China plans to significantly shore up data security across major industries ranging from telecommunications to finance, as Beijing seeks to unlock the economic potential of the massive amount of data generated by its digital economy while protecting national security.
As data becomes an important production factor and a key engine of economic growth, data security is also becoming an integral part of the country’s national security, the cybersecurity unit under the Ministry of Industry and Information Technology (MIIT) said in an online Q&A published on the agency’s website on Sunday.
The Q&A was designed to elaborate on guidelines jointly issued on Friday by 16 Chinese governmental bodies – including the MIIT and the Cyberspace Administration of China (CAC) – which set a target for the country to grow its data security industry by 30 per cent each year, to more than 150 billion yuan (US$22.4 billion) by 2025.
During the same period, the government plans to build five provincial and state-level data security labs to achieve breakthroughs in key technologies and products. It also wants to establish five national data security industrial estates and develop several “little giants” – smaller businesses with special products and know-how in the sector – that are globally competitive.
Industries ranging from telecommunications and transport to finance and healthcare should present at least eight applicable use case scenarios in the next three years, according to the guidelines.
By 2035, China’s data security sector is expected to mature and “enter a prosperous period”, bolstering the national digital economy.
Other notable agencies involved in Friday’s guidelines include the National Development and Reform Commission (NDRC), the Ministry of Public Security, the People’s Bank of China, the State Administration for Market Regulation, and the China Securities Regulatory Commission.
The new directive came days after the NDRC wrote a piece in the Chinese Communist Party’s official journal Qiushi, calling “the idea that data should play a role in wealth distribution” a “major theory innovation and breakthrough” by the party.
Chinese policymakers added data as a new production factor in April 2020, putting it in the same category as land, capital and human labour.
Developing the data security sector – which will involve collaboration among research facilities, universities and companies – will improve practices across industries, laying the groundwork for building up the country’s digital economy, according to the MIIT’s Q&A on Sunday.
As China pushes forward with efforts to use data to drive economic growth, however, it is also tightening control over its storage and access.
The Data Security Law, which came into effect in the country in September 2021, treats some domestically generated information as a matter of national security and requires each government body to supervise data security in their own realms.
Since then, Beijing has released a raft of rules governing the export of Chinese data.
Last month, the MIIT passed new rules mandating that important industrial data be stored within the country, covering areas including industry, telecoms and radio waves.
Since early last year, Chinese companies seeking initial public offerings overseas are required to go through a cybersecurity review if the business involves the data of more than one million Chinese consumers.
Authorities have also increased scrutiny over the data practices of Chinese technology companies.
In July 2021, the CAC launched an unprecedented cybersecurity investigation into ride-hailing giant Didi Chuxing “to prevent risks regarding national data security and to maintain national security”.
That probe marks the first time Beijing has publicly cited national security as a reason for launching an inquiry into one of the country’s tech giants. Didi was later found to be responsible for various data protection violations, resulting in a US$1.2 billion fine last year. South China Morning Post