How the Data Rules of EU is Exported to the Outside of the Region: Take the EU ’s General Data Protection as an example

Abstract

The General Data Protection of the European Union, the GDPR is the concentrative embodiment of the stringent regulation of data policy. In the field of cross-border data flows, the “White-List” evaluation mechanism of cross-border data flows is constructed by “adequacy decision”, “appropriate safeguards” and exceptional stipulates. Through the evaluation by the above mechanism, if the protection level of the overseas data recipients is substantially equal to the level of the EU, the EU will authorize the transfers of EU data to the region. This mechanism mentioned above, somehow makes the data rules of the EU and the preference on stringent regulation of data policy adopted by more and more Non-EU countries. The mode of data regulation supervise is considered as an ideal reference and it is gradually spread globally. However the evaluation mechanism of cross-border data flows, should be regarded as a new-type barrier on data flows. And it will block the development of free market for global trade in data services. Thus, to resolve the conflict on the regulations of data supervision and cross-border data interaction, the World Trade Organization should shoulder more responsibilities, promote a broader global negotiation.