Study On Regulation Mode Of Cross-border Flow Of Personal Information

To regulate cross-border activities of personal information and resolve the contradiction between data sovereignty security and data free flow highlighted in cross-border flow of personal information is not only to safeguard the personal rights and property rights of the subject of personal information and promote the development of digital trade,but also to construct the overall concept of national security.At present,the global economic structure is in transition from the real economy to the digital economy,and the digital industry and digital trade are developing rapidly.Europe and the United States have been engaged in a fierce game in the field of global cross-border data governance,competing for the right to make international rules,and forming two personal data governance models respectively,namely "taking the principle of adequate protection,emphasizing human rights protection,expanding extraterritorial jurisdiction,and building a single market for data" and "encouraging the free cross-border flow of personal data,industry self-discipline and post-accountability".In this international context,China’s regulatory system for the cross-border flow of personal information has begun to take shape,forming a governance model for the cross-border flow of personal information that values data sovereignty and national security.China adheres to a prudent and neutral data stance to promote the safe,orderly and free flow of data.The overall system design presents the unilateral decline of the value ladder of "data security-data flow" rather than the balanced development and benign interaction of the two,and leads to the external loose and internal disharmony of the cross-border regulation system of personal information.China’s huge population base determines that it has a very considerable scale of personal information and the corresponding cross-border risk of personal information.To measure the relationship between data sovereignty and data flow and make a legitimate value choice is the premise and basis of preventing the cross-border risk of personal information and building a legal system of cross-border personal information flow with vitality.Within the personal information cross-border normative system,the value orientation is clarified,the value rank is reshaped,and the data sovereignty is endowed with new meaning.Moreover,the conflict between data sovereignty and data flow in the cross-border flow of personal information is resolved through specific system design,such as refining the classification and classification system of personal information,improving the diversified exit channels of personal information,and improving the supervision system of the whole life cycle of the cross-border flow of personal information.In addition to the introduction and conclusion,the text is divided into four parts.The first part is a review of the current situation of the cross-border flow of personal information.Firstly,the definition of relevant concepts of personal information and its cross-border flow is clearly defined,and the idea of defining personal information based on scenes is proposed.The significance of regulating cross-border activities of personal information is expounded for protecting the rights and interests of the subject of personal information,promoting the development of digital trade and safeguarding national security.Secondly,it analyzes the current legislation status of cross-border flow of personal information in China: the overall framework of cross-border flow of personal information has been initially set up.The overall system is oriented to guarantee the security of personal information and data sovereignty,and promotes the orderly and free cross-border flow of personal information on the basis of guaranteeing security,and adheres to the prudent and neutral data stance.The second part analyzes the difficulties faced by China’s personal information cross-border flow regulation system.Due to the unreasonable arrangement of overall value,there are some problems in the regulatory system of cross-border flow of personal information in China,such as loose external regulatory system,risk of national sovereignty and public interest generalization,insufficient security assessment mechanism,unclear relevant regulations and so on.The third part is the comparative analysis of the global regulation mode of the cross-border flow of personal information.The representative European Union,the United States and Russia,which is similar to our data sovereignty position,are selected as references.This paper compares the value orientation and regulation path choice of EU and US personal data governance models and analyzes the causes of their differences in cross-border regulation of personal data.This paper analyzes the characteristics of Russian personal data legislation regulation and the historical and realistic factors of choosing the conservative and strict personal information cross-border policy.Through comprehensive analysis and comparison,it is concluded that the above regulation mode of cross-border flow of personal data is not suitable for the overall transplantation to China.The fourth part is about the conflict dilemma between data sovereignty and data flow in the cross-border flow of personal information.First of all,the value orientation of the cross-border normative system of personal information should be clearly defined,a reasonable and consistent value sequence arrangement should be made,and the definition of data sovereignty should be reshaping.Under this value orientation,the whole-process control of cross-border risks of personal information should be realized by refining the classification and classification system of personal information,improving the diversified channels of personal information leaving the country,and perfecting the supervision system of the full life cycle of cross-border flow of personal information.Resolve the conflict between data sovereignty and data flow in the cross-border flow of personal information.