由于各国(地区)数据治理规则不一致,当前国际体育赛事承办者面临数据跨境传输的规则适用难题。根据欧盟数据跨境传输规则,冬奥会承办者收集境外欧盟参赛者个人数据的可行路径有:一是获得充分性保护水平认定,二是通过BCRs 及SCCs 及行为准则提供适当保护措施,三是适用公共利益例外规定。在欧盟“软数据本地化存储”的规则体系下,以上三条路径都还面临挑战。国际奥委会通过合同要求北京奥组委在冬奥会结束之后, 将所有赛事相关数据转移至瑞士的国际奥委会总部,这有违我国数据本地化存储的原则规定。在目前尚未形成通行国际数据处理规则的情况下,解决国际体育赛事数据跨境传输规则适用难题的可选路径有:一是在协议中设置合规性保护义务条款,二是适用标准合同条款及约束性企业规则工具,三是推动建立双边或者多边合作机制,四是推动制定我国体育产业数据保护规范。前三条路径都有其局限,第四条路径是目前解决国际体育赛事数据跨境传输合规问题的优选方案。
Research on the Application of Rules for Cross-border Data Transmission of International Sports Events
Taking the Beijing 2022 Winter Olympics as an Example
Xiao Dongmei,Su Ying(Xiangtan University)
Abstract Since the data governance rules of different countries (regions) are inconsistent, the organizers of international sports events face difficulties in the application of data cross-border transmission rules. The first is to set up compliance protection obligations in the international event holding agreement to directly deal with it; the second is to apply Standard Contractual Clauses and Binding Corporate Rules tools; the third is to promote the establishment of bilateral or multilateral cooperation mechanisms; the fourth is to promote the formulation of da‐ ta protection norms for China’ s sports industry. The first three paths have their limitations, and the fourth path is currently the preferred solution to solve the compliance problem of cross-border data transmission in hosting international sports events.
Key words international sports events; personal information protection; data sovereignty; cross-border data transmission
■ 作者简介 肖冬梅,管理学博士,湘潭大学知识产权学院教授、博士生导师;湖南 湘潭 411105;苏 莹,湘潭大学知识产权学院博士研究生。