Digital Giants Clash: China vs. US – Insights into Data Sovereignty, Rights, and Governance

“Invisible” resources

Data becomes a stage of policy competition for United States and China. Both of them try to seek to advance lifestyles in key data industries that will define the Fourth Industrial Revolution. Digital rights refer to the rights individuals have to access, use and disseminate information in the digital environment. These rights include freedom of expression, privacy protection, intellectual property rights, fair use, net neutrality, etc. (Mapping digital media: Freedom of expression rights in the Digital age 2013). Due to the huge benefits brought by digitalization, both China and the United States are making strides towards the digital frontier, but their methods are different.

What did China do?

China is a developing country that has suffered repeated violations of its sovereignty by Western countries in history. In addition, digital technology is still in the exploratory stage. This makes it, like other developing countries, pay special attention to its own data sovereignty when it comes to global data governance issues.

In 2015, the State Council included “data sovereignty” into a government document for the first time. “Action Plan for Promoting the Development of Big Data” issued by the State Council, emphasizing the need to enhance the ability to protect data sovereignty in cyberspace and safeguard national security. In September 2020, the Chinese government proposed in the “Global Data Security Initiative” that it must respect the sovereignty, jurisdiction and security management rights of data of other countries and shall not directly access the data of companies or individuals located in other countries without the permission of other countries’ laws. The Personal Information Protection Law (PIPL), passed in August 2021, is one of the pillars of China’s basic data governance system. It is similar to the EU’s General Data Protection Regulation (GDPR), particularly in its extraterritorial scope provisions and focuses on protecting the personal information of individuals and organizations located on Chinese territory. According to the “Standard Contract” issued by the Cyberspace Administration of China, the Personal Information Protection Law provides a legal basis for the processing of personal information related to cross-border transfers (i.e., data processing activities conducted outside China). The source rather than the place where it is stored or processed exercises jurisdiction extraterritorially. (Data Matters: The United States and China and Approaches to Data Governance and Cybersecurity 2023)

What did the United States do?

The United States is currently the world’s number one capitalist country. The logic of its domestic and international behavior has always been centered on “capital” and it regards maximizing digital business interests as the primary goal of global data governance. When it comes to data sovereignty issues, the U.S. government often adopts a contemptuous or ignorant attitude, and even often violates the data sovereignty of other countries. The United States has successively reached the Safe Harbor Agreement (2000) and the Privacy Shield Agreement (2016) with the European Union. Because the United States completely ignores the EU’s personal data sovereignty, its protection of EU citizens’ data flowing into the United States does not meet the requirements of EU law. The level of personal information protection has led the European Court of Justice to annul two agreements.

The U.S. government believes that the requirements of the EU GDPR Act are too stringent, hinder the full free flow of data, and are not conducive to the development of the U.S. digital economy. Therefore, it is extremely opposed to the EU’s personal data protection plan. In 2018, the U.S. government introduced the Clarifying Lawful Overseas Use of Data Act (CLOUD Act), which established “data controller standards” and clarified that “regardless of whether communications, records, or other information is stored Within the United States, service providers are required to preserve, back up, and disclose communications, records, or other information in accordance with the obligations stipulated in this article.” That is to say, whoever controls the data owns the data. Since the United States is a global leader in digital core technology, this regulation actually provides conditions for data to flow into the United States and be controlled.

As a major country in digital trade, the U.S. government believes that only by implementing policies on free flow of data and restricting data localization can it maintain its dominant position in the digital economy. To this end, the United States insists on promoting the formulation of data governance rules that are in line with U.S. commercial interests. In 2017, the “Basic Elements for Promoting Digital Trade” submitted by the United States proposed US-led digital trade rules, including advocating permanent tariff-free data transmission, opening up the Internet, and promoting the free flow of cross-border data. In order to develop the digital economy, the U.S. government has launched top-level strategies such as the U.S. National Cyber Strategy, the U.S. Global Digital Economy Grand Strategy, and the National 5G Security Strategy to ensure that the United States achieves its long-term leadership in digital technology and digital economy. To sum up, it is not difficult to find that the United States’ global data governance policy has always been designed around the country’s commercial interests. (Data Matters: The United States and China and Approaches to Data Governance and Cybersecurity 2023)

Any concerns?

Real, effective protection of fundamental rights in the digital age will require tech companies to internalize respect for human rights as limits on their governance powers. Making a platform’s decision-making process more legitimate is an extremely difficult challenge. Constitutionalization requires a genuine commitment from tech companies to limit their power, and no company will voluntarily limit its discretion without clear reasons and motivations (Suzor, 2019).

As society becomes increasingly digitized, the protection of digital rights becomes paramount to ensure the preservation of civil liberties and privacy (Mossberger et al., 2007). The principles of net neutrality, in particular, are crucial for maintaining an open and fair internet ecosystem, preventing discrimination and censorship by internet service providers (Barlow, 2016). Moreover, the safeguarding of intellectual property rights is essential for fostering innovation and creativity in the digital age (Hargreaves, 2014).

Data Protection/Didi Case (China)

In June of 2021 Didi appeared on the New York Stock Exchange. The 2nd of July Dodi’s Cyberspace Administration of China announced an investigation into the security of networks in Didi and asked on July 4th that Didi be taken off the store for apps. The security audit seeks at “prevent national data security risks, safeguard national security, and protect public interests.” The Didi app was pulled off the store shelves after it was determined that the application “collected and used personal information in violation of laws and regulations.” The legal foundation to conduct this security audit is that of the “Cybersecurity Law” in 2017 as well as the “Cybersecurity Review Measures” implemented in 2020.

Chinese analysts stated that the reason for the cybersecurity audit is “the assumption that the United States will coerce Chinese companies to hand over data… and cited the U.S. government’s record of forcing companies to surrender at all costs.” The deputy director of the China Information Security Research Institute added, “When companies go public in the United States, some important data and personal information held by Chinese companies may be leaked due to U.S. regulatory requirements.”

On one hand it is true that at one level, the Didi case has raised concerns that are similar to the ones raised in the European Court of Justice regarding the transfer of data across borders in data held in the United States. For instance it was the CJEU relied on Executive Order 12333, section 702 under the Foreign Intelligence Surveillance Act, as well as Presidential Policy Directive 28 to claim the U.S. law fails to effectively protect the data of foreigners against U.S. government surveillance. Of infringement. This is why the regulations of Didi could be viewed as an attempt to safeguard personal information that are the property of Chinese residents.

TikTok ban case (United States)

The 31st of July, 2020, U.S. President Donald Trump made it clear via Air Force One that “as far as TikTok is concerned, we will ban it from entering the United States,” which was followed by an array order executive in the form of an executive directive. On the 6th of August, 2020 Trump issued two executive directives that targeted TikTok as well as WeChat as well, and made another executive order, requiring TikTok’s parent company based in Beijing ByteDance to be a member of its Committee on Foreign Investment in the United States (the Committee on Foreign Investment in the United States). on Foreign Investment in the United States (CFIUS) to sell its U.S. TikTok subsidiary after an investigation into national security conducted by CFIUS. Trump believes that with TikTok it is possible that the Chinese government is able to steal the information of Americans who could be threats to their security and, consequently, threaten them with blackmail. This is the Trump administration’s decision is believed to stem from an expansive provision of the Article 7 in the Chinese National Intelligence Law, which stipulates the following “any organization and citizen shall support, assist and cooperate with national intelligence work in accordance with the law.” The Trump administration has also claimed that it was possible that the Chinese government could use TikTok to restrict American expression or to promote the spread of propaganda.

The national security argument is the reason Trump has been able to eliminate platforms that he was particularly unhappy with. Trump is more influenced by online games that are authoritarian than we imagined as, like other authoritarians across the globe, he is seeking to silence opponents. TikTok is proving to be a hindrance on the side of his adversaries: comedian Sarah Cooper used the platform to mock Trump while teenagers crafted an online campaign using TikTok in order to obtain tickets to Trump’s rallies to ensure they were full. In the end, TikTok is the only important social media platform available within the United States that he doesn’t know, and if the platform were banned, he would be unable to access Twitter, Facebook, or YouTube it would mean he’d lose an opportunity to reach out directly to the millions of people who follow him.

Trump has announced a halt to TikTok around three months before the elections, aimed at alleged secretive foreign plots to penetrate into the United States. Trump declared that, should his rival win in the elections “you have to learn to speak Chinese.” When a federal court looked into the secret evidence of the government regarding TikTok and WeChat, it sided against TikTok and in the beginning lifted the ban TikTok as well as WeChat. A federal Judge Carl Nichols, appointed by Trump has lifted the restriction on TikTok despite government claims that TikTok was a danger for national security. In a separate case Justice Wendy Beetlestone found the government’s claims were “hypothetical.” Furthermore that the CFIUS divestiture decree was neither overturned nor was it implemented.

The inability of TikTok ban is a sign of a solid security system that checks and balances but this particular incident proves that controls and checks are essential. It is encouraging that federal courts are reluctant to agree with President Trump’s declaration of a national emergency is a positive sign. This also indicates that Congress has also anticipated abuse of this power. For instance, the ability of courts to stop TikTok as well as WeChat depended on the possibility that Congress gave protection to speech in the widest sense of the powers Congress gave the president.

In summary, the dynamic interplay between digital rights, data sovereignty and global data governance reflects the complex realities of the digital age. While countries like China and the United States have taken different paths in shaping the digital future, the overriding challenge is how to balance technological progress with the protection of fundamental rights and values. Case studies of the Didi and TikTok incidents highlight the urgent need for transparent and accountable governance frameworks that prioritize individual freedoms and privacy while promoting innovation and economic growth. Going forward, collaborative efforts at the national and international levels will be critical to navigating the changing digital rights landscape and ensuring technology serves humanity’s best interests. Only through thoughtful regulation, ethical practices, and strong checks and balances can we harness the full potential of the digital revolution while upholding the principles of democracy, fairness, and human dignity.


Barlow, J. P. (2018, April 8). A declaration of the independence of Cyberspace. Electronic Frontier Foundation.

Collaborative Research Group of Grandview Institution and the Institute for China-America Studies. (2023). Data Matters: The United States and China and Approaches to Data Governance and Cybersecurity.

Hargreaves, I. (2014). Digital opportunity: A review of Intellectual Property and Growth.

Helen , N. (n.d.). Respecting context to protect privacy: Why meaning matters. Context to Protect Privacy Why Meaning Matters.pdf

Mapping digital media: Freedom of expression rights in the Digital age. Open Society Foundations. (2013).

Mossberger, K., Tolbert, C. J., & McNeal, R. S. (2007, October 12). Digital Citizenship: The internet, society, and participation. MIT Press.

Suzor, N. P. (2019). Protecting fundamental rights (chapter 9) – lawless. Cambridge Core.

Be the first to comment

Leave a Reply