https://orcid.org/0000-0002-5922-2092
![Sample our Law journals, sign in here to start your FREE access for 14 days]({"type":"image" , "src" : "/sda/5942/TOC-Subject-Sample-2021-Law.jpg"})
ABSTRACT
In the past, the Chinese government mainly focused on the issue of national security and thus created a security assessment mechanism for cross-border data flows (CBDFs) with broad coverage. It is about time for China to reconsider its data governance regime based on a balanced approach. Various initiatives to facilitate CBDF have thus been started in so-called pilot free trade zones (FTZs) and special administrative regions (SARs). The good practice in FTZs would help formulate nationwide rules. With regard to SARs, once the special CBDF arrangements between the Chinese mainland and Hong Kong and Macao are concluded, the latter ones could become data centre hubs for the Greater Bay Area as a pilot, and potentially for the entire China in the long run. The reform to facilitate CBDF should be carefully implemented in a manner not favouring domestic companies. Otherwise, it would be inconsistent with the non-discriminatory conditions under the RCEP, as the first international agreement of China that contains provisions to explicitly facilitate CBDF for commercial purposes. Moreover, the negotiations on the accession of the CPTPP and the DEPA would incentivize China to accelerate the pace of reform. From an international perspective, actively engaging China in CBDF negotiations at the regional level would contribute to achieve global CBDF standards through, for instance, the e-commerce negotiations at the WTO.
Acknowledgements
The author would like to thank Prof Yuwen Li and Jacques Beglinger for their insightful comments on several drafts of this article. The author’s thanks also go to two anonymous reviewers for their very helpful comments.
Disclosure statement
No potential conflict of interest was reported by the author(s).
Notes
1 CAC, ‘Seven Departments Including the State Internet Information Office Entered Didi Chuxing Technology Co., Ltd. Conducts Cybersecurity Review’ (16 July 2021) <http://www.cac.gov.cn/2021-07/16/c_1628023601191804.htm> accessed 24 October 2022.
2 CAC, ‘The Relevant Person in Charge of the Cyberspace Administration of China Answers Reporters’ Questions on the Decision to Impose Administrative Penalties Related to Cybersecurity Review on Didi Global Co., Ltd.’ (21 July 2022) <http://www.cac.gov.cn/2022-07/21/c_1660021534364976.htm> accessed 24 October 2022.
3 Infzm, ‘Zuo Xiaodong of China Information Security Research Institute: The Focus of Didi's Review Is the Security Risk of Important Data Going Abroad (中国信息安全研究院左晓栋:“对滴滴审查的重点是重要数据的出境安全风险”)’ (4 July 2021) <https://www.infzm.com/contents/209140> accessed 24 October 2022.
4 Bloomberg Law, ‘Didi’s Move from NYSE to Hong Kong – What to Know: QuickTake’ (19 April 2022) <https://news.bloomberglaw.com/antitrust/everything-we-know-about-didis-plan-to-delist-from-the-nyse> accessed 24 October 2022.
5 For instance, Washington think tank ITIF argues in its 2021 report that China is the most data-restrictive country in the world. ITIF, ‘Restrictions on International Data Flows Have Doubled in Four Years, With Measurable Economic Consequences’, <https://itif.org/publications/2021/07/19/restrictions-international-data-flows-have-doubled-four-years-measurable/> accessed 24 January 2023.
6 Yang Feng, ‘The Future of China’s Personal Data Protection Law: Challenges and Prospects’ (2019) 27(1) APLR.
7 BritCham China, ‘Cross-Border Data and Innovation Report 2021’ (2021) <https://www.britishchamber.cn/en/cross-border-data-and-innovation-report/> accessed 24 October 2022.
8 Outbound Data Transfer Security Assessment Measures (the ‘Security Assessment Measures’) (数据出境安全评估办法) 2022. Guidelines for the Application for Security Assessment for Outbound Data Transfer (First Edition) (数据出境安全评估申报指南(第一版)) 2022. China’s approach appears to be considered ad-hoc authorization. See OECD, ‘Mapping Approaches to Data and Data Flows: Report for the G20 Digital Economy Task Force’ (2020) <https://www.oecd.org/sti/mapping-approaches-to-data-and-data-flows.pdf> accessed 24 October 2022. This report illustrates four major approaches to cross-border data transfers: (a) no regulation, (b) ex-post accountability, (c) flows conditional on safeguards, and (d) flow conditional on ad-hoc authorization.
9 Yan Xiao and Donnie Dong, ‘What Do China’s Data Export Regulations Mean for its Trade Competitiveness?’ 30 November 2022, World Economic Forum Opinion, <https://www.weforum.org/agenda/2022/11/china-data-export-regulations-threaten-trade-competitiveness/> accessed 24 February 2023.
10 Julien Chaisse, ‘“The Black Pit:” Power and Pitfalls of Digital FDI and Cross-Border Data Flows’ (2023) 22(1) World Trade Review 88.
11 World Economic Forum, ‘Digital FDI: Policies, Regulations and Measures to Attract FDI in the Digital Economy’, 2020 <https://www3.weforum.org/docs/WEF_Digital_FDI_2020.pdf> accessed 24 October 2022.
12 Ibid, 12.
13 Julien Chaisse and Cristen Bauer, ‘Cybersecurity and the Protection of Digital Assets: Assessing the Role of International Investment Law and Arbitration’ (2020) 21(3) Vanderbilt Journal of Entertainment and Technology Law 589.
14 OECD, WTO and IMF, ‘Handbook on Measuring Digital Trade’, (2020) OECD, <https://www.oecd.org/sdd/its/Handbook-on-Measuring-Digital-Trade-Version-1.pdf> accessed 24 October 2022, 34.
15 Ibid, 11.
16 Ibid, 39.
17 Brookings, ‘China’s Digital Services Trade and Data Governance: How Should the United States Respond?’ (October 2020) <https://www.brookings.edu/articles/chinas-digital-services-trade-and-data-governance-how-should-the-united-states-respond/> accessed 24 October 2022.
18 ‘China Accounted for 23 per cent of Global Cross-border Data Flows, While the United States Ranked Second at 12 per cent.’ See UNCTAD, ‘Digital Economy Report 2021 – Cross-border Data Flows and Development: For Whom the Data Flow’, 2021, <https://unctad.org/publication/digital-economy-report-2021> accessed 24 October 2022, 20.
19 World Economic Forum, ‘Can Governments Agree on Global Data Flows? Here Are 6 Recommendations’ (June 2020) <https://www.weforum.org/agenda/2020/06/global-data-flows-openness-trust/> accessed 24 October 2022.
20 World Economic Forum, ‘White Papers: Exploring International Data Flow Governance’, (December 2019) <https://www.weforum.org/whitepapers/exploring-international-data-flow-governance> accessed 24 October 2022.
21 Julien Chaisse, ‘“The Black Pit:” Power and Pitfalls of Digital FDI and Cross-Border Data Flows’ (2023) 22(1) World Trade Review 88.
22 Ibid. Also see Georgios Dimitropoulos, ‘Law and Digital Globalization’ (2022) 44(3) U. Pa. J. Int’l L. Susan A Aaronson, Patrick Leblond, ‘Another Digital Divide: The Rise of Data Realms and its Implications for the WTO’ (2018) JIEL 21(2).
23 Decision on Amending the Cybersecurity Law of the People’s Republic of China (Draft for Comment) (关于修改《中华人民共和国网络安全法》的决定(征求意见稿)) 2022.
24 Ibid, Art 66.
25 Party and State Institutional Reform Plan (《党和国家机构改革方案》) 2023.
26 Opinions of the CPC Central Committee and the State Council on Improving the Systems and Mechanisms for Market-based Allocation of Factors of Production (中共中央 国务院关于构建数据基础制度更好发挥数据要素作用的意见) 2022.
27 Cybersecurity Law of the People’s Republic of China (中华人民共和国网络安全法) 2016; Data Security Law of the People’s Republic of China (中华人民共和国数据安全法) 2021.
28 Personal Information Protection Law of the People’s Republic of China (中华人民共和国个人信息保护法) 2021.
29 Jamie P Horsley, ‘Behind the Facade of China’s Cyber Super-Regulator: What We Think We Know – and What We Don't – about the Cyberspace Administration of China’ Stanford University (8 August 2022) <https://digichina.stanford.edu/work/behind-the-facade-of-chinas-cyber-super-regulator/> accessed 24 October 2022.
30 Notice on Printing and Distributing the Overall Plan for Comprehensively Deepening the Pilot Program of Innovative Development of Trade in Services (关于印发全面深化服务贸易创新发展试点总体方案的通知) 2020.
31 This Technical Committee is numbered TC260. It is under the supervision of the CAC. TC260 was established in April 2002 and directly subordinated to the National Standardization Administration.
32 Practice Guidelines for Cyber Security Standards – Security Certification Specifications for Cross-Border Processing of Personal Information (网络安全标准实践指南—个人信息跨境处理活动安全认证规范) 2022, TC260-PG-20222A.
33 Financial Data Security – Data Security Classification Guideline (金融数据安全数据安全分级指南) 2020, JR/T 0197-2020.
34 Cybersecurity Law, Art 8.
35 Ibid, Art 37.
36 Personal Information Protection Law, Art 4.
37 A Guide to Cybersecurity Standard Practices – Guidelines for classification and grading of network data (网络安全标准实践指南—网络数据分类分级指引) 2022, para 2.2.
38 Ibid.
39 Security Assessment Measures, Art 40.
40 Ibid, Art 6.
41 Ibid, Art 7.
42 Ibid, Art 10. The CAC shall, in principle, conclude security assessments within 45 working days from the date of issuance of the written acceptance notice on continuing substantive assessments to CIIOs, this statutory period may be further extended under certain circumstances.
43 Ibid, Art 14.
44 Critical Information Infrastructure Security Protection Regulations (关键信息基础设施安全保护条例) 2021 Art 2.
45 Ibid, Art 9.
46 SECRSS, ‘Didi Is Subject to Cybersecurity Review, Eight Questions You Most Want to Know (滴滴出行被实施网络安全审查,你最想知道的八个问题)’ (4 July 2021) <https://www.secrss.com/articles/32372> accessed 24 October 2022.
47 Security Assessment Measures, Art 4.
48 Ibid.
49 Personal Information Protection Law, Art 38.
50 Practice Guidelines for Cyber Security Standards – Security Certification Specifications for Cross-Border Processing of Personal Information V2.0 (网络安全标准实践指南—个人信息跨境处理活动安全认证规范V2.0) 2022, TC260-PG-20222A.
51 Measures on Standard Contracts for the Export of Personal Information (个人信息出境标准合同办法) 2022.
52 Nature, ‘China’s Crackdown on Genetics Breaches Could Deter Data Sharing’ (13 November 2018) <https://www.nature.com/articles/d41586-018-07222-2> accessed 24 October 2022.
53 BritCham (n 7).
54 Notice on Printing and Distributing the Overall Plan for Comprehensively Deepening the Pilot Program of Innovative Development of Trade in Services (关于印发全面深化服务贸易创新发展试点总体方案的通知) 2020.
55 Yunpeng Wang, ‘On Promotion of Henan Free Trade Zone's Local Legislation (论法治改革观下自贸区地方立法的完善)’ (2022) 3 UIBE Law Review 58.
56 CGTN, ‘Opinion: “Cross the River by Feeling the Stone”: A Valuable Lesson after 40 Years’ <https://news.cgtn.com/news/3d3d514d336b7a4d31457a6333566d54/share_p.html> accessed 24 October 2022.
57 Decision on Amending the Interim Measures for the Recordation Administration of the Establishment and Change of Foreign-invested Enterprises (关于修改《外商投资企业设立及变更备案管理暂行办法》的决定) 2018.
58 Notice of the State Council on Issuing the Overall Plan for the Lingang New Area of the China (Shanghai) Pilot Free Trade Zone (国务院关于印发中国(上海)自由贸易试验区临港新片区总体方案的通知) 2019.
59 The State Council on Printing and Distributing the Free Trade of Beijing, Hunan and Anhui Overall Plan of the Pilot Zone and Zhejiang Pilot Free Trade Zone Notification of Extended Area Plan (国务院关于印发北京、湖南、安徽自由贸易 试验区总体方案及浙江自由贸易试验区扩展区域方案的通知) 2020.
60 Notice on Printing and Distributing the Overall Plan for Comprehensively Deepening the Pilot Program of Innovative Development of Trade in Services (关于印发全面深化服务贸易创新发展试点总体方案的通知) 2020.
61 Beijing Implementation Plan for Building a Digital Trade Pilot Zone (北京市关于打造数字贸易试验区实施方案) 2020.
62 China.org.cn, ‘Beijing to be Built into Global Digital Economy Benchmark City by 2030’ (3 August 2021) <http://www.china.org.cn/business/2021-08/03/content_77670650.htm> accessed 24 October 2022.
63 The Economist, ‘China’s Silicon Valley Is Transforming China, but not yet the World’ (11 July 2019) <https://www.economist.com/china/2019/07/11/chinas-silicon-valley-is-transforming-china-but-not-yet-the-world> accessed 24 October 2022.
64 Development and Construction Plan of Zhongguancun National Independent Innovation Demonstration Zone during the ‘14th Five-Year Plan" period’ (“十四五”时期中关村国家自主创新示范区发展建设规划) 2021.
65 Ibid.
66 Beijing Daily, ‘Beijing Promotes Pilot Data Cross-border Flow Security Management’ (24 December 2020) <http://www.gov.cn/xinwen/2020-12/24/content_5572905.htm> accessed 24 October 2022.
67 ‘The Seminar on Data Export Security Assessment Was Held in Zhongguancun Software Park (数据出境安全评估专题研讨会在中关村软件园举办)’ (22 July 2022) 11F/2022-13474 <https://zyk.bjhd.gov.cn/jbdt/auto4502_51797/auto4502_53178/auto4502/auto4502_53182/202207/t20220727_4545132.shtml?type=computer> accessed 24 October 2022.
68 This firm was established in 2021 under the management of a state-owned enterprise, namely Beijing Financial Holdings Group.
69 Chaoyang, ‘Beijing International Big Data Exchange builds the country’s first data custody service platform serving cross-border scenarios (北京国际大数据交易所打造全国首个服务跨境场景的数据托管服务平台)’ (18 April 2022) <http://www.bjchy.gov.cn/lqjs/lqdt/4028805a811a47da01811f14f64e046b.html> accessed 24 October 2022.
70 Beijing’s Implementation Plan on Accelerating the Construction of a Global Digital Economy Benchmark City (北京市关于加快建设全球数字经济标杆城市的实施方案) 2021.
71 Ibid.
72 For instance, one option is to adjust the arguably low threshold of cumulative cross-border data transfers of personal information that triggers security assessments.
73 Notice of the General Office of the State Council on Printing and Distributing the Overall Plan for the Comprehensive Reform of the Market-Based Allocation of Factors (国务院办公厅关于印发要素市场化配置综合改革试点总体方案的通知) 2022.
74 A Guide to Cybersecurity Standard Practices – Guidelines for classification and grading of network data (网络安全标准实践指南—网络数据分类分级指引) 2022.
75 Shanghai Comprehensive Deepening of Service Trade Innovation and Development Pilot Implementation Plan (上海市全面深化服务贸易创新发展试点实施方案) 2020.
76 Lingang New Area of China (Shanghai) Pilot Free Trade Zone Action plan for building a network security industry cluster (2022–2025) (中国(上海)自由贸易试验区临港新片区 打造网络安全产业集群行动方案 (2022–2025 年)) 2022.
77 Beijing Comprehensively Deepening the Pilot Implementation Plan for the Innovative Development of Trade in Services (北京市全面深化服务贸易创新发展试点实施方案) 2020.
78 Several Measures of Beijing Municipality on Promoting the High-quality Development of Digital Trade, (北京市关于促进数字贸易高质量发展的若干措施) 2021.
79 Ibid.
80 Shanghai Data Regulations, (上海市数据条例) 2021; Regulations of the Lingang New Area of the China (Shanghai) Pilot Free Trade Zone (中国(上海)自由贸易试验区临港新片区条例) 2022.
81 Lingang New Area of China (Shanghai) Pilot Free Trade Zone Action plan for building a network security industry cluster (2022–2025) (中国(上海)自由贸易试验区临港新片区 打造网络安全产业集群行动方案 (2022–2025 年)) 2022.
82 A Guide to Cybersecurity Standard Practices – Guidelines for classification and grading of network data (网络安全标准实践指南—网络数据分类分级指引) 2022.
83 Measures for the Administration of Data Security in the Field of Industry and Information Technology (for Trial Implementation) (工业和信息化领域数据安全管理办法(试行)) 2021, Art 24.
84 Beijing Implementation Plan for Building a Digital Trade Pilot Zone (北京市关于打造数字贸易试验区实施方案) 2020.
85 Ibid.
86 IMDA, ‘China-Singapore (Chongqing) Demonstrative Initiative on Strategic Connectivity (CCI) – ICT Pillar’ (10 August 2022) <https://www.imda.gov.sg/about-imda/international-relations/international-partnerships/china-singapore-demonstrative-initiative-on-strategic-connectivity> accessed 24 October 2022.
87 Regulations of China (Chongqing) Pilot Free Trade Zone (中国(重庆)自由贸易试验区条例) 2019.
88 Action Plan for the Reform of Market-oriented Allocation of Data Elements in Guangdong Province (广东省数据要素市场化配置改革行动方案) 2021.
89 Outline of the 14th Five-Year Plan for Economic and Social Development (2021–2025) and Long-Range Objectives through the Year 2035 of the People’s Republic of China (中华人民共和国国民经济和社会发展第十四个五年规划和2035年远景目标纲要) 2021, ch 40.
90 Ibid, ch 61.
91 Exit and Entry Administration Law of the People’s Republic of China (中华人民共和国出境入境管理法) 2012, Art 89.
92 Mainland and Hong Kong Closer Economic and Partnership Arrangement 2003; Mainland and Macao Closer Economic and Partnership Arrangement 2003; Supplement I, II, III, IV, V and VI were signed in 2004, 2005, 2006, 2007, 2008 and 2009, respectively.
93 Hong Kong Special Administrative Region and Macao Special Administrative Region Closer Economic Partnership Arrangement (HK-Macao CEPA) 2017.
94 HKTDC Research, ‘The Establishment of a Single Free Trade Zone in the Mainland, Hong Kong and Macau Was Included in the “14th Five-Year Plan” for Business Development (构建内地、香港、澳门单一自贸区被列入“十四五”商务发展规划)’ 20 July 2021 <https://research.hktdc.com/sc/article/ODA3MDk2MDgz> accessed 24 October 2022.
95 PCDB, ‘Privacy Commissioner Encourages Safe and Orderly Data Flow at 1st Summit on “Greater Bay Area Data Interconnection and Secure Development” and “Data Governance and Cyber Security Research Alliance” 2020 Annual Forum (4–5 January 2020)’, <https://www.pcpd.org.hk/english/news_events/whatison/whatson_20200105.html> accessed 24 October 2022.
96 Outline Development Plan for the Guangdong-Hong Kong-Macao Greater Bay Area (粤港澳大湾区发展规划纲要) 2019.
97 Guangdong, ‘The First Domestic Cross-border Data Pilot Project Landed in Nansha, Guangzhou Invested 31.8 Billion Yuan to Build an International Data Free Trade Port (国内首个跨境数据试验性项目落地广州南沙 投资318亿元建国际数据自贸港)’ (7 January 2022) <http://www.gd.gov.cn/gdywdt/dsdt/content/post_3755579.html> accessed 24 October 2022.
98 Xinhua, ‘China Issues Plan for Building Guangdong-Macao In-depth Cooperation Zone’ (5 September 2021) <http://english.www.gov.cn/policies/latestreleases/202109/05/content_WS6134a98ec6d0df57f98dfb96.html> accessed 24 October 2022.
99 Hengqin Guangdong-Macao Deep Cooperation Zone Construction Overall Plan, (横琴粤澳深度合作区建设总体方案) 2021.
100 OGCIO, ‘Collaboration with Stakeholders’, <https://www.ogcio.gov.hk/en/our_work/information_cyber_security/collaboration/> accessed 24 October 2022.
101 SECRSS, ‘Who Has the Final Say on the Security of IPO Data in Hong Kong? What Are the Challenges for the Data Export Security Pilot? (赴港IPO数据安全谁说了算?数据出境安全试点卡在哪儿?)’ (5 August 2021) <https://www.secrss.com/articles/33224> accessed 24 October 2022.
102 GBAITA, ‘Greater Bay Area Data Element Circulation Seminar (大湾区数据要素流通研讨会)’ (16 April 2021) <http://gbaita.org/%E5%A4%A7%E7%81%A3%E5%8D%80%E6%95%B8%E6%93%9A%E8%A6%81%E7%B4%A0%E6%B5%81%E9%80%9A%E7%A0%94%E8%A8%8E%E6%9C%83/> accessed 24 October 2022.
103 The Personal Data (Privacy) Ordinance 1995.
104 Guidance Notes 1997.
105 Former Privacy Commissioner for Personal Data, ‘Hong Kong Personal Data Protection Practices and Data Cross-Border/Cross-Border Flow Regulatory Framework (香港个人数据保护实践和数据跨境/跨边界流动管制框架)’ (5 January 2020) <https://www.pcpd.org.hk/tc_chi/news_events/speech/files/Zhuhai_simpchi.pdf> accessed 24 October 2022.
106 Guidance on Personal Data Protection in Cross-border Data Transfer 2014; Guidance on Recommended Model Contractual Clauses for Cross-border Transfer of Personal Data 2022.
107 Personal Data Protection Act 2005.
108 GPDP, ‘Personal data transfer to foreign servers’ (No: 0158/2014/IP) <https://www.gpdp.gov.mo/en/abstract_detail/article/l13bxgm1.html> accessed 24 October 2022.
109 European Parliament Think Tank, ‘China's Compliance with Selected Fields of International Law’ (9 September 2021) <https://www.europarl.europa.eu/thinktank/en/document/EPRS_BRI(2021)696207> accessed 24 October 2022.
110 Robert D Williams, ‘International Law with Chinese Characteristics: Beijing and the “Rules-based” Global Order’ (20 October 2020) <https://www.brookings.edu/research/international-law-with-chinese-characteristics-beijing-and-the-rules-based-global-order/> accessed 24 October 2022.
111 Dan Ciuriak and Maria Ptashkina, ‘The Digital Transformation and the Transformation of International Trade’ RTA Exchange (2018) <https://e15initiative.org/wp-content/uploads/2015/09/RTA-Exchange-Digital-Trade-Ciuriak-and-Ptashkina-Final.pdf> accessed 24 October 2022.
112 Martina F Ferracane, ‘The Costs of Data Protectionism’ in Mira Burri (ed), Big Data and Global Trade Law (Cambridge University Press, 2021) 75.
113 Andrew D Mitchell and Jarrod Hepburn, ‘Don’t Fence Me In: Reforming Trade and Investment Law to Better Facilitate Cross-Border Data Transfer’ [2017] YJLT 19.
114 Mira Burri, ‘The Regulation of Data Flows through Trade Agreements’ [2017] GJIL 48.
115 Mira Burri, ‘Data Flows and Global Trade Law’ in Mira Burri (ed), Big Data and Global Trade Law (Cambridge University Press, 2021) 15.
116 Andrew D Mitchell and Neha Mishra, ‘WTO Law and Cross-Border Data Flows: An Unfinished Agenda’ in Mira Burri (ed), Big Data and Global Trade Law (Cambridge University Press, 2021) 93.
117 Ibid.
118 Appellate Body report on United States – Import Prohibition of Certain Shrimp and Shrimp Products, WT/DS58/AB/R, 6 November 1998, para 129.
119 Henry Gao, ‘Across the Great Wall: E-commerce Joint Statement Initiative Negotiation and China’ in Shin-yi Peng, Ching-Fu Lin and Thomas Streinz (eds), Artificial Intelligence and International Economic Law (Cambridge University Press, 2021).
120 With Kyrgyz Republic the newest participant.
121 Joint Statement on Electronic Commerce, Communication from China, INF/ECOM/19, 24 April 2019.
122 Ibid.
123 Gao (n 119).
124 Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, the Philippines, Singapore, Thailand, Vietnam.
125 China–Korea FTA; China–Australia FTA.
126 Art 12.15(3)(a).
127 Art 12.15(3)(a).
128 Art 12.15(3)(b).
129 Art 14.11(3).
130 Art 14.11(3)(b).
131 Alex He, ‘Trade Deals Might Induce Beijing to Bend on Data Restrictions’, Centre for International Governance Innovation (20 June 2022) <https://www.cigionline.org/articles/trade-deals-might-induce-beijing-to-bend-on-data-restrictions/> accessed 24 October 2022.
132 Maria A Carrai, ‘Can China Succeed in Joining the CPTPP?’ (20 April 2022) Hinrich Foundation <https://www.hinrichfoundation.com/research/wp/ftas/china-cptpp-comprehensive-and-progressive-trans-pacific-partnership/> accessed 24 October 2022.
133 MOFCOM, ‘China Has Submitted an Official Application to Join the Digital Economy Partnership Agreement (DEPA)’ (3 November 2021) <http://english.mofcom.gov.cn/article/newsrelease/significantnews/202111/20211103214781.shtml> accessed 24 October 2022.
134 Xinhua, ‘Commerce Ministry: China Advancing Negotiations on Joining DEPA’ (23 August 2022) <https://english.www.gov.cn/statecouncil/ministries/202208/23/content_WS6304085dc6d02e533532f955.html> accessed 24 October 2022.
135 Art 4.3(3).
136 For instance, China could apply the ‘low-risk catalogues’ as discussed in Section 3.
137 Similar arguments with regard to RECP see Gao (n 119) 318.
138 Henry Gao, ‘Data Regulation with Chinese Characteristics’, in Mira Burri (ed), Big Data and Global Trade Law (Cambridge University Press, 2021).
139 The 14th Five-Year Plan for the Development of Digital Economy (“十四五”数字经济发展规划) 2021, ch 15.
140 Outbound Data Transfer Security Assessment Measures, Art 1. The linkages between CBDF and digital trade and FDI see Chaisse (n 10).
141 There are two important documents in this regard: the Opinions of the CPC Central Committee and the State Council on Improving the Systems and Mechanisms for Market-based Allocation of Factors of Production (中共中央 国务院关于构建数据基础制度更好发挥数据要素作用的意见) 2022 and Party and State Institutional Reform Plan (《党和国家机构改革方案》) 2023. The call for a balanced approach see Chaisse and Bauer (n 13) 589.
142 Lei Chen, Chunyan Ding, Tianxiang He, Pinxin Liu, Rostam J Neuwirth, ‘Legal Research Project: Proposal for Hong Kong to Be a Data Centre Hub for the Greater Bay Area & China’ (January 2019) External Contract-Out Research Project for Microsoft Hong Kong <https://www.cityu.edu.hk/slw/lib/doc/rccl/201901_RCCL_Report-HK_as_Data_Centre_Hub-ES.pdf> accessed 24 October 2022.
143 The roles of domestic and international law in addressing digital globalization see Dimitropoulos (n 22).
144 TC260 published a revised version of guidelines to identify overarching criteria that may be relevant in the creation of certification schemes at the end of 2022. With regard to SCCs, the CAC in February 2023 released a template of standard contract and detailed rules for the application of SCCs.