China recently applied to join the Digital Economy Partnership Agreement, a trade agreement aimed at improving collaboration and trade in the digital economy signed by three Pacific countries â New Zealand, Singapore, and Chile. There are many ways in which China would stand to benefit from joining the agreement, but the countryâs recent tightening of data laws may stand in the way of its accession. We provide an overview of what the Digital Economy Partnership Agreement contains and discuss Chinaâs chances of success.
At the 2021 G20 Summit in Rome, President Xi Jinping announced that China would seek to join the newly created Digital Economy Partnership AgreementÂ (DEPA). A day later, on November 1, Chinaâs Ministry of Commerce (MOFCOM) formallyÂ appliedÂ for China to join the agreement.Â
TheÂ DEPA,Â describedÂ as the first trade agreement to target the digital economy,Â hasÂ beenÂ entered into by New Zealand, Singapore, and Chile.Â ItÂ is a trade agreement that aims to facilitate digital trade, enable cross-border data flow, and create a system of trust in which data is shared equitably and personal and online consumer data is protected.Â Â
The agreement was signed by the three member countries on June 12, 2020, and went into force in New Zealand and Singapore on January 7, 2021. In addition to the three founding members, South Korea has formally applied to join, a request that has beenÂ acceptedÂ and will now undergo deliberation, and Canada has expressed interest in joining.Â
What does the DEPA agree to?Â
The DEPA contains 16 articles covering provisions on a wide range of business initiatives and data issues with the aim of cultivating a business and trade-friendly environment in the digital economy.
This includes facilitating digital business and trade by improving ease of business in the digital sphere, streamlining cross-border data transfer, creating open and equitable data-sharing mechanisms, and adhering to a transparent regulatory system to ensure data protection and equal opportunity for participation of all stakeholders in the digital economy.Â
In addition, the DEPA confirms the member countriesâ commitment to collaborate on key digital technologies, such as artificial intelligence (AI) and fintech. It also agrees to waive certain customs duties for digital products and outlines mechanisms for dispute settlement, mediation, and the establishment of overseeing bodies in the different countries.Â
Below is a brief overview of some of the core provisions of the DEPA.
|Overview of Core Provisions of the DEPAÂ|
|Business and trade facilitationÂ||
|Treatment of digital products and related issuesÂ||
|Wider trust environmentÂ||
|Business and consumer trustÂ||
|Emerging trends and technologiesÂ||
|Innovation and the digital economyÂ||
|Note: The above provisions are not exhaustive.
Source: Digital Economy Partnership Agreement (DEPA)
In addition to the above provisions, the document outlines requirements for each country to establish a joint committee, which is responsible for overseeing the implementation of the agreement, considering and making decisions on any proposed amendments, and establishing rules of procedure for the committee. The document also stipulates requirements on transparency and outlines dispute settlement mechanisms.Â
It is worth noting that the DEPA document is not legally binding, and many of the provisions do not directly require action from the members. Rather, they merely seek to promote mutual recognition and acceptance of various norms and standards related to the digital economy and drive collaboration on several cross-border issues, as they relate to business, data, and information sharing.Â
Why does China want to join DEPA?Â
China has not explicitly stated its reasoning behind its application to the DEPA. As many have pointed out, Chinaâs application to DEPA came on the heels of its submission to join theÂ Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP), a move that has been widely interpreted as an attempt to bolster relationships with the 11 Pacific member countries and undermine US influence in the region (although there are many other reasons why China would want to join). The application to join the DEPA can therefore be viewed as an extension of this, although the issue has received less international attention.Â
In itsÂ official statement,Â MOFCOMÂ wrote that âApplying to join DEPA is in line with Chinaâs moves to deepen domestic reforms and open further to the outside world. It will help China to strengthen cooperation in the digital economy with members under the newÂ developmentÂ pattern andÂ promote innovation and sustainable development. China will now carry out follow-up work with all members in accordance with the relevant procedures of DEPAâ.
When looking at potential motives, it is clear there is much in the DEPA that is attractive to China.Â As Chinaâs economy and labor market mature, it is moving away from traditional industries and toward high-tech and service sectors.
The government has stressed the importance of âupgradingâ the economy by digitizing traditional industries, transitioning to high-tech capabilities, and cultivating digital and emerging industries as a means of sustaining economic growth. Strengthening international cooperation and trade in the digital economy therefore directly serves to boost Chinaâs plan to become a high-tech powerhouse.Â
The provisions on boosting the participation of SMEs in the digital economy are also in line with Chinaâs overall aims to support and develop SMEs, both by helping smaller companies upgrade and keep pace with digitization and by cultivating smaller businesses engaged in emerging technologies. SMEs form the backbone of Chinaâs economy, accounting for 60 percent of the countryâs GDP, 70 percent of its patents, and employing 80 percent of its workers, according to data fromÂ Statista.Â
China has therefore ramped up efforts to support SMEs,Â in particular sinceÂ the start of the pandemic, which had an outsized impact on smaller businesses in the country. In addition toÂ increasing loans to small businessesÂ over the course of 2021, China also recently launchedÂ a new stock exchange in BeijingÂ geared toward innovation-focusedÂ SMEs, in the hope of increasing capital flows to the sector.Â Â
Streamlining access to information and resources and facilitating cross-border trade and information sharing, as proposed by DEPA, could be a welcome boost to Chinaâs SMEs. The agreement would also help open up new markets for Chinese SMEs and drive innovation through more competition and collaboration. MOFCOMâs explanation that China is joining DEPA because it is âin line with Chinaâs moves to deepen domestic reformsâ is therefore likely to refer to these.Â Â
What does China have to do to join DEPA?Â
China will need to jump through some hoops before it can expect to be admitted to the DEPA, something thatÂ MOFCOMÂ acknowledged in its statement. The agreement sets relatively high standards on data openness and transparency for its members, which would require some changes to Chinaâs current data laws.Â Â
Specifically, the requirements for cross-border flow of data and data storage, which conflict with the recent tightening of regulations in China, have led some critics have cast doubt over Chinaâs eligibility to join the DEPA.Â
Cross-border data flowÂ
Module 4 of the DEPA deals with Data Issues (see table above), and stipulates, among other things, that, âEach Party shall allow the cross-border transfer of information byÂ electronic means, including personal information, when this activity is for the conduct of the business of a covered person.âÂ
However, there areÂ a number ofÂ provisions in Chinese law that contradict this requirement. The Cybersecurity Law, which was released in 2017, requires critical information infrastructure (CII) operators that handle âimportantâ data or personal information to undergo a security assessment by the Cyberspace Administration of China (CAC) before being permitted to transfer the data abroad.Â Â
The Personal Information Protection Law (PIPL), which came into effect on November 1, 2021, has further bolstered these requirements. The new law requires companies that handle the personal information of users in China to undergo a security assessment before transferring the data overseas, among other requirements, such as obtaining a personal information protection certification and providing a signed contract with the overseas recipient of the data.Â
Further clarifications of theseÂ requirementsÂ wereÂ providedÂ inÂ a recent set ofÂ draft guidelines for cross-border data transfer, whichÂ specify thatÂ security reviewsÂ are needed for the transfer of the personal information of more than 100,000 Chinese users or the âsensitiveâ personal information of more than 10,000 Chinese users outside of China. The draft guidelines also outright ban the export of âcore dataâ, defined as data that poses a high risk to Chinaâs national security.Â
In addition to the security assessment requirements, the Data Issues section of the DEPA also requires that âNo Party shall require a covered person to use or locate computing facilities in that Partyâs territory as a condition for conducting business in that territory.âÂ
This also conflicts withÂ stipulationsÂ inÂ bothÂ the 2017 Cybersecurity LawÂ and the PIPL, which require CII operators that collect and generate personal information or important data during operations conducted in China, or operators handling the personal information of users in China,Â to store that data within Chinaâs territory.Â
Impact of data regulations on businessesÂ
The requirements of the data regulations are further complicated by the fact that some of the legal terminologies is not clearly defined. There is still some confusion over which companies fall under the designation of CII operator, and what exactly constitutes âimportant dataâ.Â
This has led some companies to take preemptive action, even when it is not entirely clear that they need to.Â In response to theÂ data storage requirements,Â multipleÂ foreignÂ automakers,Â such as Ford and BMW,Â haveÂ set up data centersÂ inÂ ChinaÂ to support their domesticÂ operations.
More recently, ambiguity over the implementation of the data requirements has ledÂ someÂ domestic shipping companies toÂ refuse toÂ hand overÂ dataÂ that is used toÂ predict congestion to overseas operators, even though the PIPL doesnât specifically mention shipping data within its scope.Â
The skittishness that the data regulations have caused among domestic companies may further raise doubts over Chinaâs ability to guarantee data openness.Â In addition toÂ amending the legislation to facilitate cross-border data transfer, China may also have to further clarify the legal terminology toÂ ensure consistent implementation and assist companies with compliance.Â
What are Chinaâs chances of being accepted to the DEPA?Â
China views the export of data as an issue of national security, and it seems unlikely that it will water down these provisions significantlyÂ in order toÂ join the DEPA. However, it is also not entirely clear whether it will need to.Â
The âSecurity Exceptionsâ section of the DEPA states that, âNothing in this Agreement shall be construed to: [â¦] (b) preclude a Party from applying measures that it considers necessary for the fulfillment of its obligations with respect to the maintenance or restoration of international peace or security, or the protection of its own essential security interests.â It is therefore possible that Chinaâs data security measures fall under the DEPAâs exceptions, but this will ultimately be up to the current DEPA members to decide.Â
In addition to the issues of data flow and storage, some aspects of Chinaâs new data regulation regime may also help to strengthen its position. The passing of the Personal Information Protection Law, which went into effect on November 1, 2021, has greatly improved protection measures for online individuals, requiring, among other things, informed consent for the collection and processing of personal information and outlining strict requirements for how that data can be used and stored.Â
This falls closely in line with the objectives of the DEPA to âadopt or maintain a legal framework that provides for the protection of the personal information of the usersâ. The proposed legal framework also contains several protection measures that are already included in the PIPL. This could help the favorable view of Chinaâs legal framework among member countries and promote its position as a positive influence on the creation of a robust cross-border data protection system.Â
Whether China will make any changes to its current data laws is currently unclear. As of writing, Chinese authorities have not yet made any announcements pertaining to amendments to data laws, and the current DEPA members have not yet made public whether Chinaâs request to join the DEPA has been accepted.Â
China Briefing is written and produced by Dezan Shira & Associates. The practice assists foreign investors into China and has done so since 1992 through offices in Beijing, Tianjin, Dalian, Qingdao, Shanghai, Hangzhou, Ningbo, Suzhou, Guangzhou, Dongguan, Zhongshan, Shenzhen, and Hong Kong. Please contact the firm for assistance in China at [email protected]
Dezan Shira & Associates has offices in Vietnam, Indonesia, Singapore, United States, Germany, Italy, India, and Russia, in addition to our trade research facilities along the Belt & Road Initiative. We also have partner firms assisting foreign investors in The Philippines, Malaysia, Thailand, Bangladesh.