Online Personal Data Protection and Data Flows Under the RCEP: A Nostalgic New Start?

Abstract

This article analyses the institutional designs of online personal data protection, location of computing facilities and cross-border data flows (hereinafter referred to as ‘data-related issues’) in the Regional Comprehensive Economic Partnership (RCEP) and the free trade agreements (FTAs) concluded between/among the RCEP Parties (hereinafter referred to as ‘inner-FTAs’). Varied institutional designs of the RCEP’s inner-FTAs suggest that uneven liberalization of data flows and regulatory fragmentation are prominent among the parties, but the inner-FTAs are still rooted in the conventional rationale of embedded liberalization. Comparatively, the RCEP’s institutional design concerning data-related issues diverts from the conventional rationale by formally harmonizing its heterogeneous inner-FTAs: the RCEP partially assimilates its inner-FTAs while making some innovations referring to some old elements of the multilateral trading system. In substance, the RCEP allows the Parties to have more autonomy to cultivate consensus and re-adjust the regional legal order as it reasserts the dominance of domestic regulation. The RCEP may head for two directions: it may either complement the multilateral trading system or grow into a novel regional legal order. The destination largely depends on whether the Parties can reach consensus. During the transitional period, soft law and non-state actors will play important roles in bridging the regulatory divide under the shadow of domestic regulation. Regional Comprehensive Economic Partnership (RCEP), free trade agreements, institution, institutional design, online personal data protection, cross-border data flows, data localization, soft law, non-state actor, new legal order