South China Morning Post
Advertisement
Advertisement
Cybersecurity
Get more with myNEWS
A personalised news feed of stories that matter to you
Learn more
People with their smartphones in Beijing. China wants to expand its data security industry as it seeks to protect national security while unleashing the potential of its digital economy. Photo: AP Photo
TechPolicy

China unveils plan to boost data security in key industries in bet on data-driven economic growth

  • More than a dozen Chinese government bodies have jointly released guidelines on developing the country’s data security sector
  • As China pushes forward with efforts to use data to drive economic growth, it is also tightening control over its storage and access
Cybersecurity
Ben Jiang
Ben Jiangin Beijing
Why you can trust SCMP

China plans to significantly shore up data security across major industries ranging from telecommunications to finance, as Beijing seeks to unlock the economic potential of the massive amount of data generated by its digital economy while protecting national security.

As data becomes an important production factor and a key engine of economic growth, data security is also becoming an integral part of the country’s national security, the cybersecurity unit under the Ministry of Industry and Information Technology (MIIT) said in an online Q&A published on the agency’s website on Sunday.

The Q&A was designed to elaborate on guidelines jointly issued on Friday by 16 Chinese governmental bodies – including the MIIT and the Cyberspace Administration of China (CAC) – which set a target for the country to grow its data security industry by 30 per cent each year, to more than 150 billion yuan (US$22.4 billion) by 2025.

02:04

‘Stop stealing’: China condemns US over Trojan horse cyberattacks on state-funded university

‘Stop stealing’: China condemns US over Trojan horse cyberattacks on state-funded university
During the same period, the government plans to build five provincial and state-level data security labs to achieve breakthroughs in key technologies and products. It also wants to establish five national data security industrial estates and develop several “little giants” – smaller businesses with special products and know-how in the sector – that are globally competitive.

Industries ranging from telecommunications and transport to finance and healthcare should present at least eight applicable use case scenarios in the next three years, according to the guidelines.

By 2035, China’s data security sector is expected to mature and “enter a prosperous period”, bolstering the national digital economy.

Other notable agencies involved in Friday’s guidelines include the National Development and Reform Commission (NDRC), the Ministry of Public Security, the People’s Bank of China, the State Administration for Market Regulation, and the China Securities Regulatory Commission.

The office of the Ministry of Industry and Information Technology near Tiananmen Square in Beijing. Photo: Shutterstock
The new directive came days after the NDRC wrote a piece in the Chinese Communist Party’s official journal Qiushi, calling “the idea that data should play a role in wealth distribution” a “major theory innovation and breakthrough” by the party.

Chinese policymakers added data as a new production factor in April 2020, putting it in the same category as land, capital and human labour.

Developing the data security sector – which will involve collaboration among research facilities, universities and companies – will improve practices across industries, laying the groundwork for building up the country’s digital economy, according to the MIIT’s Q&A on Sunday.

As China pushes forward with efforts to use data to drive economic growth, however, it is also tightening control over its storage and access.

Travellers at a railway station in Chengdu, Sichuan province. Photo: Bloomberg

The Data Security Law, which came into effect in the country in September 2021, treats some domestically generated information as a matter of national security and requires each government body to supervise data security in their own realms.

Since then, Beijing has released a raft of rules governing the export of Chinese data.

Last month, the MIIT passed new rules mandating that important industrial data be stored within the country, covering areas including industry, telecoms and radio waves.
Since early last year, Chinese companies seeking initial public offerings overseas are required to go through a cybersecurity review if the business involves the data of more than one million Chinese consumers.
China has been tightening control over user information gathered by companies. Photo: AP Photo

Authorities have also increased scrutiny over the data practices of Chinese technology companies.

In July 2021, the CAC launched an unprecedented cybersecurity investigation into ride-hailing giant Didi Chuxing “to prevent risks regarding national data security and to maintain national security”.
That probe marks the first time Beijing has publicly cited national security as a reason for launching an inquiry into one of the country’s tech giants. Didi was later found to be responsible for various data protection violations, resulting in a US$1.2 billion fine last year.
Post