| US-based Facebook Inc.has 500 million mobile users worldwide,yet it has been sanctioned with large fines in several countries for violating its privacy policy.Several countries have fined Facebook Inc.and its subsidiaries for collecting and using user data in violation of privacy policies.and its subsidiaries for collecting and using user data in violation of privacy policies.In March 2018,the British big data company Cambridge Analytica collected the personal data of 87 million Facebook users.facebook Inc.was fined up to $5 billion by multiple countries for failure to effectively protect users’ data while failing to be transparent was penalized upwards of $5 billion by multiple countries.Why does the United States,the most advanced digital economy,disregard the security of personal data in other countries or regions? What are the principles and protection framework of its personal data protection legislation? How do the above conflicts in cross-border digital trade relate to its national security concept?This paper uses literature analysis,inductive deductive method,and comparative analysis to sort out and explore the relationship between privacy and personal data,national security concept and the new national security concept of the United States,and national security concept and personal data protection,and constructs a three-dimensional framework table of personal data protection in the United States from the perspective of the new national security concept of the United States,from domestic personal data protection and international cross-border data flow,federal level legislation and state level legislation,and four major security priorities.The study also considers the impact of the U.S.global security strategy on the cross-border flow of data and digital trade in the EU and China,and provides countermeasures for China.The study finds that the new national security concept of the United States is its guiding ideology in formulating the personal data protection framework.In the U.S.,personal data protection mainly emphasizes the "data development priority principle" and "moderate security principle",and has formed four key areas of security legislation for personal data protection.The federal level and the state level have different legislative models,among which the federal level still lacks a unified personal data protection law,and the industry scattered legislation focuses on the four key areas,with more emphasis on building a perfect cyber security system to protect personal data security,but the implementation of a unified legislative model may become the future trend under the call of all parties.The state level is in the forefront of legislation,and many states have enacted unified personal data protection laws,promoting the process of U.S.personal data protection legislation.In terms of international data flows across borders,a lenient regulatory system for multinational enterprises is advocated,while strengthening the "long-arm jurisdiction" over data flows.The "easy-in,easy-out" model for personal data has led to the creation of data barriers in various countries.The Biden administration has taken an aggressive approach since taking office,hoping to reopen the free flow of data across borders.However,the U.S.is still hostile to China and will continue to compete and confront in the cross-border data flow.China should therefore improve its data protection regulatory mechanism,set detailed penalty standards and build a system of rules for the cross-border flow of personal data around the idea of a community of destiny in cyberspace. |
