我國數據跨境流動規制措施與RCEP服務貿易規則相符性及應對

Assessment of Conformity of China's Regulatory Measures on Cross-Border Data Flows with RCEP Rules on Trade in Services and Recommendations for China

對於影響服務貿易的數據跨境流動規制措施，RCEP項下服務貿易規則的適用優先於數據跨境流動規則。判斷我國數據跨境流動規制措施是否受制於RCEP服務貿易規則，需要具體考察我國在該措施所影響的服務部門和服務提供模式下是否已承擔義務，在我國已承諾承擔義務的情況下，我國數據跨境流動規制措施有可能違反RCEP服務貿易章的市場准入、國民待遇、最惠國待遇和當地存在條款，其是否符合RCEP服務貿易章一般例外條款的關鍵在於執法實踐是否符合該條款前言要求。此外，我國針對關鍵信息基礎設施運營者開展的數據出境安全評估活動符合RCEP安全例外條款。在國內層面，我國應從三個方面完善數據跨境流動規制措施以確保其與RCEP服務貿易規則的相符性。在國際層面，我國在未來RCEP負面清單的談判中應力爭給予數據跨境流動規制措施足夠的關照。

The wide application of data as a production factor in the field of trade in services has led to the effect of regulatory measures on cross-border data flows on trade in services, which in turn has caused the problem of conformity of such measures with RCEP rules on trade in services. Although RCEP also includes rules on cross-border data flows, the application of RCEP rules on trade in services takes precedence over the former as regards regulatory measures on cross-bolder data flows affecting trade in services. Since the core obligations stipulated by the RCEP chapter of trade in services are based on the specific commitments of the contracting parties, and the latter varies according to the service sector and the mode of service supply, determining the conformity of China's regulatory measures on cross-border data flows with RCEP rules on trade in services requires first defining the service sector and mode of service supply affected by such measures. The difficulty therein lies in the classification of services supplied online and affected by such measures. In the ease that China has committed to undertake obligations, China's regulatory measures on cross-border data flows may violate the provisions of market access, national treatment, treatment and local presence in the RCEP chapter of trade in services. Whether China's regulatory measures on cross-border data flows can be justified under the general exception clause in the RCEP chapter of trade in services depends on whether the enforcement practice meets the requirements of the clause's chapeau. In addition, China's security assessment of outward data flows Which critical information infrastructure operators carry out can he justified under the security exception clause in the RCEP chapter of trade in services. At the domestic level, China should improve the regulatory measures on cross-border data flows from three aspects to promote their conformity with RCEP rules on trade in services: (1) to clarify key terms and provisions whose meaning may be ambiguous so as to clearly define the application boundary of RCEP rules on trade in services to China's regulatory measures on cross-border data flows; (2) to refine and disclose specific assessment criteria for the level of data security protection in other countries, increase the flexibility and inclusiveness of such criteria, and promote coherence and predictability in the application of them; (3) to fill the gap in the Personal Information Protection Law by adding a provision as regards the penalties for overseas personal information processors who violate their obligation under Article 53. At the international level, China should try to ensure that the negative. list for trade in services within the framework of RCEP givies sufficient attention to the regulatory measures on cross-border data flows in three aspects (1) to clarify the basis for the classification of service sectors in the explanatory or introductory note of the negative list; (2) to clearly and fully designate the clauses which non-conforming measures included in the negative list violate, such as market access clause or national treatment clause; (3) to enhance the flexibility, inclusiveness and prescience of the negative list. China's exploration in this regard is also conducive to further optimization of domestic business environment and accumulation of useful experience for China to align with higher standards of international economic rules and steadily expand institutional opening up. Furthermore, such an exploration will set an example at the international level on how to better balance development and security goals.