关键词: 个人数据跨境流动, 个人数据保护, 隐私权, 数据治理, 跨国贸易, 数字强国

Abstract: In recent years, with the rapid development of the Internet and global trade, large-scale personal data are frequently flowing between countries, and the cross-border flow of personal data has put citizens' privacy, commercial secrets and national security at risk. The protection of cross-border flow of personal data has gradually gained attention from various countries. By analyzing and sorting out the laws and policies related to the cross-border protection of personal data in the EU, the US and Russia, this paper summarizes their protection models and characteristics, and at the same time compares them with China's model to consider the optimization of China's protection model for cross-border flow of personal data and its response in cross-border trade. It finds that the EU, the US and Russia have each developed different models of protection for cross-border flows of personal data that are people-centred, interest-driven and sovereignty-restricted in practice, with different core demands, construction paradigms and implementation means under different models. Based on the current situation of the cross-border flow of personal data in China, the paper proposes a combination of comprehensive and specific legislation and regulation, parallel central regulatory review and local and industry-assisted governance, improvement of the whole chain of "ex-ante-medium-post" regulation means and strengthening international dialogue.

Key words: Cross-border flow of personal data, Personal data protection, Privacy, Data governance, Cross-border trade, Digital power