EU Digital Dialogue and Cooperation with China: The Way Forward?

On the 24th March 2023 the Cyber Security Association of China and the European Union Chamber of Commerce in China co-hosted a hybrid event titled the “China-Europe Track II Digital Dialogue Plan” in which experts and representatives from Chinese and European universities, think tanks, research institutions, hospitals and associations took part in a series of panel discussions designed to identify best practice and ways forward in digital cooperation between the EU and China.

This piece is based on the presentation made by Lin Goethals, Director at the European Institute for Asian Studies in the second panel, addressing “Global Digital Cooperation Opportunities” and focuses on four key points to advance EU-China Digital Dialogue and Cooperation.

The evolving EU Digital Strategies and Instruments

In the digital and technological sphere, the bilateral EU-China high-tech dialogue started in 2009 focusing on Information Technology, Telecommunications and the use of the Internet. Later, in 2013 the “EU-China 2020 Strategic Agenda for Cooperation” included a focus on the Internet and the information society. Then, in 2015 a Joint EU-China Declaration on strategic cooperation on 5G mobile networks was signed in Beijing as a major outcome of the EU-China High-Level Economic and Trade Dialogue. Under this Declaration, the EU and China were committed to reach a global understanding on the concept, basic functionalities, key technologies and time plan for 5G. It was also agreed to ensure reciprocity and openness in terms of access to 5G networks’ research funding, market access, as well as in membership to 5G associations in China and the EU, and to explore possibilities to cooperate and implement joint research actions in the area of 5G and facilitate bilateral participation of enterprises in 5G research projects in China and the EU. Starting from mid 2018, the EU position towards a strengthening of European digital dialogue with China became more cautious, with the 2019 “EU-China – A strategic outlook” designating a clear shift in the EU’s policy and approach towards China. Amidst this new reality, the European Commission adopted a recommendation in January 2020, under the form of a Toolbox for a common EU approach to security risks related to the installation of 5G networks by non-EU technology providers. Meanwhile in its 2018 Policy Paper on cooperation with Europe, China strongly reaffirmed its commitment to developing digital connectivity with the EU in the framework of the Belt and Road initiative. Within this they also recognized the merits and advantages of closer cooperation between “Digital China” and the EU Digital Single Market with particular reference to information technology, telecommunications and informatisation.

On the occasion of the EU-China Summit in July 2018, a joint EU-China co-Investment Fund (CECIF) was established to support SMEs and mid caps’ investments and joint initiatives in the framework of cooperation between the European Fund for Strategic Investments (EFSI) facility and the BRI. The first and last EU China Digital Dialogue in 2020 was followed by a cooling of digital relations and trust between the EU and China. More recently however, and following the pandemic, we have seen an encouraging uptake of dual track dialogue mechanisms. During the EU-China Online Summit on 1 April 2022 both parties signalled their desire to resume the High-Level Digital Dialogue. As well as this we saw the 9th EU-China High-Level Economic and Trade Dialogue in July 2022, and 38th Human Rights Dialogue in February 2023, where they specifically agreed to organise an event on ‘fostering women entrepreneurship in the technology and digital sectors’. Dialogue clearly appears to be back on the agenda. China and the EU must now continue this momentum to strengthen cooperation on cross-border data flow, new technologies and applications such as artificial intelligence, 5G, 6G as well as industrial internet in the digital economy.

Finding the way forward for EU Digital Cooperation with China

In light of the rapidly changing global digital environment and the geopolitical complexities of the EU China relationship, the question remains where and how common ground can be found between both partners to undertake joint action in the digital sphere. Within this context there are four key points that need to be addressed in order to advance EU-China Digital Dialogue and Cooperation, finding common ground for cooperation in the digital sphere; avoiding digital decoupling; developing a common framework for e-data governance; and digital skills training.  

1. Recalibrating the EU-China relationship towards one of finding common ground

The current geopolitical environment and complex China-EU relations remains a significant contributor to the existing challenges and difficulties between the EU and China when it comes to working together on digital related issues. Within this context, defining in which domain cooperation is presently possible, viable and attainable is an essential step to ensure the space and platform from which to advance future digital cooperation. Whilst global, domestic, and bilateral dynamics between the EU and China have pushed existing ties towards new waters, both entities have economic interdependencies that cannot be ignored, with China and the EU being each other’s largest trading partner and not least with China being the EU’s largest importer of goods by a significant margin. When it comes to digital technological development and innovation, no single actor is able to address such challenges unilaterally, and so it is important for China and the EU to stay engaged and maintain a long-term perspective on cooperation. To do this, creating common ground and advancing spaces for dialogue that address areas of mutual interest will serve as a key foundation. There is vast potential for cooperation in the digital realm, particularly for common challenges such as the green transition and the fight against climate change. 

In the field of medical and health cooperation, there is for instance the successful collaborative project between EU and Chinese research centres seen in the COLOR III randomised clinical trial between the VU Amsterdam medical centre and a number of participating research centres in China and across the world. The research compares the differences between laparoscopic and open surgery by collecting personal  data from consenting patients who undergo treatment. As the first project to pass the Cyberspace Administration of China’s (CAC) Data Export Security Assessment they became effective on September 1st 2022, which shows that further cooperation in medical and other fields of research is still within reach. 

Nevertheless, in order to facilitate collaboration in the digital and other realms, a solid trust-building effort should be made, increasing the level of transparency, exchange and dialogue to close the digital communication gap. Moreover, China’s Belt and Road Initiative and the EU’s Global Gateway both serve connectivity goals in the wider sense of its meaning. While they both have different set ups and toolboxes in place, a smart division of tasks between both programmes can ultimately cover a broader spectrum, without necessarily entering into competition with each other. Digital as well as physical connectivity in the Indo-Pacific might even bode well with it in the long term. Meanwhile the need for raw materials, rare earths, the production of batteries for electric vehicles and other parts or components of digital applications in the green transformation will remain high on the agenda and so new tools are to be developed, potentially also in a joint effort.  The question thus is not how but where the EU and China can complement each other in the digital sphere, and where cooperation and joint projects are still viable and welcomed. Institutions and businesses are well aware of this and can serve as a reference point for how geopolitics could ultimately be overcome to tackle today’s challenges.

2. Avoiding digital decoupling

Harmonising digital standards and regulations is in the interest of both the EU and China as neither would benefit from an effective decoupling and advancement of competing digital standards and regulations. Joint digital standard-setting and a harmonisation of already existing ones should be higher on the agenda, despite the complexities this may bring along. Even amid political disagreement, cooperation at the technical level and exchange in concrete domains should remain possible. As state actors continue to retreat from globalisation, the threats against the open and global internet continuously change and evolve, but over the years a set of actions have been identified that we see contributing to a fragmented internet ecosystem. One of these is data localisation practices, in which motivated by concern for citizens’ privacy, protection from foreign surveillance or their own access to data for law enforcement purposes, countries are increasingly placing geographic restrictions on domestic businesses’ storage and transfer of data. While increased legal protections for personal data may be a necessary part of the solution to the online privacy problem, if many countries adopt their own unique privacy requirements, every company operating on the internet could potentially be subjected to a multiplicity of inconsistent laws. If companies are unable to meet each country’s differing requirements, because those requirements conflict with one another or because of added costs associated with meeting multiple, disparate rules, businesses may pull out of particular markets, affecting user experience and contributing to a fragmented internet. The tools to fight against such fragmentation include generating a global conversation about internet regulation and showing a balance between regulation and an open internet. The EU and China must create better processes for how to engage more substantively with different actors to better align these regulatory frameworks and set commonly agreed standards. Multi-stakeholder models are already in place through which open standards development processes and recommitment to interoperation can be fostered. The alternative, although not a desired one, is isolation, as a fragmented internet effectively means seclusion and both China and the EU must heed that the internet is resilient only insofar as its minimum set of norms are respected. 

3. Developing a common framework for e-data governance.

As information is power, a common framework to manage data access and e-governance should be explored. There are four key instruments that can advance this, (i) unilateral measures such as open or pre-authorised safeguards for the transfer of data; (ii) plurilateral measures that utilise binding or non-binding instruments such as the OECD’s privacy guidelines; (iii) trade agreements which can provide non-binding guidance, reassessment of data flows, as well as binding commitments; and finally(iv) non-regulatory measures such as the adoption of other standards or technology driven initiatives. Within the current geopolitical environment, global cross-border data flows and digital trade agreements can be roughly divided into three categories. The “trade-first free flow model” of the United States, the EU’s “balancing human rights and digital trade model”, and China’s “balancing security, personal data protection and free flows of data model”, three divergent models that are not as easily to be reconciled. The territorial scope of the EU’s General Data Protection Regulation (GDPR) is based on two principles. The effects principle, where the controller or processors are outside the EU but produce substantive effects within the EU territory, and the principle of territoriality where the controller or processor has an establishment on land. For data within the EU, the GDPR requires member states to allow the free flows of personal data between member states on the premise of protecting the right to privacy in relation to the processing of personal data. For data flows involving third-party countries, the EU requires the third-party country to provide an adequate level of protection to personal data equivalent to the GDPR. In addition, the GDPR has a broad extraterritorial scope of application; it will apply to those data controllers or processors that are not established in the EU but provide goods or services to data subjects in the EU or monitor the activities of the data subject taking place within Europe (article 3(2)). Based on the principle of prioritising the right to privacy and personal data protection, the EU has adopted strict regulations on cross-border data flows with third-party countries. That is, only when the third-party country meets the EU’s data protection requirements, cross-border flows of personal data are allowed. Data flow is conditional, and whether it meets the conditions for “adequate protection” is determined by the EU through the so-called “adequacy decision”. This allows the EU to have important legal power when negotiating data protection with third-party countries, international organisations or enterprises, and increases the legal influence of the EU in the data market. In essence, it is the extraterritorial extension of EU data sovereignty. In July 2018, in order to solve compliance concerns of enterprises regarding the cross-border flows of data in digital trade, an EU proposal for Provisions on Cross-border Data Flows and Protection of Personal Data and Privacy in the EU trade agreement was issued, clearly explaining the EU’s positions on cross-border flows of data in digital trade. Within this, the “cross-border data flows” is a horizontal clause covering all sectors of the economy and covering both personal data and non-personal data. The EU’s GDPR is a good step in the direction of establishing such a framework for data protection and ensuring a safe online space at a much wider level, based on commonalities and commonly agreed principles. It can only flourish however provided there is a political willingness to establish such a common structure and data governance approach between the EU and China. The EU’s GDPR can serve as a good starting point to explore potential ways to develop a common framework for e-data governance.

China’s current data sovereignty and cross-border data flow rules are mainly reflected in its “Cybersecurity Law”, “Data Security Law”, “Personal Information Protection Law”, “Key Infrastructure Security Protection Regulations”, “Cybersecurity Review Measures”, and most recently in the “Measures for Data Export Security Assessment”. These and other regulations may be expanded under the new government.
The Data Security Law of China also requires the state to establish a data classification and grading system according to the importance of the data to economic and social development and the degree of harm caused to national security, public interests, individuals’ or organisations’ legitimate rights and interests once that data are tampered with, destroyed, leaked, or illegally obtained or used. Data are classified according to different types and apply different compliance requirements, including standard contracts, the security assessment of data export, and the restrictions or prohibitions of data export. Data related to national security, the lifeline of the national economy, important to social livelihood, and major public interests are the important data and are subject to stricter regulation

4. Enhancing joint collaboration for digital skills training

Building the required technological capabilities in digital capital and digital capacity on both sides of the Sino-EU spectrum will be essential. The EU and China are already taking steps to close the digital talent gap, something which in turn must seek to address intergenerational, social, geographical or urban-rural discrepancies. Collaboration on (joint) digital training and capacity building programmes that seek to develop talent remains as important as security concerns and is an area both entities are keen to improve. Steps to be taken might include vocational training in colleges so that students are provided with more opportunities to develop practical real-world skills. Furthermore, ensuring that there is a fair distribution of high skill digital talent amongst industries and regions will be key to advancing a more equal and sustainable digital transformation.

To Conclude

Despite the complexities of the current EU-China relation, dialogue, also at the digital level will need to be advanced and re-opened, identifying common ground for cooperation, joint digital standard-setting, e-data governance and digital skills training. Overall, the road to success may be long but maintaining a long term perspective may offer a different set of opportunities in a challenging global environment. 

Authors: Lin Goethals, EIAS Director and Philip Chennery, EIAS Junior Researcher

Photo credits: Cyber Security Association of China