The Regulation of Transborder Data Flows from the EU to China Within the Framework of China-EU E-Commerce under the GDPR

Yu, Lu

by Lu Yu

Doctoral thesis

Date of Examination:2022-10-28

Date of issue:2023-12-06

Advisor:Prof. Dr. Andreas Wiebe

Referee:Prof. Dr. Andreas Wiebe

Referee:Prof. Dr. Peter-Tobias Stoll

Persistent Address: http://dx.doi.org/10.53846/goediss-10216

Files in this item

Name:Dissertation Lu Yu-17.11.2023_digital_ohne_C...pdf

Size:2.81Mb

Format:PDF

ViewOpen

The following license files are associated with this item:

Abstract

English

With the promulgation of the General Data Protection Regulation, the protection of personal data in the EU has reached a historically high level. However, the EU cannot keep the personal data of its residents inside of the EU. Personal data of the EU data subjects are processed by and transferred to controllers or processors outside of the EU. The GDPR tries to regulate such transborder data flows by applying its data protection rules extraterritorially and laying down stringent rules for data transfers from the EU to third countries. This dissertation focuses on the data flows from the EU to China within the China-EU cross-border E-Commerce. It examines the applicability of the data transfer rules contained in the GDPR to such data flows as well as its impact and problems in the practice. The dissertation starts with an identification of the main scenarios of the transborder data flows from the EU to China. It then explores the territorial application scope of the GDPR according to Art. 3, examining whether and how the GDPR applies to such transborder data flows. After that, it scrutinizes the definition of data transfer within the meaning of Chapter V GDPR. Based on this definition, it goes on to analyze whether the data flow scenarios arising from the China-EU cross-border E-Commerce constitute a data transfer, and how Art. 3 and Chapter V GDPR should be applied, whether mutually exclusive or simultaneously. Further, if Chapter V GDPR does apply, what legal basis can be relied on to carry out the data transfer and what kind of obstacles exist.

Keywords: Data Protection; GDPR; Chinese data protection law; extraterritorial application; international data transfer

Statistik