How to deal with China? This question is increasingly troubling Europe and the Federal Republic of Germany. While China is demonstrating its power and claims more and more clearly, the desired “de-risking” has so far only worked to a very limited extent. For years, China’s strategy towards Europe has been characterised by coercing individual actors and punishing others in a targeted manner – and thus calling into question the unity achieved in the EU and the federal government on internal negotiations, which sometimes last for years. This is why Digital Minister Volker Wissing (FDP) signed a joint declaration of intent with the director of the Cyberspace Administration of the People’s Republic during a visit to China on Wednesday – a so-called “Memorandum of Understanding (MOU)”.
Advertisement
Lots of advice needed for victims of online hate
There needs to be dialogue with China and within the federal government
Its content: A dialogue format is to be established in which questions of data flow between the two countries can be discussed. This is mainly about automated and connected driving – now that more and more cars from Chinese manufacturers are being sold in the European and German markets, many questions arise: Who has access to which data? Where can or must these be stored? As a company, the manufacturer is subject to Chinese law and is therefore obliged to cooperate with the security authorities. However, as a supplier to Europe, European law also applies. The two are hardly compatible with each other, which is why it is only a matter of time before major problems arise here too. In the worst case, Chinese manufacturers could no longer offer their cars in the EU. It is also unclear whether the vehicles sold will still be usable.
Following the signing, Vissing was accused of not coordinating his moves with other federal government departments. Handelsblatt cited Jens Zimmermann, digital policy spokesman for the SPD parliamentary group, said: “Vissing is a ‘loose principle’ when it comes to China.” Criticism also came from the Greens and from Wissing’s own parliamentary group. Even Chancellor Olaf Scholz (SPD) criticised Wissing after the agreement. “The things we do have this principle that we agree on things together and agree that things actually happen,” the chancellor said on Friday on the sidelines of the new EU Commission’s European Council in Brussels. But he added, “So it’s unfortunate that that didn’t happen here. But it still remains a clear strategy.”
BMDV rejects criticism
Wissing’s ministry rejected the criticism: Declaration of Intent The draft is the result of a cooperation agreement with China on autonomous driving – which was signed in the presence of the chancellor in April. The draft was quickly sent to other departments and was available from May. The BMDV said that what it says is an implementation within the framework of the agreed China strategy is not feasible, as it is being pushed through by “special departments within their sphere of responsibility”. CDU foreign politician Norbert Röttgen immediately sharply rebuked the chancellor and the minister: Scholz behaved as if the dependence on Russia never existed – and Wissing made himself a lobby representative for some large companies, Röttgen said in a social media posting.
Vising’s solo effort has no direct impact on data issues
Vissing is repeatedly seen as a supporter of Chinese interests – for example in the debate on whether Chinese network suppliers can remain in the German telecoms network. Here, sovereignty over the decision lies entirely at the federal level – in contrast to the debate about declarations of intent. It is questionable whether Vissing’s MoU has any relevance. This is known at the ministry: “It clearly does not contain any concrete agreement on how data transfers will be organized,” the BMDV announced on Friday.
Apart from discussions, there are hardly any concrete options for action for Vissing – because other actors are primarily responsible. As soon as personal data from vehicles is involved, the European General Data Protection Regulation comes into force. This sets up major obstacles to allowing EU residents’ data into third countries. On the other hand, the People’s Republic has a relatively new data protection law, parts of which are almost copied and pasted on the basis of the GDPR.
However, following the decisions of the European Court of Justice on EU-US data transfers, there is no prospect in the near future of a so-called adequacy decision by the EU Commission, which would include a general permission for the transfer of personal data to the People’s Republic. Neither Chinese security regulations nor legal measures in China come close to the level of protection required for such a decision. Due to the arrangement the People’s Republic’s judiciary is not independent and free in its decisions. The Dutch data protection supervisory authority is responsible for Chinese electric car manufacturer BYD, the UEFA sponsor of the European Football Championship, as BYD’s European headquarters are located there.
The obligation to cooperate with security authorities and the lack of judicial quality are also obstacles when it comes to non-personal data that must flow through data brokers: With the Data Governance Act, which was only passed in the last EU legislative period, such data transfers are also regulated by law. Here, too, the requirements for general permits are comparatively high and cannot currently be met by China. There are also the obligations of the Data Act, which will apply as EU law from September 12, 2025 – for example on the question of the exportability of data and the ability to migrate between cloud providers. Vissings BMDV is currently developing a draft of the corresponding legislation in German law.
(Never)
Dispute over Microsoft 365: EU Commission sues EU data protection official
