發展中國家因應GDPR數據跨境傳輸規則的困境與啟示——以印度為例

Dilemmas and Enlightenments for Developing Countries in Responding to the GDPR’s Cross-Border Data Transfer Rules - The Case of India

歐盟《通用數據保護條例》利用充分性決定及適當保障措施構建了全面立體的歐盟數據跨境傳輸規則體系，統一了歐盟成員國向第三國傳輸個人數據的標準與條件。許多國家已經實施或考慮實施此類要求以促進與歐盟國家的數據依賴型貿易的發展。在數據時代，為緩解數字強國與欠發達國家間數字鴻溝的進一步擴大，關注發展中國家在數據傳輸方面面臨的困境至關重要。印度作為發展中國家新興經濟體代表，在因應GDPR時面臨著獨特的挑戰，其應對之策為其他發展中國家提供了數字規則談判方面的啟示。

EU General Data Protection Regulation (GDPR) has constructed a comprehensive and three-dimensional system of cross-border data transfer rules by using adequacy decision and appropriate safeguards and harmonized standards and conditions for personal data transfers to third countries in all EU member states. Many countries have already implemented or are considering implementing such requirements to pursue the development of data-dependent trade with EU. In the data age, it is crucial to focus on the dilemmas faced by developing countries in data transfers in order to mitigate the further widening of the digital divide between digital powerhouses and less developed countries. As a representative of an emerging economy in developing countries, India faces unique challenges in responding to the GDPR rules, and its responses provide insights for other developing countries in the aspect of negotiating digital rules.