Cross-border data flow constitutes the cornerstone of the global digital economy. Image generated by AI

The importance of cross-border data flow, the cornerstone of the global digital economy, is widely recognized. However, its rapid growth has been accompanied by frequent data risks and restrictive policies such as digital barriers and “entity lists” implemented by governments to mitigate these risks. These measures have intensified conflicts among sovereign states. Given the difficulty of simultaneously promoting data flow and enhancing data protection, nations often face trade-offs. The authors argue that the traditional binary framework of “risk control versus development facilitation” reflects a “single goal” mindset of exclusivity, overlooking the potential for a “dual goal” approach that emphasizes interconnectedness and coexistence. 

‘Single goal’ vs. ‘dual goal’

If data sovereignty is regarded as a natural extension of traditional sovereignty in cyberspace, it inherently relies on the definition of “borders” and prioritizes control and management over data collection, analysis, and flow of data within those borders. Following this logic, the core of data sovereignty lies in independence and confrontation, with policymaking focused primarily on meeting domestic needs. This embodies the “single goal” approach to data sovereignty. 

Ensuring that data governance meets domestic needs often leads to international conflicts, necessitating cooperation among sovereign states through institutional consensus or interoperability. Whether cooperation can be achieved depends on the power dynamics among nations. When domestic political and economic environments shift, imbalances are exacerbated. Therefore, cross-border data governance guided by the “single goal” approach struggles to fundamentally fulfill the requirements of the global digital transformation.

The “dual goal” concept of data sovereignty emphasizes the interconnectedness and externalities of cross-border data governance. This requires nations to consider the needs of other stakeholders in domestic data governance decisions and seek solutions that align national interests with those of others. While the “single goal” approach focuses on domestic governance, the “dual goal” approach highlights the mutual influence between domestic and international data governance policies. The former necessitates trade-offs between data risk control and value realization, whereas the latter aims to balance these goals through international exchange and cooperation. 

Under the “dual goal” framework, effective policy practices hinge on diversified international cooperation mechanisms in three key areas: regulatory cooperation, institutional harmonization, and soft law governance. First, an open attitude should be adopted to explore cooperative opportunities among various entities, including governments and non-governmental entities. Second, convergence of national data governance systems can be achieved through multiple mechanisms. Third, regulatory cooperation or institutional harmonization can be advanced through non-binding methods such as conceptual initiatives and international standards. 

China’s cross-border data governance 

With the rapid development of China’s digital economy, the country is emerging as a global data hub. Policymakers should consider not only the risk management of domestic data outflows but also the alignment of China’s data governance framework with foreign systems to manage incoming foreign data. 

First, China’s cross-border data governance can adopt a more diversified and comprehensive perspective on data types and levels, identifying collaborative breakthroughs that balance domestic and international needs. Drawing from existing practices, three approaches offer insights for future reforms. The first involves differentiating data governance policies based on categories such as personal data, government data, and public data. The second tailors governance policies to the level of risk associated with the data. The third distinguishes policies based on the functional roles data plays within the digital economy ecosystem. 

Second, it is recommended that digital technology governance be incorporated into China’s cross-border data governance reforms and serve as a pivotal component in advancing international cooperation. On the surface, technologies for data generation, storage, and processing act as tools that directly influence the design and implementation of personal data rights protections or public security safeguards. At a deeper level, digital technology can act as a transformative variable in reshaping the competitive and adversarial dynamics of international data governance, incentivizing parties to explore innovative international cooperation mechanisms. 

Third, China can integrate the governance of digital products or services into its cross-border data governance reforms. Examples include facial recognition models developed using facial data, intelligent customer service chatbots that enhance performance through user conversation data, and autonomous vehicles continuously refined using region-specific road testing data. In each of these cases, cross-border data flows implicate the protection of personal data rights and public safety. 

Jia Kai is an associate professor from the School of International and Public Affairs at Shanghai Jiao Tong University. Zhao Jing is an associate professor from the School of Public Policy and Management at Tsinghua University. 

Edited by WANG YOURAN