云计算和大数据时代的国家立法管辖权——数据本地化与数据全球化的大对抗？

王志安

引用本文:	王志安：云计算和大数据时代的国家立法管辖权——数据本地化与数据全球化的大对抗？，载《交大法学》2019年第1期，第5~20页。
	Wang Zhi'an, Legislative Jurisdiction of States in the Era of Cloud Computing and Big Data： Data localization v. Data Globalization?,2019 (1) SJTU LAW REVIEW 5-20 (2019).

【打印本页】【下载PDF全文】【查看/发表评论】【下载PDF阅读器】【关闭】

←前一篇|后一篇→

过刊浏览高级检索

本文已被：浏览 3458次下载 1529次	码上扫一扫！
分享到：微信更多字体:加大+\|默认\|缩小-
云计算和大数据时代的国家立法管辖权——数据本地化与数据全球化的大对抗？
王志安¹
日本国駒澤大学法学部

摘要:

欧洲一般数据保护规则为保障作为基本权利的个人数据，通过对领土原则和国籍原则在云计算和大数据背景下的再构建，赋予规则以广泛的适用范围。从国际法上的立法管辖权基础角度看，其表现出鲜明的数据本地化特征。规则不仅广泛规范域内数据处理，还严格限制数据向域外移送。欧盟数据本地化立法将产生怎样的影响，各国应如何应对，已经成为受到广泛关注的问题。作为云计算和大数据发达国家的美国，一方面通过与欧盟合作，确保数据能自由流通，同时又采取针对性立法，规定美国网络服务提供商有义务就其全球范围的数据依法保存和披露。这一立法尽管局限于执法机关对数据的管控和利用，但却基于数据全球化的现实，明确规定了域外适用。立法管辖权冲突也因此揭开了新的一幕。

关键词: GDPR 立法管辖权数据本地化域外适用领土原则数据域外移送

DOI：

分类号:

基金项目:

Legislative Jurisdiction of States in the Era of Cloud Computing and Big Data： Data localization v. Data Globalization?

Wang Zhi'an

Abstract:

Looking from the perspective of prescriptive jurisdiction in international law, it is quite clear that the EU General Data Protection Regulation holds an obvious characteristic of data localization. For the purpose of protecting the personal data as a fundamental right in European Economic Area, the GDPR defines very broad territorial scope for its application based upon the territorial principle of jurisdiction newly reconstructed to response to the era of Cloud Computing and Big Data. At the same time, it regulates strictly the transfer of data to the area outside the European Economic Area by using quite fictitiously the principle of nationality as its base for prescriptive jurisdiction. What would be the impacts of data protection laws based upon the idea of data localization and how to react to them have become new issues with broad concerns in international society. The United States of America, as a state with developed technologies in Cloud Computing and Big Data, has shown its great concerns with the EU data protection legislation. On one hand, for protecting the proper status of American companies in the world data market, it has engaged very cooperatively with EU to avoid the impact of EU data localization laws. On the other hand, when the impact of EU data protection laws restricting its law enforcement agencies has been felt, a new law with a clear extraterritorial application for American companies global data preservation and disclosure has become its first and quick choice. As a result, the conflict of prescriptive jurisdiction in the era of Cloud Computing and Big Data has gradually become a real issue.

Key words: GDPR, Legislative Jurisdiction, Data Localization, Extraterritorial Application, Territorial Principle, Extraterritorial Transfer of Data