Trilemma and tripartition: The regulatory paradigms of cross-border personal data transfer in the EU, the U.S. and China

Abstract

The regulation of the cross-border transfer of personal data is a major issue of globalization in the digital era. The key point for lawmakers is how to choose two of the following three elements in the trilemma: personal data protection, free transborder flow of information and the expansion of national jurisdiction. The EU, the U.S. and China adopt their own decisions, resulting in three inherently incompatible legislative paradigms, which has led to the restricted flow of personal data around the world as well as the free flow in three different regions, with the EU, the U.S. and China as the center of each region. In this way, the regulating paradigms of cross-border personal data transfer presents a pattern of tripartition.