总体国家安全观下企业数据跨境流动制度的检视与优化路径  

作　　者：李晶晶 LI Jing-jing

机构地区：[1]暨南大学法学院/知识产权学院

出　　处：《河北学刊》2025年第3期181-189,共9页Hebei Academic Journal

摘　　要：企业数据跨境流动是数字经济全球化和全球经济数字化的必然要求,企业数据跨境流动制度是建立高效、便利、安全的数据跨境流动机制的基础性制度,承载着一体推进数据安全和数据流通的双重任务。企业数据是社会生产要素和国家安全载体的集合,建立健全企业数据跨境流动制度应以总体国家安全观为目标遵循。实证法上虽已通过多种法源形式搭建起以数据出境安全评估、个人信息保护认证和数据出境标准合同为核心构成的制度架构,但现行企业数据跨境流动制度的法治化水平还需深入、规范要素有待明晰、体系结构亟待健全。为进一步实现该项制度的体系化和法治化,立法策略方面应当通过数据跨境流动专门性法律对企业数据跨境流动制度作出专章规定,法律理念方面应当坚持合理、开放、动态的数据安全观,制度设计方面应当健全数据出境安全评估的程序救济机制以及个人信息保护认证机构的责任约束机制。Corporate data cross-border flow is an inevitable requirement of the globalization of the digital economy and the digitalization of the global economy.The system of corporate data cross-border flow is the foundational institution for establishing an efficient,convenient,and secure mechanism for data cross-border flow,bearing the dual tasks of promoting data security and data circulation in an integrated manner.Corporate data is a collection of social production factors and national security carriers,and establishing and improving the corporate data cross-border flow system should follow the goal of the concept of overall national security.Although empirical law has established a systematic framework with data export security assessments,personal information protection certifications,and standard contracts for data exports as the core components through various legal sources,the level of legalization of the current corporate data cross-border flow system still needs to be deepened,normative elements need to be clarified,and the system structure urgently needs to be improved.To further achieve the systematization and legalization of this system,legislative strategies should include special provisions for corporate data cross-border flow systems in specialized laws on data cross-border flow.In terms of legal philosophy,it should adhere to a reasonable,open,and dynamic concept of data security.In terms of institutional design,it should improve the procedural remedies for data export security assessments and the responsibility restraint mechanisms for personal information protection certification agencies.

关 键 词：企业数据 数据跨境 总体国家安全观 数据安全 数字经济 

分 类 号：D922.16[政治法律—宪法学与行政法学]