As technology such as artificial intelligence and big data rapidly advances, China is witnessing an explosive growth in data volume, which in turn is increasing security risks. Data security has become critically important, and strengthening protective measures is urgent. Recently, the State Council issued the “Cyber Data Security Management Regulations,” aimed at further standardizing online data processing activities to ensure data security and promote the lawful and effective use of data.

Today, data is regarded as an essential production factor, on par with land, labor, capital, and technology, becoming increasingly integrated into various aspects of production and daily life. The deeper the usage of data resources, the greater the pressure to manage risks effectively. Currently, data flows exhibit new characteristics of internal-external interaction, cross-regional linkage, and cross-group aggregation. However, there is a noticeable lack of effective categorization for different types of data, and the data trading process lacks unified, systematic, and standardized rules. Disparities in data access standards further complicate the challenge, threatening risk prevention, market order stability, and social governance.

Additionally, concerns about data monopolization have gained traction. In the digital age, a significant portion of data generation and acquisition is concentrated in high-tech and platform companies with substantial research and development capabilities. It raises important questions about potential risks during the data collection, transmission, storage, utilization, deletion, and destruction phases.

In practice, issues like data misuse and enforcement difficulties persist. For instance, apps often over-collect personal information or impose unreasonable conditions, making account cancellation a challenging task. Furthermore, as data volume grows and flows more frequently, incidents of online fraud, unfair competition, and data breaches have become all too common.

Data security is not just a matter of individual privacy protection; it impacts corporate trade secrets and national safety and stability. Therefore, strengthening data governance and securing our data assets are paramount, as they intertwine with national sovereignty, security, social order, and public interest.

Given the significance of data security, it is essential to incorporate the governance of critical data into the national governance framework. On one hand, we need to establish a standardized and systematic data governance operations platform to ensure compliance, quality, and safety at every stage of data handling. On the other hand, advancing the construction of a standards system—by improving standards for data, technology, and application norms—is crucial. Regions should seize the opportunity to accelerate the digital transformation of government and focus on collaborative governance, optimizing standards, organization, platforms, and processes to guarantee data security comprehensively. Additionally, it’s vital to hold data-related enterprises, particularly leading internet platforms, accountable to enhance their data management capabilities and standardize the handling of data collection, storage, and usage.

We should gradually improve the classification and tiered protection system for data. This includes defining the scope and identification standards for key and critical data, as well as establishing protection requirements and collaboration mechanisms among different departments at various levels. Local regions and departments must create actionable and detailed guidelines to clarify the scope, regulatory goals, protection approaches, and necessary measures for different tiers of data.

However, fortifying data protection does not imply stifling data access. The “Opinions of the Central Committee of the Communist Party of China and the State Council on Building a Data Basic System to Better Utilize Data Factors” advocates for establishing a secure, flexible, and inclusive data governance system. This indicates that data governance must adapt to the evolving landscape of the digital economy, understanding the patterns of data generation and flow under new technologies and applications, while responsibly and legally unlocking the potential of data resources to better support high-quality economic development.