Cross-border data flow in China: Shifting from restriction to relaxation?

Abstract

This article examines China's latest development in the governance of cross-border data flow. Under the general framework of Cyber Security Law, Data Security Law, and Personal Data Protection Law, China established its own regime of cross-border data flow. In recent years, contrary to the general international perception that China imposes strict restrictions especially due to national security concerns, China has been de facto relaxing its regulations on cross-border data flow, especially for digital trade. This article suggests three underlying incentives. First, China is in an increasing need to gain economic growth through international trade and investment. Second, China intends to compete in technology development and take the lead in shaping international rules on data governance. Third, China is seeking to adhere to international standards, particularly those prescribed in international free trade agreements. This article further submits that this paradigm shift would have international implications. First, China's practices need to be examined under the domestic regulatory frameworks of international free trade agreements. Second, China's current legislative and judicial practices are multifaceted, taking into account various factors, including international business, national security, and data protection, which may contribute to the further development of international cross-border data flow rules.