Abstract Abstract:
After the invalidation of the Privacy Shield, the EU and the U.S. established the Data Privacy Framework in late 2022 to restore the order of crossborder data flow between them. The Data Privacy Framework was designed to address the main concerns raised by the Court of Justice of the European Union (CJEU) in the Schrems II case, and the European Commission issued a decision on the adequate level of protection of personal data based on the framework in July 2023. However, the Data Privacy Framework has failed to impose significant constraints on the capabilities of the U.S. intelligence agencies to conduct largescale data collection and mass surveillance. Additionally, the twotier relief mechanism does not provide adequate and effective relief to the EU citizens whose data privacy rights are violated in the U.S. due to a lack of independence. In fact, the Data Privacy Framework doesn’t make an essential breakthrough compared to the Privacy Shield. On the surface, the divergence in the arrangement of the crossborder data flow between the EU and the U.S. is a collision of two different concepts and governance models of data protection, reflecting the fundamental conflict of interest between the European digital sovereignty and the U.S. maintenance of digital hegemony. The two sides are competing for the right to speak on global data governance in the era of digital economy by virtue of their respective advantages. The competition between the EU and the U.S. over the Data Privacy Framework offers valuable insights for China in selecting an appropriate model of data supervision and enhancing its influence in the field of rules of data governance.
|
|
|
|
|