Data protection as a fundamental right: The European General Data Protection Regulation and its extraterritorial application in China

Bo Zhao, Weiquan Chen

Research output: Contribution to journalArticleScientificpeer-review

Abstract

The right to data protection is a fundamental right recognized by the EU Charter of Fundamental Rights (Art. 8) and constitutional law of most Member States, as well as ECJ case law. As a leading legislation, the European General Data Protection Regulation (GDPR) concretizes and materializes the right by means of granting a constellation of specific rights to data subjects, and establishes stringent law compliance mechanisms for their realization. Further, the GDPR claims a wide extraterritorial jurisdiction to protect all data subjects on the EU territory – regardless of their nationalities, when their personal data are transferred to third countries outside the EU. Apparently, many controllers and processors processing their data on Chinese territory will be directly influenced and may encounter law breaches with negative consequences that may lead to conflict of law and jurisdiction. This short article will first discuss data protection as a fundamental right under the EU law and how GDPR can protect that right with different instruments. Then, it will analyze in detail GDPR’s exterritorial application to controllers and processors in China and their related data protection roles and duties under various processing circumstances, as well as the different impacts on their data processing operations for law compliance and the potential incurred costs.

Original languageEnglish
Pages (from-to)97-113
Number of pages17
JournalUS-China Law Review
Volume16
Issue number3
DOIs
Publication statusPublished - Mar 2019

Fingerprint

data protection
fundamental right
regulation
China
Law
EU
jurisdiction
third countries
personal data
constitutional law
European Law
case law
charter
nationality
legislation
costs

Keywords

  • Data Protection
  • GDPR
  • extterritorial implementation
  • China
  • fundamental right

Cite this

@article{1775e949ea894e979572856f1b096c7e,
title = "Data protection as a fundamental right: The European General Data Protection Regulation and its extraterritorial application in China",
abstract = "The right to data protection is a fundamental right recognized by the EU Charter of Fundamental Rights (Art. 8) and constitutional law of most Member States, as well as ECJ case law. As a leading legislation, the European General Data Protection Regulation (GDPR) concretizes and materializes the right by means of granting a constellation of specific rights to data subjects, and establishes stringent law compliance mechanisms for their realization. Further, the GDPR claims a wide extraterritorial jurisdiction to protect all data subjects on the EU territory – regardless of their nationalities, when their personal data are transferred to third countries outside the EU. Apparently, many controllers and processors processing their data on Chinese territory will be directly influenced and may encounter law breaches with negative consequences that may lead to conflict of law and jurisdiction. This short article will first discuss data protection as a fundamental right under the EU law and how GDPR can protect that right with different instruments. Then, it will analyze in detail GDPR’s exterritorial application to controllers and processors in China and their related data protection roles and duties under various processing circumstances, as well as the different impacts on their data processing operations for law compliance and the potential incurred costs.",
keywords = "Data Protection, GDPR, extterritorial implementation, China, fundamental right",
author = "Bo Zhao and Weiquan Chen",
note = "The Chinese version of this article has been published in Journal of Southwest University of Political Science & Law Vo. 20, No. 6, Dec. 2018.",
year = "2019",
month = "3",
doi = "10.17265/1548-6605/2019.03.002",
language = "English",
volume = "16",
pages = "97--113",
journal = "US-China Law Review",
number = "3",

}

Data protection as a fundamental right : The European General Data Protection Regulation and its extraterritorial application in China. / Zhao, Bo; Chen, Weiquan.

In: US-China Law Review, Vol. 16, No. 3, 03.2019, p. 97-113.

Research output: Contribution to journalArticleScientificpeer-review

TY - JOUR

T1 - Data protection as a fundamental right

T2 - The European General Data Protection Regulation and its extraterritorial application in China

AU - Zhao, Bo

AU - Chen, Weiquan

N1 - The Chinese version of this article has been published in Journal of Southwest University of Political Science & Law Vo. 20, No. 6, Dec. 2018.

PY - 2019/3

Y1 - 2019/3

N2 - The right to data protection is a fundamental right recognized by the EU Charter of Fundamental Rights (Art. 8) and constitutional law of most Member States, as well as ECJ case law. As a leading legislation, the European General Data Protection Regulation (GDPR) concretizes and materializes the right by means of granting a constellation of specific rights to data subjects, and establishes stringent law compliance mechanisms for their realization. Further, the GDPR claims a wide extraterritorial jurisdiction to protect all data subjects on the EU territory – regardless of their nationalities, when their personal data are transferred to third countries outside the EU. Apparently, many controllers and processors processing their data on Chinese territory will be directly influenced and may encounter law breaches with negative consequences that may lead to conflict of law and jurisdiction. This short article will first discuss data protection as a fundamental right under the EU law and how GDPR can protect that right with different instruments. Then, it will analyze in detail GDPR’s exterritorial application to controllers and processors in China and their related data protection roles and duties under various processing circumstances, as well as the different impacts on their data processing operations for law compliance and the potential incurred costs.

AB - The right to data protection is a fundamental right recognized by the EU Charter of Fundamental Rights (Art. 8) and constitutional law of most Member States, as well as ECJ case law. As a leading legislation, the European General Data Protection Regulation (GDPR) concretizes and materializes the right by means of granting a constellation of specific rights to data subjects, and establishes stringent law compliance mechanisms for their realization. Further, the GDPR claims a wide extraterritorial jurisdiction to protect all data subjects on the EU territory – regardless of their nationalities, when their personal data are transferred to third countries outside the EU. Apparently, many controllers and processors processing their data on Chinese territory will be directly influenced and may encounter law breaches with negative consequences that may lead to conflict of law and jurisdiction. This short article will first discuss data protection as a fundamental right under the EU law and how GDPR can protect that right with different instruments. Then, it will analyze in detail GDPR’s exterritorial application to controllers and processors in China and their related data protection roles and duties under various processing circumstances, as well as the different impacts on their data processing operations for law compliance and the potential incurred costs.

KW - Data Protection

KW - GDPR

KW - extterritorial implementation

KW - China

KW - fundamental right

UR - http://www.davidpublisher.org/index.php/Home/Article/index?id=40307.html

U2 - 10.17265/1548-6605/2019.03.002

DO - 10.17265/1548-6605/2019.03.002

M3 - Article

VL - 16

SP - 97

EP - 113

JO - US-China Law Review

JF - US-China Law Review

IS - 3

ER -