從Schrems I & II論美歐隱私權保障落差對於自由貿易規範之影響

數位經濟時代，包括個資在內的各類資訊於經濟活動的重要性日益提升，從特定產業部門，擴及到各項產業，不僅是服務業高度依賴資訊，隨著網路技術及人工智慧的發展，製造業也需要蒐集使用者資訊，最明顯的例子為各種行動穿戴裝置與智慧家電，而將來自駕車之成敗更與資訊使用息息相關。從國際商業活動的層面，資訊使用及流通之限制與規範，勢必成為影響跨國貿易與投資之重要因素，因而落入國際經濟法之範圍。然而目前跨境資訊傳輸使用規範之發展，除了歐盟「一般資料保護規則（General Data Protection Regulation）」有具體強制性之規範，其他區域性與國際組織對於此問題之規定，相較之下擇顯得鬆散。本文以歐盟為例，討論其跨境資訊傳輸規範與國際貿易法之互動模式，並分析此種互動模式對於自由貿易之影響。本文特別聚焦在Schrems I以及Schrems II，以此二案件來說明歐盟隱私權保障規範對於貿易規範的影響與衝擊，以及當前貿易規範架構可能採取的回應。

In the digital economy, data becomes essential in decision-making and production process. Since e-commerce relies increasingly on cross-border data flows, access to data is crucial for competitiveness and the expansion of companies in the global society. For the concerns over national security, privacy, movement and ownership of data, many countries introduce their own data protection and privacy legislation. The European General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world. Data transfer outside the EU is prohibited unless an adequate safeguard can be used. However, excessively stringent limitations on data flows can have negative effects on international trade and investments. Moreover, due to the fragmentation in current regulatory environment for data protection, the consumers and businesses face a degree of uncertainty over their daily activities. Schrems I and Schrems II are the cases with significant implications for the data transfer between the EU and the US. By looking into how the EU data protection laws interact with the US domestic laws, we can infer that the legal differences in the privacy protection might lead to impediments on the free trade.