The latest figures released by the General Administration of Customs of China highlight a remarkable trend in cross-border e-commerce, showcasing a significant expansion within the sectorIn the first half of this year alone, China's cross-border e-commerce imports and exports reached an impressive 12.2 trillion yuan, marking a year-on-year growth of 10.5%. The growth trajectory extends back to 2018, reflecting an overall increase of 120% in cross-border e-commerce activity over the last five years.

As we navigate through the digital economy era, cross-border e-commerce has emerged as a critical driver for foreign trade developmentIt leverages advanced technologies to meet the evolving demands of consumers, facilitating global transactions that allow individuals and businesses alike to buy and sell products worldwideHowever, behind the convenience of online shopping lies a more complex narrative—the international flow of dataWhile the movement of data across borders is common, it brings about intricate challenges regarding data security and personal information protectionAs the global digital economy flourishes, ensuring the secure and orderly flow of data becomes paramount.

When we consider the mechanics of cross-border data flow, it is evident that these exchanges are deeply woven into everyday commercial activitiesFinancial transactions such as cross-border payments, travel arrangements involving international flight and hotel bookings, and academic collaborations span geographic boundaries through the transfer of dataEach of these instances illustrates the omnipresence of cross-border data flows in our globalized world.

Take the example of a consumer in China purchasing a product from an overseas seller through a cross-border e-commerce platformA legal representative from an unnamed internet company explained during an interview that the buyer is required to input their shipping and order details to the foreign sellerBecause the buyer and seller rely on devices located in different countries, this single interaction results in the transmission of data across borders.

To delve deeper into the concept of cross-border data flow, it is important to grasp what it entails

Advertisements

According to Wu Shenkuo, a doctoral supervisor at Beijing Normal University and deputy director of the China Internet Association Research Center, cross-border data flow can be classified into two prominent scenarios: the first involves data being transmitted or transferred across different servers in various countries or regions; the second pertains to relevant entities accessing and processing domestic data while operating from abroad.

In practical terms, when overseas employees of a company log into the domestic corporate intranet to retrieve information on clients for business operations, this scenario exemplifies the second type—where entities access domestic data from abroadIt underscores the fundamental nature of data flow in commercial operations and its inevitability amid the cross-border movement of goods, services, and capital.

Yet, the movement of data internationally also raises deeper concernsSafety is a vital prerequisite for the flow of cross-border dataGao Fuping, a leading scholar in intellectual property law and the director of the Internet Law Research Institute, pointed out in an interview that while cross-border data flow is common in international relations, it is often complicated by considerations relating to national security.

Gao emphasized that managing the safe and orderly movement of data involves two key aspects: first, establishing mutual trust for data exchange, which requires a clear assessment of the credibility of data recipients; second, monitoring how these recipients utilize the data through effective technological and regulatory measures.

From a practical standpoint, businesses looking to expand into foreign markets must keenly adhere to varying compliance requirements concerning cross-border data flow established by different nations.

For example, if a company aims to launch a new service in countries within the ASEAN bloc, it will typically allocate time and resources to hire legal consultants to navigate the regulatory landscape, with a particular focus on compliance with data transfer regulations between China and the target countries.

Continuous optimization is critical at the operational level

Advertisements

A McKinsey report projects that by 2025, cross-border data flow will contribute an astounding $11 trillion to global GDPThis anticipation was echoed in the Central Economic Work Conference held in December 2023, where issues surrounding cross-border data flow and equal participation in government procurement processes were stated as prioritiesFurthermore, the government report issued this year explicitly highlighted the necessity of addressing cross-border data movement.

China is proactively working to establish a framework for the lawful and orderly flow of dataThis has included the implementation of laws related to cybersecurity, data safety, and personal information protection, alongside clearly defined regulations concerning overseas data activitiesMeasures such as establishing security assessments for data exiting the country, standardized contracts for personal information transfer abroad, and certification for data protection compliance represent systematic efforts to create a secure data exchange infrastructure.

Importantly, advocating for the free flow of data does not equate to the relaxation of regulatory oversightCompanies remain obligated to uphold fundamental privacy protections thus ensuring consumers' rights to their personal information are respected, while regulatory agencies must maintain consistent oversight to encourage enterprises to enhance their data compliance mechanisms.

Gao advocates for a dual approach comprising domestic order in data utilization and security concerning international data exitHe proposes the establishment of a system anchored in national security which harmonizes data security challengesThis includes concentrating regulatory efforts on key data types and maintaining vigilance against mere transactional exchanges of sensitive information such as human genetic data and geographic information.

On the topic of international economic cooperation, it has been noted that data movement is closely linked to personal information

Advertisements

Advertisements

Advertisements