File photo
The US, Japan and five other members of the Asia-Pacific Economic Cooperation (APEC) have agreed to make the Cross-Border Privacy Rules (CBPR) system independent of the regional forum's current framework, Japan's Nikkei business daily reported on Monday.
The report described the move as aiming to exclude China and Russia, but a closer look at the CBPR suggests that it looks more like a part of the US' efforts to make the CBPR system widely accepted as a mainstream data transfer rule. This is because a new global version of the CBPR system might be formed by accepting participation of non-APEC members.
Since the establishment of the APEC CBPR system in 2011, only nine APEC members participated in the system, and a total of 44 organizations have passed the CBPR certification, of which 37 are from the US, meaning the system serves the US' interests more than anything.
The stated purpose of the CBPR, according to the US, is to facilitate digital trade among participating members. But it cannot obscure the fact that by getting participating countries or regions to agree to the data protection standards, the CBPR system deprives them of the rights to control or protect their personal data shipped overseas. Meanwhile, the US' digital strength determines that the data will eventually flow to American companies.
Furthermore, the system, in addition to serving the US' selfish interests, also has profound global implications. With few restrictions in place to check for possible abuses of how overseas information can be used, what the US has been pushing forward in terms of data transfer rules actually poses a huge threat to global data security. Data provides a huge unfair advantage to anyone who possesses it, and data abuse could cause serious consequences.
Once the CBPR mechanism becomes a global standard for cross-border data flow and data privacy protection, it can be expected that some developing countries will undoubtedly face serious challenges and even potential safety hazards in terms of digital trade.
China and many other countries that are aware of the risks of such a mechanism are unlikely to accept or allow such data transfers. Instead, they will focus on promoting safe, win-win digital cooperation.
China has long stated that every country should have the right to take necessary measures to protect the personal data privacy of its citizens. China's top priority is not just about protecting its own data security and ensuring sound development of the digital sector, but also about being more proactive and involved in the rule-setting of global data protection. China will also undoubtedly break any unfair mechanism the US is trying to establish to contain China's digital development.
As a responsible major digital economy, China has the imperative and obligation to explore unified, standardized, and inclusive global data rules that are in the interests of the vast majority of countries, particularly developing ones. China has already taken actions to explore a solution to global data rule-setting that is conducive to the development of the digital economy, while ensuring the digital sovereignty of each country.
In September 2020, China launched the global data security initiative, in a show of its attitude toward the global cybersecurity challenges. The initiative made clear the need to rein in behaviors that allow some countries to put their own interests ahead of global data governance and security.
China will likely further promote the spirit and proposals linked to the initiative across more international platforms and occasions so as to seek broader support and recognition from more parties.
After all, global data rules cannot become a means for the US to manipulate global digital competition, or the US' digital hegemony will seriously harm the interests of the broader international community.