previous agreement by revising the details of the rules and introducing a dual remedy mechanism, but there are still institutional pitfalls such as the lack of independence of the Data Protection Review Court. The EU and the U.S. have consistently disagreed on data governance models, and the Data Privacy Framework system fully demonstrates the negotiation game between the two sides, especially the tug-of-war over the design of the rule system. The separate data governance policies of the EU and the U.S. reveal that there is no set rule for cross-border data flows, and China can take this opportunity to explore and improve the path of data flow regulation that meets its own needs. The bilateral negotiation strategy of the Data Privacy Framework system and the EU′s stance on data privacy can also serve as a reference for China, and provide a good reference for China′s digital cooperation with the EU and other countries in the future.
Key words : Cross-border flow of data; Data Privacy Framework; Executive Order 14086; data governance; EU-U.S. game
引言
“棱鏡門”事件爆發后,《安全港協議》(U.S.-EU Safe Harbor Framework)和《隱私盾協議》(EU-U.S. Privacy Shield Framework)接連被歐盟法院宣布無效。隨后,美國和歐盟通過積極磋商就新的數據流動規則即數據隱私框架(EU-U.S. Data Privacy Framework)達成協定,再次建立起雙邊數據流動法律基礎。數據隱私框架及第14086號行政命令(Executive Order 14086)構成了調整歐美數據跨境流動的制度體系,新的體系在規則設置上展現出其先進和完備的一面,然而通過回顧談判歷程、分析框架文本,不難發現數據隱私框架體系是歐美相互博弈妥協的產物,我們能從中一窺歐盟的數據規則取向,為未來中歐投資協定等國際協定中的數據跨境流動規則談判提供寶貴經驗,也為我國發展出符合自身利益、具備自身特色的數據跨境流動規則提供啟示。
本文詳細內容請下載:
http://www.viuna.cn/resource/share/2000006109
作者信息:
楊子碩
(四川大學法學院,四川成都610065)
此內容為AET網站原創,未經授權禁止轉載。