English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 94586/125118 (76%)
Visitors : 30550808      Online Users : 359
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: http://nccur.lib.nccu.edu.tw/handle/140.119/128554

    Title: GDPR跨境傳輸例外規範與WTO規範下 GATS之合致性分析
    The legal analysis of GDPR cross-border data transfer exception regulation under GATS of WTO
    Authors: 張安潔
    Chang, Ann-Chie
    Contributors: 薛景文
    Hsueh, Ching-Wen
    Chang, Ann-Chie
    Keywords: 資料保護規範
    Data protection regulation
    Cross-border data transfers
    Date: 2020
    Issue Date: 2020-02-05 17:03:11 (UTC+8)
    Abstract: 2018年歐盟一般資料保護規則(General Data Protection Regulation,GDPR)正式實施為資料保護規範立下重要的里程碑。資料保護的範圍擴及到網路上的使用軌跡,強調資料主體擁有其資料的主權、資料控制者及處理者須嚴謹遵守其義務,除此之外, GDPR原則上禁止了將歐盟境內資料傳輸到境外,僅允許幾種特定的例外條款。此規定使得GDPR不僅對資料保護的發展帶來革新,也對國際貿易的規範帶來衝擊與影響。
    The adoption of General Data Protection Regulation in the European Union in 2018 is an important milestone for data protection regulations. The scope of data protection has been extended to the trajectory of use on the Internet, emphasizing that data subjects have sovereignty over their data, thus indicating data controllers and processors must strictly abide by their obligations. Furthermore, GDPR prohibits the cross-border transfer of data from EU to other countries with only a few specific exceptions. Hence, GDPR not only provides a new perspective to the development of data protection but also exert significant impact on the regulation of international trade.
    The rise of the era of big data makes "data" a very valuable asset because the Internet enables transnational commercial trade to break through the barriers of geographical boundaries and can easily reach multinational consumers. The data generated by consumers on the Internet can be analyzed by companies through cross-border collection and processing, which is an important basis for business development. However, the principle that the GDPR prohibits cross-border transmission in principle directly impacts companies doing business in the European Union, which has led to questions from all walks of life whether the norm is a barrier to trade in the name of data protection. This article focuses on the three exceptions to GDPR cross-border data transfers: Adequacy Decision, appropriate protection measures, and whether the data subject agrees that it is essentially a narrow gate that is difficult to pass, a violation of WTO most-favored-nation treatment, national treatment, and mutual recognition and other specifications.
    This paper analyzes the consistency of the exceptions of cross-border data transfers under GATS regulation especially in most favored nation treatment, national treatment, and mutual recognition. Overall, the exception regulations did not substantially violate the WTO regulations. However, further improvement is needed, due to its time-consuming and expensive application process, and also the requirement of data protection meeting the standard of GDPR may be cause negative impact to SMEs and developing countries.
    Reference: 中文文獻
    國家發展委員會,歐盟對台歐展開GDPR適足性對話表示歡迎,國家發展委員會,2019年3月11日,https://reurl.cc/72k4qN (最後瀏覽日:2019年12月31日)。
    凱君,創新金融模式 下一步是FinTech還是TechFin?,經濟日報,2019年6月5日,https://money.udn.com/money/story/5613/3855248(最後瀏覽日:2019年12月31日)
    印度IT-BPM資訊外包產業介紹(二之一) ,台灣經貿網,2015年8月24日,https://reurl.cc/pDekxZ(最後瀏覽日:2020年1月13日)。

    Aaditya Mattoo,Thomas Cottier(eds.),Petros C. Mavroidis(eds.), REGULATORY BARRIERS AND THE PRINCIPLE OF NON-DISCRIMINATION IN WORLD TRADE LAW 2 (2000).
    Jan Philipp Albrecht, How the GDPR Will Change the World, 2 EUR. DATA PROT. L. REV. 288, 287-289 (2016).
    Aaditya Mattoo, Joshua P. Meltzer, International Data Flows and Privacy: the Conflict and Its Resolution 21 J. INT. ECON. LAW 769, 779 (2018).
    Shin-yi Pent, ‘GATS and the Over-the-Top (OTT) Services—A Legal Outlook’, Journal of World Trade 50 (1), at 10-13.
    R. Fefer, S. Akhtar &W. Morrison, Digital Trade and US Trade Policy, CONGRESSIONAL RESEARCH SERVICE (Nov. 5, 2018), https://fas.org/sgp/crs/misc/R44565.pdf.
    Usman Ahmed, The Importance of Cross-Border Regulatory Cooperation in an Era of Digital Trade, 18 WORLD TRADE REVIEW, 99-120 (2019).
    Andrew D Mitchell & Neha Mishra, Regulating Cross-Border Data Flows in a Data Driven World: How WTO Law Can Contribute 22 J. INT. ECON. LAW, 3 (2019).
    Meltzer, Joshua, The Internet, Cross-Border Data Flows and International Trade, 2 ASIA & THE PACIFIC POLICY STUDIES 90, 90-102 (2013).
    Directive 95/46/EC, of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, 1995 O.J. (L281/31).
    Regulation (EU) 2016/679, of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, 2016 O.J. (L 119).
    Draft Report on the Proposal For A Regulation of The European Parliament and of the Council on the Protection of Individual With Regard to the Processing of Personal Data and on the Free Movement of Such Data (General Data Protection Regulation) (COM(2012)0011–C7-0025/2012–2012/0011(COD)), EUR PARL. DOC. PE501.927V02 (2012).
    Opinion of the Committee of the Regions on ‘Data protection package’, Dec. 18, 2012, 2012 O.J. (C391)127, at 127–133.
    Executive Summary of the Opinion of the European Data Protection Supervisor on ‘Meeting the challenges of big data: a call for transparency, user control, data protection by design and accountability’, Feb. 20, 2016, 2016 O.J. (C67)13, at 13–15.
    European Data Protection Board, Guidelines 3/2018 on the territorial scope of the GDPR (Article 3) Version 2.0, Adopted on12 November 2019, https://edpb.europa.eu/sites/edpb/files/files/file1/edpb_guidelines_3_2018_territorial_scope_after_public_consultation_en.pdf [hereinafter Article 3 Guidelines].
    Article 29 Data Protection Working Party, Guidelines on Consent under Regulation 2016/679, Adopted on 28 November 2017, as Last Revised and Adopted on 10 April 2018, WP259 rev. 01
    Article 29 Data Protection Working Party, Adequacy Referential (updated), Adopted on 28 November 2017, WP254.
    2001/497/EC: Commission Decision of 15 June 2001 on standard contractual clauses for the transfer of personal data to third countries, under Directive 95/46/EC (Text with EEA relevance) (notified under document number C(2001) 1539).
    Commission Decision of 27 December 2004 amending Decision 2001/497/EC as regards the introduction of an alternative set of standard contractual clauses for the transfer of personal data to third countries (notified under document number C(2004) 5271)Text with EEA relevance, Dec. 29, 2014, O.J. L 385, at 74–84.
    2010/87/: Commission Decision of 5 February 2010 on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC of the European Parliament and of the Council (notified under document C(2010) 593) (Text with EEA relevance), Feb. 12, 2010,O.J. L 39, at 5–18.
    Article 29 Data Protection Working Party, Working Document Setting Forth a Co-Operation Procedure for the approval of “Binding Corporate Rules” for controllers and processors under the GDPR, Adopted on 11 April 2018, WP263 rev.01, at 1.
    Group of Negotiations on Services, Uruguay Round, Services Sectoral Classification List, Note by the Secretariat, MTN.GNS/W/120, 10 July 1991WTO Committee on Specific Commitments, Report of the Meeting Held on 18 September 2014, Note by the Secretariat, S/CSC/M/71.
    Comprehensive Economic and Trade Agreement Between Canada and the European Union and its Member States, Annex 9-B.
    Privacy Shield Framework, PRIVACY SHIELD FRAMEWORK, https://www.privacyshield.gov/welcome.
    Judgment of the Court (Grand Chamber), 13 May 2014.Google Spain SL and Google Inc. v Agencia Española de Protección de Datos (AEPD) and Mario Costeja González. Request for a preliminary ruling from the Audiencia Nacional. Personal data — Protection of individuals with regard to the processing of such data — Directive 95/46/EC — Articles 2, 4, 12 and 14 — Material and territorial scope — Internet search engines — Processing of data contained on websites — Searching for, indexing and storage of such data — Responsibility of the operator of the search engine — Establishment on the territory of a Member State — Extent of that operator’s obligations and of the data subject’s rights — Charter of Fundamental Rights of the European Union — Articles 7 and 8. Case C‑131/12.
    Case C-108/09, Ker-Optika bt v. ÀNTSZ Dél-dunántúli Regionális Intézete, 2010 E.C.J. I-12213, ¶¶ 22, 28.
    Judgment of the Court (Grand Chamber) of 6 October 2015. Maximillian Schrems v Data Protection Commissioner. Request for a preliminary ruling from the High Court (Ireland). Reference for a preliminary ruling — Personal data — Protection of individuals with regard to the processing of such data — Charter of Fundamental Rights of the European Union — Articles 7, 8 and 47 — Directive 95/46/EC — Articles 25 and 28 — Transfer of personal data to third countries — Decision 2000/520/EC — Transfer of personal data to the United States — Inadequate level of protection — Validity — Complaint by an individual whose data has been transferred from the European Union to the United States — Powers of the national supervisory authorities. Case C-362/14, ¶¶ 73, 74.
    Panel Report, United States-Measures Affecting the Cross-Border Supply of Gambling and Betting Services, ¶ 6.285–87, WT/DS285/R (Nov. 10, 2004).
    Appellate Body Report, United States— Measures Affecting the Cross-Border Supply of Gambling and Betting Services, ¶ 215, WT/DS285/AB/R (April 7, 2005).
    Appellate Body Report, United States — Import Prohibition of Certain Shrimp and Shrimp Products, ¶ 150, WTO Doc. WT/DS58/AB/R (Oct. 12, 1998).
    Appellate Body Report, Canada — Certain Measures Affecting the Automotive Industry, WTO Doc. WT/DS139/AB/R (adopted June 19, 2000).
    226 Justice K S Puttaswamy v Union of India and Ors, Supreme Court of India, Writ Petition (Civil) No. 494.
    Panel Report, European Communities — Regime for the Importation, Sale and Distribution of Bananas, WTO Doc. WT/DS27/R/ECU (adopted on May 22, 1997).
    Appellate Body Report, European Communities - Regime for the Importation, Sale and Distribution of Bananas, WTO Doc. WT/DS27/AB/R (adopted on Sept. 25, 1997).
    Panel Report, China - Certain Measures Affecting Electronic Payment Services, ¶ 7.699, WTO Doc. WT/DS413/R (adopted on Aug. 31, 2012)
    Appellate Body Report, Argentina - Measures Relating to Trade in Goods and Services, WTO Doc. WT/DS453/AB/R (adopted on May 9, 2016).
    Panel Report, European Economic Community - Imports of Beef from Canada, ¶ 4.2-4.3, WTO Doc. L/5099 (Mar. 10, 1981).
    Matthew Rosenberg, Nicholas Confessore & Carole Cadwalladr, How Trump Consultants Exploited the Facebook Data of Millions, THE NEW YORK TIME (Mar. 17, 2018), https://www.nytimes.com/2018/03/17/us/politics/cambridge-analytica-trump-campaign.html?module=inline.
    EUROPEAN COMMISSION, Adequacy decisions How the EU determines if a non-EU country has an adequate level of data protection, EUROPEAN COMMISSION, https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en (last visited Dec. 31, 2019).
    EUROPEAN COMMISSION, Binding Corporate Rules (BCR) Corporate rules for data transfers within multinational companies, EUROPEAN COMMISSION, https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/binding-corporate-rules-bcr_en (last visited Dec. 31, 2019).
    EUROPEAN COMMISSION, List of companies for which the EU BCR cooperation procedure is closed, EUROPEAN COMMISSION, https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=61384 (last visited Dec. 31, 2019).
    Forbes Technology Council, 15 Unexpected Consequences of GDPR, FORBES, https://www.forbes.com/sites/forbestechcouncil/2018/08/15/15-unexpected-consequences-of-gdpr/#2770880794ad (last visited Dec. 31, 2019).
    Daniela Fabian Masoch, Why Should Companies Invest in Binding Corporate Rules, ICLG, https://iclg.com/practice-areas/data-protection-laws-and-regulations/3-why-should-companies-invest-in-binding-corporate-rules (last visited Dec. 31, 2019).
    Description: 碩士
    Source URI: http://thesis.lib.nccu.edu.tw/record/#G0106351043
    Data Type: thesis
    DOI: 10.6814/NCCU202000087
    Appears in Collections:[國際經營與貿易學系 ] 學位論文

    Files in This Item:

    File SizeFormat
    104301.pdf1141KbAdobe PDF0View/Open

    All items in 政大典藏 are protected by copyright, with all rights reserved.

    社群 sharing

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback