摘要
个人信息跨境流动的法律规制,既是国内法问题,亦是国际法问题;在全球化和大数据时代背景下,此项议题也日益为各国所关注。个人信息跨境流动有数据主权与自由流动两方面的利益冲突,在此冲突下,欧盟和美国皆采取不同的法律规制方式:欧盟强调严格的立法、司法、执法保护,而美国则是提倡行业自律与事后问责。其中,欧盟对个人信息跨境流动有较大的法律限制,但这种限制同时也通过白名单等制度设计而获得相对的弹性。美国则是依赖着技术上的绝对优势,倡导个人信息跨境的自由流动,以此谋求其信息科技公司在全球的繁荣发展。基于欧美比较法上的经验与中国的基本国情,在随着数字经济发展壮大的同时,中国更加需要完善个人信息跨境流动之法律规制,综合考量域外经验与本土利益,从完善国内立法、司法与执法,加强国际合作协调两方面,构建有中国特色的个人信息跨境流动之法律规制。具体而言,首先,需要在理念层面坚持网络主权原则的指导,并且以该原则为基础积极开展个人信息跨境流动法律规制的国际合作;其次,需要在制度层面继续推进国家统一立法进程,并且完善与细化相关的行政法规、部门规章等具体法律规范;最后,需要在实施层面落实法律保障机制,通过赋予当事人必要的救济手段,来打击相关的违法行为以树立法律的权威。
The legal regulation of the cross-border flow of personal information is not only a domestic law issue,but also an international law issue.In the context of globalization and the era of big data,this issue is also increasingly concerned by countries.The cross-border flow of personal information has induced conflicts of interest between data sovereignty and free flow.Under the conflicts,the European Union and the United States adopt different legal regulating approaches.The EU emphasizes strict legislation,justice,and law enforcement protection,while the US promotes industry self-discipline and accountability afterwards.Relatively speaking,the EU has stricter legal restrictions on the cross-border flow of personal information,but such restrictions are also relatively flexible through some mechanisms such as white lists.The US relies on its absolute advantages in technology and advocates the free flow of personal information across borders in order to seek the prosperity and development of its information technology companies in the world.Based on the comparison among the EU and the US and the conditions of China,as the digital economy grows,China needs to take a comprehensive consideration of combing foreign experience and local interests,to improve domestic legislation,justice,and enforcement,strengthen international cooperation and coordination,and establish legal regulations for cross-border flows of personal information with Chinese characteristics.Specifically,first,it is necessary to adhere to the guidance of the cyber sovereignty principle at the idea level and accordingly,to actively carry out international cooperation on regulating the cross-border flow of personal information;second,at the institutional level,it is necessary to continuously promote the national legislation,and to refine the relevant administrative and specific rules;finally,at the implementation level,it is necessary to establish a legal protection mechanism,to provide parties with necessary remedies,and to crack down on violations to re
出处
《深圳社会科学》
2021年第4期99-109,共11页
Social Sciences in Shenzhen
关键词
个人信息跨境流动
数据主权
网络主权
《个人信息保护法(草案)》
cross-border flow of personal information
data sovereignty
network sovereignty
the Chinese Personal Information Protection Law(draft)
