The Research On "Principle Of Sufficiency Protection Of The Cross-border Flow Of Personal Data In The Eu" And Its Enlightenment To China

The EU attaches great importance to the protection of personal data and proposes the “sufficiency protection principle” to achieve adequate protection of personal data.The EU’s "adequacy protection principle" has the following three major problems: First,the EU has put forward the "sufficiency protection principle" in the protection of cross-border flow of personal data,then how the "sufficiency protection principle" is established in member states;How to determine the “sufficiency” protection standard;third,how to apply the “sufficient protection principle”.This paper analyzes and discusses the relevant legislation of the European Union in response to the above problems.The EU currently solves the situation of different standards of personal data protection in the EU domain by means of unified legislation,and clarifies the criteria for the identification of “sufficient protection”.The personal data is fully protected by expanding the scope of application of the “sufficiency protection principle.” This paper argues that the EU’s unified legislative model can help resolve the situation of different standards for cross-border mobile protection of personal data within the EU domain;The principle "higher requirements" limits the cross-border flow of personal data,but the complementary mechanism identified by "sufficiency" mitigates this problem;the expansion of the scope of application is conducive to the comprehensive protection of personal data.The EU’s content on the protection of cross-border flow of personal data has important implications for China’s relevant legislation.China should use the EU law as a guide.For the different standards of cross-border mobile protection of personal data in different jurisdictions in China,we can abandon the EU.On the basis of the practice,it is clear that adequate protection standards should be adopted for personal data flow protection,harmonization of protection standards with Hong Kong and Macao,design of multiple supplementary identification mechanisms and expansion of the scope of application of the Personal Data Protection Law to achieve the goal of adequate protection of personal data.