It is ineloquent to state that China had made a fundamental shift with respect to its attitude on data localization measures. Even though in the discursive context of RCEP, China initiated a historical step and for the first time it declared its willingness to be bound by provision which disallows member states to require a service supplier or an investor to comply domestic data localization policy as the precondition of conducting business in their territories. But it is far away from a substantial shift on its restrictive attitude toward data flow with honesty. China’s regulatory power is still preserved and guarded through the application of the public policy exception and essential security
124 Diane A. Desierto, ‘The Regional Comprehensive Economic Partnership (RCEP)'s Chapter 19 Dispute Settlement Procedures’ (EJIL, 2020) <www.ejiltalk.org/the-regional-comprehensive-economic-partnership-rceps-chapter-19-dispute-settlement/> accessed 4 May 2022.
125 Ibid.
126 CPTPP, Art 28.2, 14.18.
127 RCEP, Art 12.17(3), 20.8.
128 Elms (n 87) 377.
interest exception under the last paragraph of RCEP Article 12.14. The former confirms a subjective standard on accessing whether it is necessary to resort to a data localization measure, and the latter affirms the self-judging character and explicitly obstructs any possibility for other member parties to dispute. Besides, the carving out of the dispute settlement mechanism in the RCEP also weakens the constraints formulated in the Article 12.14, as it bars RCEP’s jurisdiction to adjudication, but drives the dispute to be resorted to a more political, bureaucratic and internal compromise. Therefore, China can safely reach a possible but not harmful compromise, sustaining a balance among its free trade commitment, cybersecurity and regulatory autonomy. Before RCEP had been entered into effect in 2020, China reiterated its emphasis on data sovereign and state security by means of requesting personal information and important data collected by CIIO or that which reached a certain amount, to be saved on local servers.
Confronted the international criticisms on the universality of the definition of CIIO, the heavy administrative burden, the excessive domestic discretion power and the overfull emphasis on national security, and the internal pressure of development in the digital era, China had moderated the regulation on outbound data transfer constantly. It is reflected in the latest Assessment Measures – one year after the effective date of RCEP, that the restrictiveness on data flow is still preserved, but it gradually mitigates to a more acceptable extent. It can also be shown in what China conveyed in the GDSI, that a general prohibition on data localization has been corresponded to its commitment in RCEP. Therefore, even though this change of approach is not that radical and satisfactory than expected, it is still an optimistic sign. With all these efforts, China is actively pursuing a consensus with other trading partners and intentionally constraining its regulatory power. Whether the most accurate description of the intention behind the change would be an unwilling compromise against the external pressure or a willing political show with the sophisticated provision design, the rationale of any policy change is not blind and single-minded. Besides, revolution on legislation and policy, after all, takes time and efforts. It will be more than pessimism if we assert if it is not a fundamental change, then it is nothing. All in all, as one of the most significant roles in the digital trade with a numerous population and great market, the act of expressing an
attitude is crucial in and of itself. And, as the world has expected, those major players in the field of digital trade would and have to learn from each other and act in harmony.129 It is in this regard that this dissertation tries to conduct a modest scrutinization and analysis, and shed a light on a change in the real sense in the future when China leaves its obsession of data security and embraces rules which provide more predictability and certainty to facilitate the flow of data.
129 Henry Gao, ‘E-commerce Governance: Back to Geneva?’ (Cigionline, 14 February 2022)
<https://www.cigionline.org/articles/e-commerce-governance-back-to-geneva/> accessed 7 April 2022.
Reference
Table of Cases
WTO, Korea - Measures Affecting Imports of Fresh, Chilled and Frozen Beef – Report of the Appellate Body (11 December 2000) WT/DS161/AB/R and WT/DS169/AB/R
WTO, Russia – Measures Concerning Traffic in Transit – Report of the Panel (5 April 2019) WT/DS512/R
Table of Legislation
Critical Information Infrastructure Security Protection Regulations Cybersecurity Law of the People's Republic of China 2016 Data Security Law of the People's Republic of China
Draft for Comment for Outbound Data Transfer Security Assessment Measures 2021
Draft of Measures for the Security Assessment of Personal Information and Important Data Outbound Transfer 2017
Draft of Measures for the Security Assessment of Personal Information Outbound Transfer 2019
General Data Protection Regulation
Personal Information Protection Law of the People's Republic of China Regional Comprehensive Economic Partnership
State Council of the People’s Republic of China Decree (No. 745) Critical Information Infrastructure Security Protection Regulations
United States-Mexico-Canada Agreement
Bibliography
Primary Sources
CAICT, ‘White Paper on The Development of China's Digital Economy’ (CAICT, April 2021)
<http://www.caict.ac.cn/kxyj/qwfb/bps/202104/P020210424737615413306.pdf> accessed 18 March 2022
GFMA, ‘RE: The Consultation Draft of the Measures for Security Assessment of Personal Information Outbound Transfer’ (Asifma, 12 July 2019), 11
<www.asifma.org/wp- content/uploads/2019/07/gfma-response-measures-for-security-assessment-of-personal-info-outbound-transfer-bilingual-final-7122019.pdf> accessed 24 April 2022
UNCTAD, ‘Intergovernmental Group of Experts on E-commerce and the Digital Economy, Fourth session: Digital platforms and value creation in developing countries: Implications for national and international policies’ (19 February 2020) TD/B/EDE/4/2
——, ‘Digital Economy Report 2021: Cross-border data flows and development: For whom the data flow’ (29 September 2021) UNCTAD/DER/2021
——, ‘Digitalization of Service: What does it imply to trade and development?’ (25 Mar 2022) UNCTAD/DITC/TNCD/2021/2
United States International Trade Commission, Digital Trade in the U.S. and Global
Economies, Part 2 (4485 August 2014) 14
<https://www.usitc.gov/publications/332/pub4485.pdf> accessed 23 May 2022
USTR, ‘2017 National Trade Estimate Report on Foreign Trade Barriers’ (March 2017)
<https://ustr.gov/sites/default/files/files/reports/2017/NTE/2017%20NTE.pdf> assessed 7 May 2022
——, ‘2020 National Trade Estimate Report on Foreign Trade Barriers’ (2020)
<https://ustr.gov/sites/default/files/2020_National_Trade_Estimate_Report.pdf > assessed 9 May 2022
World Economic Forum, ‘Data Free Flow with Trust (DFFT): Paths towards Free and Trusted Data Flows’ (May 2020)
<https://www3.weforum.org/docs/WEF_Paths_Towards_Free_and_Trusted_Data%20_Flows _2020.pdf> accessed 30 May 2022
World Trade Organization, ‘Article XXI Security Exceptions’, in WTO, Analytical Index of the GATT (WTO 2021)
——, ‘Communication from the United States, Measures Adopted and under Development by China Relating to Its Cybersecurity Law’ (S/C/W/374), 2
<https://docs.wto.org/dol2fe/Pages/SS/directdoc.aspx?filename=q:/S/C/W374.pdf>
——, ‘Joint Statement on Electronic Commerce, Communication from China’
(INF/ECOM/19)
<https://docs.wto.org/dol2fe/Pages/SS/directdoc.aspx?filename=q:/INF/ECOM/19.pdf&
Open=True >
——, ‘Joint Statement on Electronic Commerce’ (WT/MIN(17)/60)
<https://docs.wto.org/dol2fe/Pages/SS/directdoc.aspx?filename=q:/WT/MIN17/60.pdf&Open
=True>
——, Work Programme on Electronic Commerce, Aiming at the 11th Ministerial Conference, Communication from the People’s Republic of China and Pakistan Revision,
JOB/GC/110/Rev.1, JOB/CTG/2/Rev.1, JOB/SERV/243/Rev.1, JOB/DEV/39/Rev.1 (16 November 2016)
<https://docs.wto.org/dol2fe/Pages/SS/directdoc.aspx?filename=q:/Jobs/GC/110R1.pdf>
——. ‘Joint Statement on Electronic Commerce’ (WT/L/1056)
<https://docs.wto.org/dol2fe/Pages/SS/directdoc.aspx?filename=q:/WT/L/1056.pdf&Open=Tr ue>
Secondary Sources
Badran MF, “Economic Impact of Data Localization in Five Selected African Countries”
(2018) 20 Digital Policy, Regulation and Governance 337
Burri M, “Data Flows and Global Trade Law” [2021] Big Data and Global Trade Law 11 Castro D, ‘The False Promise of Data Nationalism’ (ITIF, December 2013)
<www2.itif.org/2013-false-promise-data-nationalism.pdf> accessed 22 April 2022
——and McQuinn A, ‘Cross-Border Data Flows Enable Growth in All Industries’ (ITIF, February 2015)
<https://cdn.sanity.io/files/03hnmfyj/production/96fb1135bf96316b3d35f73c694a340357b9d8 23.pdf> accessed 27 April 2022
Chander A and Le U, ‘Data nationalism’ (2015) 64(3) Emory Law Journal 677
Cory N, ‘USMCA Data and Digital Trade Provisions: Status Check’ (Wilson Center, 19 November 2021) < https://www.wilsoncenter.org/article/usmca-data-and-digital-trade-provisions-status-check> accessed 13 May 2022
——and Dascoli L, ‘How Barriers to Cross-Border Data Flows Are Spreading Globally, What They Cost, and How to Address Them’ (ITIF, 19 July 2021) <
https://itif.org/publications/2021/07/19/how-barriers-cross-border-data-flows-are-spreading-globally-what-they-cost/> accessed 1 February 2022
Desierto DA, ‘The Regional Comprehensive Economic Partnership (RCEP)'s Chapter 19 Dispute Settlement Procedures’ (EJIL, 2020) <www.ejiltalk.org/the-regional-comprehensive-economic-partnership-rceps-chapter-19-dispute-settlement/> accessed 4 May 2022
Donnan S, ‘Pacific Trade Deal Takes Aim at Chinese Hacking’, (Financial Times, 4
November 2015) < www.ft.com/content/89a0137a-82b1-11e5-8095-ed1a37d1e096> accessed 4 February 2022
Drake W, Data Localization and Barriers to Cross-Border Data Flow: Towards a Multitrack Approach (White Paper, 2018)
Elms DK, “Getting RCEP across the Line” (2021) 20 World Trade Review 373
Feng F, ‘2016 World Internet Conference III Wuzhen Summit Closing Ceremony’ (World Internet Conference, 2016) <
http://2016.wicwuzhen.cn/system/2016/11/18/021372773.shtml> accessed 3 March 2022 Ferracane MF and van de Marel E, ‘The Cost of Data Protectionism’ (ECIPE, October 2018)
< https://ecipe.org/blog/the-cost-of-data-protectionism/> accessed 5 May 2022.
Ferracane MF, Kren J and Marel E, “Do Data Policy Restrictions Impact the Productivity Performance of Firms and Industries?” (2020) 28 Review of International Economics 676 Ferracane MF, Lee-Makiyama H and van de Marel E, ‘Digital Trade Restrictiveness Index’
(ECIPE, 2018) <https://ecipe.org/wp-content/uploads/2018/05/DTRI_FINAL.pdf > accessed 5 May 2022.
Gao H, “Digital or Trade? the Contrasting Approaches of China and US to Digital Trade”
[2017] SSRN Electronic Journal 297
——, ‘Data Regulation with Chinese Characteristics’ in M. Burri (rds), Big Data and Global Trade (Cambridge University Press 2021) 252
——, “Data Sovereignty and Trade Agreements: Three Digital Kingdoms” [2021] SSRN 9
—— ‘E-commerce Governance: Back to Geneva?’ (Cigionline, 14 February 2022)
<https://www.cigionline.org/articles/e-commerce-governance-back-to-geneva/> accessed 7 April 2022
Gao Y, ‘China needs to fully defend data sovereignty’ (Global Times, 14 July 2021)
<https://opinion.huanqiu.com/article/43vewiWitmm > assessed 16 May 2022
Goldfarb A and Trefler D, “AI and International Trade” (National Bureau of Economic Research, working paper No24254, 2018) <https://www.nber.org/papers/w24254> assessed 7 May 2022
Henckels C, “Permission to Act: The Legal Character of General and Security Exceptions in International Trade and Investment Law” (2020) 69 International and Comparative Law Quarterly 557
Hodson S, 'Applying WTO and FTA Disciplines to Data Localization Measures' (2019) 18 World Trade Review 579
Honey S, ‘Chapter 8: Asia-Pacific digital trade policy innovation’ in Ingo Borchert and L Alan Winters (eds), Addressing Impediments to Digital Trade (CEPR PRESS 2021)
Hsieh PL, “The China-Australia Free Trade Agreement: A 21st-Century Model. by Colin B.
Picker, Heng Wang, and Weihuan Zhou (Eds), Oxford: Hart Publishing, 2018. ISBN 978 1 509 91538 5, 363pp.” (2018) 21 Journal of International Economic Law 923
Jackson JH, World Trade and the Law of GATT (A Legal Analysis of the General Agreement on Tariffs and Trade), Bobbs-Merrill Company (1969)
Ji X and Rana PB, “A Deal That Does Not Die: The United States and the Rise, Fall and Future of the (CP)TPP” (2019) 34 Pacific Focus 230
Meltzer JP, “Governing Digital Trade” (2019) 18 World Trade Review
Mishra N, “Privacy, Cybersecurity, and Gats Article XIV: A New Frontier for Trade and Internet Regulation?” (2019) 19 World Trade Review 341
——, 'Building Bridges: International Trade Law, Internet Governance, and the Regulation of Data Flows' (2019) 52 Vand J Transnat'l L 463"
Mozur P, ‘China Tries to Extract Pledge of Compliance From U.S. Tech Firms’ (Nytimes, 2015) <www.nytimes.com/2015/09/17/technology/china-tries-to-extract-pledge-of-compliance-from-us-tech-firms.html> accessed 7 June 2022
Peng S and Liu H, “The Legality of Data Residency Requirements: How Can the Trans-Pacific Partnership Help?” (2017) 51 Journal of World Trade 183
Pushp P, ‘RCEP and India’s Dilemma. Modern Diplomacy’ (Modern Diplomacy, 14 March 2021) <https://moderndiplomacy.eu/2021/03/14/rcep-and-indias-dilemma> assessed 16 April 2022
Ran C, ‘Global situation of data sovereignty governance and China's response’ (Rmlt, 2 March 2022) <www.rmlt.com.cn/2022/0302/641108.shtml> assessed 5 February 2022 Ren L, “Apple: Icloud Services in China to Be Run by GCBD” (PandailyJanuary 11, 2018)
<https://pandaily.com/apple-icloud-services-china-run-gcbd/>
Sacks S and Webster G. ‘Five Big Questions Raised by China's New Draft Cross-Border Data Rules’ (DigiChina, 13 June 2019) <https://digichina.stanford.edu/work/five-big-questions-raised-by-chinas-new-draft-cross-border-data-rules/> accessed 25 April 2022
—— and Shi M, Triolo P, ‘Knowns and Unknowns About China’s New Draft Cross-Border Data Rules’ (DigiChina, 5 November 2021) <https://digichina.stanford.edu/work/knowns-and-unknowns-about-chinas-new-draft-cross-border-data-rules/> accessed 31 March 2022 Saltzer JH, Reed DP and Clark DD, “End-to-End Arguments in System Design” (1984) 2 ACM Transactions on Computer Systems 277
Selby J, “Data Localization Laws: Trade Barriers or Legitimate Responses to Cybersecurity Risks, or Both?” (2017) 25 International Journal of Law and Information Technology 213 Sen N, “Understanding the Role of the WTO in International Data Flows: Taking the Liberalization or the Regulatory Autonomy Path?” (2018) 21 Journal of International Economic Law 323
Shen Y and others, ‘The Clean Network Program and US Digital Hegemony’ (FDDI 2020).
Spence M, ‘Preventing the Balkanization of the Internet’ (Council on Foreign Relations, 28 March 2018) <https://www.cfr.org/blog/preventing-balkanization-internet > assessed 7 April 2022
Spiezia V and Tscheke J, ‘International Agreements on Cross-Border Data Flows and
International Trade: A Statistical Analysis’ (OECD 2020)
Streinz T, “Digital Megaregulation Uncontested? TPP’s Model for the Global Digital Economy” [2019] Megaregulation Contested 312
Swinhoe D, ‘Apple Officially Opens Data Center in China’ (Data Center Dynamics, 28 May 2021) <www.datacenterdynamics.com/en/news/apple-officially-opens-data-center-in-china/>
accessed 1 June 2022
Tarnoff B, ‘Data is the new lifeblood of capitalism – don't hand corporate America control’
(The Guardian, 1 Feb 2018) <https://www.theguardian.com/technology/2018/jan/31/data-laws-corporate-america-capitalism> accessed 30 May 2022
Taylor RD, “‘Data Localization’: The Internet in the Balance” (2020) 44 Telecommunications Policy 102003
Triolo P and others, “After 5 Years, China's Cybersecurity Rules for Critical Infrastructure Come into Focus” (DigiChinaOctober 14, 2021) <https://digichina.stanford.edu/work/after-5-years-chinas-cybersecurity-rules-for-critical-infrastructure-come-into-focus/>
Triolo P and Webster G, ‘Translation: China Proposes “Global Data Security Initiative”’
(DigiChina, 2020) <https://digichina.stanford.edu/work/translation-china-proposes-global-data-security-initiative/> assessed 5 June 2022
Vidigal G, “WTO Adjudication and the Security Exception: Something Old, Something New, Something Borrowed – Something Blue?” [2019] SSRN Electronic Journal
Wang C, “Invocation of National Security Exceptions under GATT ARTICLE XXI:
Jurisdiction to Review and Standard of Review” (2019) 18 Chinese Journal of International Law 695
Wolfe R, “Learning about Digital Trade: Privacy and E-Commerce in Ceta and TPP” (2019) 18 World Trade Review
——, “Learning about Digital Trade: Privacy and E-Commerce in Ceta and TPP” (2019) 18 World Trade Review
Wong B, “Data Localization and ASEAN Economic Community” (2019) 10 Asian Journal of International Law 158
Wong S and Martina M, ‘China adopts cyber security law in face of overseas opposition’
(Reuters, 7 November 2016) <https://www.reuters.com/article/us-china-parliament-cyber-idUSKBN132049> assessed 3 June 2022
Wu E, ‘Sovereignty and Data Localization’ (Belfer Center 2021)
Wu M, “Digital Trade-Related Provisions in Regional Trade Agreements: Existing Models and Lessons for the Multilateral Trade System” (rtaexchange.org, November 1, 2017)
<https://e15initiative.org/publications/digital-trade-related-provisions-in-regional-trade-agreements-existing-models-and-lessons-for-the-multilateral-trade-system/> accessed June 1, 2022
Zhang Y and Xu M, ‘What Is the Meaning Behind the Landing of Tesla Data Center In China?’ (Shanghai Observer, 27 May 2021) <www.jfdaily.com/news/detail?id=371375>
accessed 2 May 2022; Sebastian Moss, ‘Tesla Opens Data Center in Shanghai, China’ (Data Center Dynamics, 25 October 2021) <www.datacenterdynamics.com/en/news/tesla-opens-a-data-center-in-shanghai-china/> accessed 2 May 2022
‘Hyperscale Data Center Capacity Doubles in Under Four Years; The US Still Accounts for Half’ (Synergy Research Group, 17 November 2021)