A Comparative Study of the Data Ethical Foundations of the EU's GDPR and China's Personal Information Protection Law from the Perspective of Global Integration
DOI:
https://doi.org/10.65455/a7y1rc23Keywords:
Data Ethics, GDPR, PIPL, Global Integration, Rights-Based, Development-Security BalanceAbstract
Data drives the development of the global economy, but at the same time, countries face the same challenge: how to protect personal information without hindering its utilization.In view of the lack of systematic ethical comparison between the two major privacy frameworks in Europe and China in the existing literature, this paper aims to examine the ethical basis of the EU's General Data Protection Regulation (GDPR) and China's Personal Information Protection Law (PIPL).This paper uses a comparative analysis method to systematically compare the similarities and differences between GDPR and PIPL in terms of ethical paradigm, system design, and governance logic. The study found that although GDPR and PIPL represent different regulatory paradigms, they are converging in global data governance.The GDPR follows a rights-based paradigm, which originates from the European tradition of emphasizing individual rights. PIPL adopts the development-security balance paradigm based on the need to balance personal protection, industry needs and national security. Although the origins are different, both laws emphasize the combination of personal data control empowerment and supervision mechanisms, and pay attention to the established system of enterprises, not just ex post punishment. By clarifying the ethical basis of the global data governance model, this study provides an analytical framework for understanding regulatory convergence in different cultural and institutional contexts.
References
[1]FU X H. The Structural Impact of Generative AI on the Personal Information Protection Law and Countermeasures. Law Forum, 2025, 40(6): 102-112.
[2]YE C X, YAN W G. On the Current Situation, Problems, and Solutions of China's Cross-Border Data Regime. Journal of Beijing University of Aeronautics and Astronautics (Social Sciences Edition), 2024, 37(1): 57-71.
[3]NATIONAL PEOPLE'S CONGRESS STANDING COMMITTEE. Personal Information Protection Law of the People's Republic of China. Gazette of the Standing Committee of the National People's Congress of the People's Republic of China, 2021, (6): 1117-1125.
[4]BRADFORD A. The Brussels Effect: How the European Union Rules the World. Oxford: Oxford University Press, 2020. DOI: https://doi.org/10.1093/oso/9780190088583.001.0001
[5]SCHWARTZ P M. Global data privacy: The EU way. New York University Law Review, 2019, 94(4): 771-818.
[6]GORECKA A. Competition and data protection in the digital economy: A comparative analysis of the EU and China. Tsinghua China Law Review, 2025, 18(1): 23-51.
[7]DING X D. Interpretive Reconstruction of the Sensitive Personal Information Protection System. China Legal Science, 2025, 2: 168-187.
[8]BYGRAVE L A. Data Privacy Law: An International Perspective (2nd ed.). Oxford: Oxford University Press, 2024.
[9]ZHANG C H, LI Z Z, PEI L. Multidisciplinary Intersection and Multi-Scenario Embedding: A Review of Data Ethics Research at Home and Abroad. Journal of Information Resources Management, 2025, 15(2): 91-107.
[10]YANG F. The Evolution of EU Legal Supervision of Cross-Border Data Flows in the Post-Schrems II Era and China's Response. Global Law Review, 2022, 44(1): 178-192.
[11]LI Z Z, LIU Z Y, ZHANG C H. Research on the Identification and Control of EU Cross-Border Data Risks from an Evidence-Based Perspective. Information Studies: Theory and Application, 2025, 48(4): 192-201.
[12]JIN J. The EU General Data Protection Regulation: Evolution, Key Points, and Ambiguities. Chinese Journal of European Studies, 2018, 36(4): 1-26.
[13]ZHANG J W. Legislative Intent and Systematic Structure of the Legal Bases for Personal Data Processing in the GDPR. Journal of Nanjing Normal University (Social Science Edition), 2025, 2: 127-136.
[14]KUNER C, BYGRAVE L A, DOCKSEY C, et al. The EU General Data Protection Regulation (GDPR): A Commentary. Oxford: Oxford University Press, 2020. DOI: https://doi.org/10.1093/oso/9780198826491.001.0001
[15]YANG C X, QIU S T. Analysis of the Impact of EU GDPR on Cross-Border Civil Aviation Data. Journal of Beijing University of Aeronautics and Astronautics (Social Sciences Edition), 2024, 37(6): 135-150.
[16]HONG Y Q. The Fragmentation of Cross-Border Data Flow Rules and China's Response. Administrative Law Review, 2022, 4: 61-72.
[17]CHENG X. Understanding and Application of the Personal Information Protection Law. Beijing: China Legal Publishing House, 2021.
[18]ZHOU H H. Analysis of the "Gatekeeper Clause" in the Personal Information Protection Law. Science of Law (Journal of Northwest University of Political Science and Law), 2022, 40(5): 36-49.
[19]WANG D. The Institutional Construction of Security Assessment for Outbound Data Transfers. Science of Law (Journal of Northwest University of Political Science and Law), 2025, 43(5): 100-111.
[20]GAO F P. Personal Information Protection: From Individual Control to Social Control. Beijing: Law Press, 2021.
[21]MA S Z, YI Z X, PAN G J, et al. Host Country Data Privacy Protection Policies and China's Digital Services Trade Exports: Evidence from the EU's General Data Protection Regulation. Collected Essays on Finance and Economics, 2026, 42(1): 39-49.
[22]WANG L M. On the Legal Protection of the Right to Personal Information: Centered on the Distinction between the Right to Personal Information and the Right to Privacy. China Legal Science, 2013, 35(4): 62-72.
Downloads
Published
Data Availability Statement
The data that support the findings of this study are available from the corresponding author upon reasonable request.
Issue
Section
License
Copyright (c) 2026 The Author(s). Applied Artificial Intelligence Research published by CSTDP
This work is licensed under a Creative Commons Attribution 4.0 International License.
