| The export of personal information is a complex and challenging issue involving factors such as the protection of citizens’ personal information,data sovereignty and national security,differences in the level of protection in different jurisdictions,extraterritoriality and application of long-arm jurisdiction,digital trade,and international relations and situations.Globally,the EU and U.S.legislative models for the export of personal information are representative and influential,and each has shown new trends in recent years.In the wake of Schrems II,the EU requires that all data transfer safeguards meet the same level of protection.On the one hand,the U.S.has increased its efforts to regulate the export of personal information,and on the other hand,the U.S.is actively working with the EU to reach new data transfer agreements in order to obtain personal information abroad,while implementing a global system of cross-border data transfer with low protection standards.Against the above background,China has also accelerated the pace of development of legal documents for the regulation of personal information leaving the country.The promulgation of the Standard Contractual Clauses to the Exit of Personal Information marks the initial formation of China’s personal information exit regulatory system with exit security assessment as the core,supplemented by standard contracts and certification systems.However,in practice,there are still problems such as unsatisfactory implementation of security assessment,unclear logic of system design leading to overlap of different regulatory systems in terms of content,and lack of international two-way transmission path for personal information.In this regard,based on the legislative experience in Europe and the United States,we should further improve the domestic regulatory rules for the export of personal information,establish the National Data Agency as an independent regulatory body for the export of personal information,and establish the model of "conducting security assessment of export actions involving national security risks,and exporting the rest through free flow or other diversified safeguards".Personal information exit regulation model.At the corporate compliance level,we should fully incorporate the research results of the personal information exit policies of multinational companies to improve corporate compliance governance.In addition,we should pay attention to the interface between legislation,law enforcement and justice,enhance the extraterritorial application of China’s personal information exit laws,strengthen international cooperation in cross-border personal information,eliminate data transmission barriers,and ensure the safe,free and orderly flow of personal information. |