信息资源管理学报 ›› 2021, Vol. 11 ›› Issue (3): 30-39.doi: 10.13365/j.jirm.2021.03.030

• 专题-数据治理制度建设 • 上一篇    下一篇

国际个人数据跨境流动治理模式及我国借鉴研究

冉从敬1,2 刘瑞琦1 何梦婷1   

  1. 1.武汉大学信息管理学院,武汉,430072; 
    2.武汉大学深圳研究院,深圳,518000
  • 出版日期:2021-05-26 发布日期:2021-06-22
  • 作者简介:冉从敬,教授,博导,研究方向为大数据治理、政府数据、网络主权,Email:rancongjing@163.com;刘瑞琦,硕士生,研究方向为数据科学,数据政策,Email:richliu@whu.edu.cn;何梦婷,博士生,研究方向为网络主权,大数据治理,Email:hoomtwhu@163.com。
  • 基金资助:
    本文系深圳市科学技术创新委员会深圳市科技计划项目“面向网络主权的政务大数据语义关联、全局融合与深度学习关键技术研究”(JCYJ20180302173459920),国家自然科学基金面上项目“多源大数据融合驱动的产业管理模型设计及领域实证研究”(71774123),教育部人文社科重点研究基地重大项目“大数据资源的制度规制和国家治理研究”(17JJD870001)研究成果。

Research on the Governance Model of International Personal Data Cross-border Flow and China’s Reference

Ran Congjing1,2 Liu Ruiqi1 He Mengting1   

  1. 1.School of Information Management, Wuhan University, Wuhan, 430072; 
    2.Shenzhen Research Institute, Wuhan University, Shenzhen, 518000
  • Online:2021-05-26 Published:2021-06-22

摘要: 近年来随着互联网和全球贸易的迅速发展,大规模的个人数据频繁在国家间流动,个人数据的跨境流动使得公民隐私、商业机密和国家安全面临威胁,个人数据跨境流动保护问题逐渐得到各国重视。 本文通过对欧盟、美国和俄罗斯的个人数据跨境保护相关的法律和政策进行分析和梳理,总结其保护模式与特点,同时与我国的模式进行对比,思考我国个人数据跨境流动保护模式的优化以及跨国贸易中的应对。研究发现欧盟、美国和俄罗斯在实践中各形成了人本核心、利益驱动、主权限制的不同个人数据跨境流动保护模式,在不同模式下具有不同的核心诉求、构建范式和实施手段。基于中国个人数据跨境流动的现状,对我国提出了综合性与特殊性立法立规相结合,中央监管审查与地方、行业辅助治理并行,完善“事前-中-后”全链规制手段以及加强国际对话等建议。

关键词: 个人数据跨境流动, 个人数据保护, 隐私权, 数据治理, 跨国贸易, 数字强国

Abstract: In recent years, with the rapid development of the Internet and global trade, large-scale personal data are frequently flowing between countries, and the cross-border flow of personal data has put citizens' privacy, commercial secrets and national security at risk. The protection of cross-border flow of personal data has gradually gained attention from various countries. By analyzing and sorting out the laws and policies related to the cross-border protection of personal data in the EU, the US and Russia, this paper summarizes their protection models and characteristics, and at the same time compares them with China's model to consider the optimization of China's protection model for cross-border flow of personal data and its response in cross-border trade. It finds that the EU, the US and Russia have each developed different models of protection for cross-border flows of personal data that are people-centred, interest-driven and sovereignty-restricted in practice, with different core demands, construction paradigms and implementation means under different models. Based on the current situation of the cross-border flow of personal data in China, the paper proposes a combination of comprehensive and specific legislation and regulation, parallel central regulatory review and local and industry-assisted governance, improvement of the whole chain of "ex-ante-medium-post" regulation means and strengthening international dialogue.

Key words: Cross-border flow of personal data, Personal data protection, Privacy, Data governance, Cross-border trade, Digital power

中图分类号: