References
[1]. European Parliament and Council. General Data Protection Regulation (GDPR), Regulation (EU) 2016/679. Official Journal L 119, April 27, 2016.
[2]. National People’s Congress Standing Committee of the People’s Republic of China. Personal Information Protection Law of the People’s Republic of China. Adopted August 20, 2021, effective November 1, 2021.
[3]. Yamada, Hideo. 2022. “Data Is the Lifeblood of the Global Economy. But Restrictions on Cross-Border Data Flows Are Now a Reality.” United Nations University, October 6. https://unu.edu/article/data-lifeblood-global-economy-restrictions-cross-border-data-flows-are-reality.
[4]. Voss, W. Gregory. 2020. “Cross-Border Data Flows, the GDPR, and Data Governance.” Washington International Law Journal 29 (3): 485–514. https://digitalcommons.law.uw.edu/wilj/vol29/iss3/7.
[5]. Mattoo, Aaditya, and Joshua P. Meltzer. 2018. “International Data Flows and Privacy: The Conflict and Its Resolution.” Journal of International Economic Law 21 (4): 769–789. https://doi.org/10.1093/jiel/jgy044.
[6]. Sullivan, Clare. 2019. “EU GDPR or APEC CBPR? A Comparative Analysis of the Approach of the EU and APEC to Cross-Border Data Transfers and Protection of Personal Data in the IoT Era.” Computer Law & Security Review 35 (4): 380–397. https://doi.org/10.1016/j.clsr.2019.05.004.
[7]. National People’s Congress of the People’s Republic of China. National Security Law of the People’s Republic of China. Adopted July 1, 2015.
[8]. National People’s Congress of the People’s Republic of China. Cybersecurity Law of the People’s Republic of China. Adopted November 7, 2016, effective June 1, 2017.
[9]. National People’s Congress Standing Committee of the People’s Republic of China. Data Security Law of the People’s Republic of China. Adopted June 10, 2021, effective September 1, 2021.
[10]. Chin, Yik-Chan, and Jingwu Zhao. 2022. "Governing Cross-Border Data Flows: International Trade Agreements and Their Limits" Laws 11, no. 4: 63. https://doi.org/10.3390/laws11040063
[11]. Burri, Mira. 2021. “Data Flows versus Data Protection: Mapping Existing Reconciliation Models in Global Trade Law.” In Law and Economics of Regulation, edited by Michael Faure, 129–158. Cham: Springer. https://doi.org/10.1007/978-3-030-70530-5_7.
[12]. Laidlaw, Emily. 2021. “Privacy and Cybersecurity in Digital Trade: The Challenge of Cross-Border Data Flows.” SSRN Scholarly Paper No. 3790936. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3790936.
[13]. Casalini, F., and J. López González. 2019. “Trade and Cross-Border Data Flows.” OECD Trade Policy Papers, no. 220. Paris: OECD Publishing. https://doi.org/10.1787/b2023a47-en.
[14]. Chen, Lurong, Wallace Cheng, Dan Ciuriak, Fukunari Kimura, Junji Nakagawa, Richard Pomfret, Gabriela Rigoni, and Johannes Schwarzer. 2019. The Digital Economy for Economic Development: Free Flow of Data and Supporting Policies. Policy Brief 4, Task Force 8: Trade, Investment and Globalization, T20 Japan 2019. https://ssrn.com/abstract=3413717.
[15]. Council of Europe. Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data (Convention 108). Strasbourg, January 28, 1981.
[16]. Xu, Duoqi. 2018. “International Pattern of Personal Data Cross-border Flow Regulation and China’s Response.” Legal Forum 33 (3): 130–137. https://doi.org/CNKI:SUN:SDFX.0.2018-03-013.
[17]. European Parliament and Council. Directive 95/46/EC on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data. Official Journal L 281, November 23, 1995.
[18]. European Parliament and Council. Data Act, Regulation (EU) 2023/2854. Official Journal L, December 13, 2023.
[19]. Court of Justice of the European Union. Maximillian Schrems v Data Protection Commissioner (Schrems I). Case C-362/14, ECLI:EU:C:2015:650. October 6, 2015.
[20]. Court of Justice of the European Union. Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (Schrems II). Case C-311/18, ECLI:EU:C:2020:559. July 16, 2020.
[21]. Irish Data Protection Commission. 2023. “Data Protection Commission Announces Conclusion of Inquiry into Meta Ireland.” Data Protection Commission, May 22. https://www.dataprotection.ie/en/news-media/press-releases/Data-Protection-Commission-announces-conclusion-of-inquiry-into-Meta-Ireland.
[22]. Okenyi, Sunday Chinweike. 2024. Meta: The Cost of Strict Data Privacy Regime in the Era of Technology-Driven Economy. August 20. https://ssrn.com/abstract=4971392.
[23]. United States v. Microsoft Corp., 584 U.S. ___ (2018).
[24]. Campbell, Natalie. 2025. “The Global Impact of a US TikTok Ban.” Internet Society, January 25. https://www.internetsociety.org/blog/2025/01/the-global-impact-of-a-us-tiktok-ban/.
[25]. Bauer, Matthias, Martina F. Ferracane, Erik van der Marel, and Global Commission on Internet Governance. 2016. “Tracing the Economic Impact of Regulations on the Free Flow of Data and Data Localization.” In A Universal Internet in a Bordered World: Research on Fragmentation, Openness and Interoperability, edited by Centre for International Governance Innovation. http://www.jstor.org/stable/resrep05249.9.
[26]. Lu, Wenxi. 2024. “Data Localization: From China and Beyond.” Indiana Journal of Global Legal Studies 31 (1): 183–202. https://muse.jhu.edu/article/924201.
[27]. Ao, Haijing. 2022. “Data Protection Through International Soft Law.” Jurists Review 39 (2): 158–172. https://doi.org/10.16390/j.cnki.issn1672-0393.2022.02.002.
[28]. Zhang, Xiao-jun. 2025. “On the Conflict and Coordination of Data Jurisdiction.” Politics and Law Review (1): 95–109. https://doi.org/CNKI:SUN:ZFLC.0.2025-01-007.
[29]. Standardization Administration of China. Data Security Technology — Rules for Data Classification and Grading (GB/T 43697–2024). Beijing: Standards Press of China, 2024.
Cite this article
Jiang,S. (2025). Fragmented Rules, Global Flows: How Legal Differences Shape the Cross-Border Data Landscape - Evidence from the EU, US, and China. Lecture Notes in Education Psychology and Public Media,96,47-57.
Data availability
The datasets used and/or analyzed during the current study will be available from the authors upon reasonable request.
Disclaimer/Publisher's Note
The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of EWA Publishing and/or the editor(s). EWA Publishing and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.
About volume
Volume title: Proceeding of ICGPSH 2025 Symposium: International Relations and Global Governance
© 2024 by the author(s). Licensee EWA Publishing, Oxford, UK. This article is an open access article distributed under the terms and
conditions of the Creative Commons Attribution (CC BY) license. Authors who
publish this series agree to the following terms:
1. Authors retain copyright and grant the series right of first publication with the work simultaneously licensed under a Creative Commons
Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this
series.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the series's published
version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial
publication in this series.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and
during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See
Open access policy for details).
References
[1]. European Parliament and Council. General Data Protection Regulation (GDPR), Regulation (EU) 2016/679. Official Journal L 119, April 27, 2016.
[2]. National People’s Congress Standing Committee of the People’s Republic of China. Personal Information Protection Law of the People’s Republic of China. Adopted August 20, 2021, effective November 1, 2021.
[3]. Yamada, Hideo. 2022. “Data Is the Lifeblood of the Global Economy. But Restrictions on Cross-Border Data Flows Are Now a Reality.” United Nations University, October 6. https://unu.edu/article/data-lifeblood-global-economy-restrictions-cross-border-data-flows-are-reality.
[4]. Voss, W. Gregory. 2020. “Cross-Border Data Flows, the GDPR, and Data Governance.” Washington International Law Journal 29 (3): 485–514. https://digitalcommons.law.uw.edu/wilj/vol29/iss3/7.
[5]. Mattoo, Aaditya, and Joshua P. Meltzer. 2018. “International Data Flows and Privacy: The Conflict and Its Resolution.” Journal of International Economic Law 21 (4): 769–789. https://doi.org/10.1093/jiel/jgy044.
[6]. Sullivan, Clare. 2019. “EU GDPR or APEC CBPR? A Comparative Analysis of the Approach of the EU and APEC to Cross-Border Data Transfers and Protection of Personal Data in the IoT Era.” Computer Law & Security Review 35 (4): 380–397. https://doi.org/10.1016/j.clsr.2019.05.004.
[7]. National People’s Congress of the People’s Republic of China. National Security Law of the People’s Republic of China. Adopted July 1, 2015.
[8]. National People’s Congress of the People’s Republic of China. Cybersecurity Law of the People’s Republic of China. Adopted November 7, 2016, effective June 1, 2017.
[9]. National People’s Congress Standing Committee of the People’s Republic of China. Data Security Law of the People’s Republic of China. Adopted June 10, 2021, effective September 1, 2021.
[10]. Chin, Yik-Chan, and Jingwu Zhao. 2022. "Governing Cross-Border Data Flows: International Trade Agreements and Their Limits" Laws 11, no. 4: 63. https://doi.org/10.3390/laws11040063
[11]. Burri, Mira. 2021. “Data Flows versus Data Protection: Mapping Existing Reconciliation Models in Global Trade Law.” In Law and Economics of Regulation, edited by Michael Faure, 129–158. Cham: Springer. https://doi.org/10.1007/978-3-030-70530-5_7.
[12]. Laidlaw, Emily. 2021. “Privacy and Cybersecurity in Digital Trade: The Challenge of Cross-Border Data Flows.” SSRN Scholarly Paper No. 3790936. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3790936.
[13]. Casalini, F., and J. López González. 2019. “Trade and Cross-Border Data Flows.” OECD Trade Policy Papers, no. 220. Paris: OECD Publishing. https://doi.org/10.1787/b2023a47-en.
[14]. Chen, Lurong, Wallace Cheng, Dan Ciuriak, Fukunari Kimura, Junji Nakagawa, Richard Pomfret, Gabriela Rigoni, and Johannes Schwarzer. 2019. The Digital Economy for Economic Development: Free Flow of Data and Supporting Policies. Policy Brief 4, Task Force 8: Trade, Investment and Globalization, T20 Japan 2019. https://ssrn.com/abstract=3413717.
[15]. Council of Europe. Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data (Convention 108). Strasbourg, January 28, 1981.
[16]. Xu, Duoqi. 2018. “International Pattern of Personal Data Cross-border Flow Regulation and China’s Response.” Legal Forum 33 (3): 130–137. https://doi.org/CNKI:SUN:SDFX.0.2018-03-013.
[17]. European Parliament and Council. Directive 95/46/EC on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data. Official Journal L 281, November 23, 1995.
[18]. European Parliament and Council. Data Act, Regulation (EU) 2023/2854. Official Journal L, December 13, 2023.
[19]. Court of Justice of the European Union. Maximillian Schrems v Data Protection Commissioner (Schrems I). Case C-362/14, ECLI:EU:C:2015:650. October 6, 2015.
[20]. Court of Justice of the European Union. Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (Schrems II). Case C-311/18, ECLI:EU:C:2020:559. July 16, 2020.
[21]. Irish Data Protection Commission. 2023. “Data Protection Commission Announces Conclusion of Inquiry into Meta Ireland.” Data Protection Commission, May 22. https://www.dataprotection.ie/en/news-media/press-releases/Data-Protection-Commission-announces-conclusion-of-inquiry-into-Meta-Ireland.
[22]. Okenyi, Sunday Chinweike. 2024. Meta: The Cost of Strict Data Privacy Regime in the Era of Technology-Driven Economy. August 20. https://ssrn.com/abstract=4971392.
[23]. United States v. Microsoft Corp., 584 U.S. ___ (2018).
[24]. Campbell, Natalie. 2025. “The Global Impact of a US TikTok Ban.” Internet Society, January 25. https://www.internetsociety.org/blog/2025/01/the-global-impact-of-a-us-tiktok-ban/.
[25]. Bauer, Matthias, Martina F. Ferracane, Erik van der Marel, and Global Commission on Internet Governance. 2016. “Tracing the Economic Impact of Regulations on the Free Flow of Data and Data Localization.” In A Universal Internet in a Bordered World: Research on Fragmentation, Openness and Interoperability, edited by Centre for International Governance Innovation. http://www.jstor.org/stable/resrep05249.9.
[26]. Lu, Wenxi. 2024. “Data Localization: From China and Beyond.” Indiana Journal of Global Legal Studies 31 (1): 183–202. https://muse.jhu.edu/article/924201.
[27]. Ao, Haijing. 2022. “Data Protection Through International Soft Law.” Jurists Review 39 (2): 158–172. https://doi.org/10.16390/j.cnki.issn1672-0393.2022.02.002.
[28]. Zhang, Xiao-jun. 2025. “On the Conflict and Coordination of Data Jurisdiction.” Politics and Law Review (1): 95–109. https://doi.org/CNKI:SUN:ZFLC.0.2025-01-007.
[29]. Standardization Administration of China. Data Security Technology — Rules for Data Classification and Grading (GB/T 43697–2024). Beijing: Standards Press of China, 2024.