---
title: "Mutual Trust Mechanisms for Cross-Border Data Flow — China's 'Trusted Data Space' Bet"
author: "DCC Editorial"
published: 2025-11-20T01:00:00.000Z
url: https://datacompliancechina.com/posts/compliance-talker-cross-border-mutual-trust-trusted-data-spaces/
description: "Compliance Talker's global legal policy team analyzes three competing models for cross-border data mutual trust: the EU's 'rule trust' (adequacy + SCC), the US's 'market trust' (CLOUD Act + DPF), and China's 'technology trust' bet on Trusted Data Spaces (TDS). The NDA's November 2024 *TDS Development Action Plan 2024-2028* makes confidential computing, federated learning, and blockchain the technical layer through which China seeks to demonstrate cross-border data flow can be 'usable but invisible.' For overseas teams, this is the most concrete view of where Chinese cross-border data infrastructure is heading."
tags: ["cross-border", "trusted-data-space", "confidential-computing", "data-sovereignty", "commentary"]
laws_cited: ["dsl", "pipl", "csl", "cross-border-data-flows-provisions"]
domains: ["cross-border", "data-economy"]
account: "compliance-talker"
original_title: "原创 || 数据要素跨境流动互信机制研究——探索兼顾安全与效率的互信机制"
original_author: "全球法律政策研究 (Global Legal Policy Research Team)"
original_publication: "合规小叨客"
original_url: "https://mp.weixin.qq.com/s/K0bJsC3XaNCWcws2wZBeCg"
source_language: "zh"
---
> *Editor's Note — DCC.*
>
> Cross-border data flow attracts a lot of regulatory-comparison
> commentary — most of it focused on the substantive rules. Compliance
> Talker's piece is unusual: it focuses on the **mutual trust
> infrastructure** that makes cross-border flow operationally possible
> in the first place, and frames China's bet on Trusted Data Spaces
> (可信数据空间) as a fundamentally different architectural choice from
> the EU's "rule trust" or the U.S.'s "market trust" model. DCC's
> framing brings out the comparative architecture and the operational
> implications for multinationals trying to operate across all three
> systems.

## The mutual-trust problem

Cross-border data flow growth is enormous — McKinsey projects global data-flow value reaching $11 trillion by 2025. Each 10% increase in data flow raises GDP by 0.2%. Yet international mutual trust mechanisms are radically underdeveloped:

- EU adequacy decisions: as of October 2025, **only 15 countries / regions** have received adequacy.
- The U.S. CLOUD Act creates direct conflicts with non-aligned jurisdictions.
- China operates under DSL / PIPL / CSL with no inbound adequacy from EU and increasing scrutiny from U.S.

The consequence: high compliance costs (Meta fined €1.2B for invalid Privacy Shield; TikTok fined €530M for failing to demonstrate equivalent protection in China), data silos (only a tiny fraction of global data crosses borders), and innovation drag in fields requiring cross-border data (autonomous vehicles, biopharma).

The Compliance Talker piece frames cross-border mutual trust as a single problem with three competing architectural answers.

## Three models — rule trust vs market trust vs technology trust

### EU — Rule Trust

The EU model uses GDPR's adequacy framework + SCCs / BCRs. Trust derives from *substantive legal protection equivalence* — if the receiving jurisdiction has "substantially equivalent" privacy protection, data may flow freely; otherwise, contractual safeguards (SCCs / BCRs) substitute.

Strengths: high individual-rights protection; deeply established jurisprudence.

Weaknesses: only 15 jurisdictions have achieved adequacy; SCCs / BCRs impose heavy compliance burden; the framework is criticized as a "digital wall."

Why the EU runs this model: long history of strong privacy protection + relative scarcity of dominant EU internet platforms means the EU benefits from constraining U.S. tech companies' EU data collection.

### U.S. — Market Trust

The U.S. model favors data free flow with industry self-regulation + bilateral agreements as the trust substrate. No comprehensive federal data protection law; the **CLOUD Act** asserts "data-controller jurisdiction" — U.S. authorities can reach data held by U.S.-incorporated entities regardless of physical storage location.

Mutual trust mechanisms: the EU-U.S. Privacy Shield (struck down in Schrems II 2020), succeeded by the EU-U.S. **Data Privacy Framework** (2023); USMCA-style trade agreements promote U.S. data-governance norms in partner jurisdictions.

Strengths: enables Google / Meta / cloud-services global operations.

Weaknesses: regulatory under-enforcement; foreign governments object to U.S. extraterritorial reach.

### China — Technology Trust

The Compliance Talker team's framing of China's model is the most distinctive contribution of the piece. China's response is not primarily *rules* or *markets* — it's **technology**.

The doctrinal foundation: CSL + DSL + PIPL establish the three pathways (security assessment / SCC / certification) for personal information cross-border. **But** the technical infrastructure layer — **Trusted Data Spaces (可信数据空间)** — promises a fundamentally different mutual-trust posture: *data that can be used cross-border while staying invisible to the receiving party*.

The NDA's **November 2024 *Trusted Data Space Development Action Plan (2024-2028)*** is the national-level systematic deployment.

| | EU "Rule Trust" | U.S. "Market Trust" | China "Technology Trust" |
|---|---|---|---|
| **Trust source** | Substantive legal equivalence | Industry self-regulation + bilateral agreements | Technical control of data usage |
| **Operational vector** | Adequacy / SCC / BCR | CLOUD Act + DPF / USMCA | TDS + confidential computing + blockchain + standard pathways |
| **Cross-border friction** | High (legal compliance burden) | Low (for U.S. operators) | High but declining (as TDS infrastructure matures) |
| **Sovereignty trade-off** | Privacy-rights-centric | Market-access-centric | Sovereignty + technology-controllable |

## What Trusted Data Spaces actually are

The TDS Action Plan's vision: a distributed-architecture data collaboration ecosystem implementing **three core capabilities**:

- **Data sovereignty controllable** (数据主权可控)
- **Joint processing efficient** (联合加工高效)
- **Value allocation fair** (价值分配公平)

The technical architecture has three layers:

- **Infrastructure layer** — cross-border data centers (e.g., Beijing Daxing International Airport "International Data Port") providing storage + compute, with physical-residency provenance.
- **Trusted interaction layer** — blockchain attestation + privacy-computing engines providing data-usage audit across the full lifecycle.
- **Application service layer** — data rights confirmation, pricing, cross-border settlement tools.

**Confidential computing** is the technical core. The premise: cross-border data flow needn't require the receiver to *see* the raw data — it requires that the receiver be able to *use* (compute on) the data within a controlled environment where the data remains encrypted and the data owner retains visibility into how it's being processed.

### Scenario-based grading of mutual-trust mechanisms

TDS uses scenario sensitivity to allocate technical approach:

- **High-sensitivity scenarios** (e.g., personal health data) — *federated learning + differential privacy*, ensuring original data stays in domain.
- **Medium-sensitivity scenarios** (e.g., manufacturing data) — *blockchain attestation + data-element-ization*, ensuring processing is auditable.
- **Low-sensitivity scenarios** (e.g., meteorological data) — *open API* for direct flow, prioritizing efficiency.

The model handles different sensitivity-level data differently. For high-sensitivity flows the technical bar is high; for low-sensitivity flows the technical bar is low. The *uniform substantive rule* is replaced by a *graduated technical architecture*.

## Institutional layering — China's dual-track approach

The TDS technical infrastructure is paired with institutional reforms:

### Domestic institutional innovation

- **Data classification and grading management** — DSL + Network Data Security Regulation establish the floor; sector-specific catalogues build on top.
- **FTZ negative lists** — Beijing, Tianjin, Shanghai, Zhejiang, Hainan publish sector-specific catalogues; data off the list flows cross-border under exemption.
- **Data prohibited from cross-border export** — national security / biological genetic / other core sensitive data.

### International institutional convergence

China has pursued several institutional vectors for international mutual trust:

- **RCEP** — Asia-Pacific Cross-Border Privacy Rules (CBPR) accession negotiation.
- **CPTPP application** — including data-flow provisions.
- **DEPA application** — Digital Economy Partnership Agreement.
- **FTZ offshore data bonded zones** — exploratory international mutual recognition.

The Compliance Talker team's read: China is using *technology trust* as the differentiator while institutional convergence catches up — the technical layer can deliver auditable cross-border data flow before the institutional layer (treaty-based mutual recognition) is fully built.

## The operational implications for multinationals

### Implication 1 — TDS may emerge as a practical alternative to standard CAC pathways

For data flows that don't qualify for the 2024 CBDF Provisions exemptions, the standard CAC pathways (security assessment / SCC / certification) impose significant friction. TDS-based flows — where data stays in a controlled processing environment with blockchain-attested usage tracking — may offer a third operational vector: cross-border *use* without cross-border *transfer*.

This is most relevant for:

- **Joint research and development** between China-based and overseas teams.
- **Pharmaceutical and biotech data analytics** where source data is highly sensitive but analytical results can flow freely.
- **AI model training** using Chinese training data without the training data leaving the controlled environment.

The TDS Action Plan's 2024-2028 timeline suggests this becomes operationally available within compliance teams' current planning horizon.

### Implication 2 — Cross-border data infrastructure is becoming a strategic asset

Beijing's Daxing International Airport "International Data Port" and similar physical infrastructure (cross-border data centers in FTZ-host zones) are emerging as the operational layer where multinationals will route their high-sensitivity China data flows. Foreign-invested entities should evaluate whether their China data infrastructure architecture is positioned to integrate with the TDS framework as it rolls out.

### Implication 3 — The CBPR / CPTPP / DEPA negotiating track matters for long-term posture

China's pursuit of international data agreements through CBPR (Asia-Pacific) and applications to CPTPP / DEPA could, over the next 2–4 years, create the *institutional* mutual-trust framework to complement the *technical* one. Multinationals with strong Asia-Pacific operations should watch this track — and may benefit from positioning their China entity to take advantage of CBPR-certified status as the framework matures.

## Why this matters for overseas teams

Three takeaways:

- **China's cross-border data architecture isn't just "more restrictive" — it's structurally different.** EU mutual trust runs on adequacy + SCCs. U.S. mutual trust runs on CLOUD Act + bilateral executive agreements. China is building mutual trust through *technical architecture* (TDS + confidential computing) layered with institutional channels. Compliance teams that think of China cross-border purely through the EU lens will miss the operational path the technology layer opens.
- **TDS is not a marketing concept — it's national infrastructure.** The NDA's 2024-2028 Action Plan, the Beijing Daxing International Data Port, the FTZ pilots all signal that TDS is being built as production-grade infrastructure, not a research demo. Compliance architects planning 3-5 year cross-border data strategy should treat TDS-based flows as a credible future option, not science fiction.
- **The compliance friction calculus may invert.** Today, China cross-border data flow is significantly more friction-heavy than EU or U.S. cross-border. By 2027-2028, for compliant use cases that fit TDS architecture (joint R&D, analytics on sensitive data, AI training), the friction may invert — TDS-based flow may be operationally simpler than EU SCCs or U.S. discovery exposure.

The deeper point in the Compliance Talker piece is that **China is making a sustained, infrastructure-level bet that the cross-border-data problem can be solved through technical control rather than substantive-rule equivalence**. For overseas counsel watching Chinese data policy, this is the most consequential strategic move underway — and it deserves serious operational attention.

---

— Compliance Talker (合规小叨客) Global Legal Policy Research Team, *原创 || 数据要素跨境流动互信机制研究——探索兼顾安全与效率的互信机制* (Research on Mutual Trust Mechanisms for Cross-Border Data-Element Flow — Exploring Trust Mechanisms Balancing Safety and Efficiency), 合规小叨客 WeChat Official Account, November 20, 2025. [Original article (Chinese).](https://mp.weixin.qq.com/s/K0bJsC3XaNCWcws2wZBeCg)

*Not legal advice. The above is DCC's structured summary of the source article's analysis; not a verbatim translation. The source carries an original-content non-republish clause and is summarized here under fair-use principles with full attribution.*