How to implement data security? Before 1 Sep 2021 Experts explain the ideal data security method in detail
The 29th meeting of the Standing Committee of the 13th National China Congress recently adopted the Data Security Law of the People’s Republic of China, which is the first special law on data security in China and an important law in the field of national security. It will come into force on September 1, 2021and affect “How to implement data security?”
How to implement data security? The most asked question there now
Why is there a data security law? What are the difficulties and pain points facing China’s data security at present? How can the data security law effectively protect the security of consumers’ personal information?
At the first Data Rule of Law Summit Forum “How to implement data security?” held a few days ago, industry insiders and experts put forward opinions and suggestions on this.
“Data security is first and foremost related to national security.” Chen Zhimin, former vice minister of the Ministry of Public Security and former deputy director of the State Cyberspace Information Office, believes that data is the core carrier and key content of network operation. Once sensitive data involving politics, economy, diplomacy, military, science and technology, biology and other aspects are leaked, it is easy to be maliciously used, causing great harm to national security. If a data monopoly and hegemony are formed, a series of political and economic problems will arise.
Secondly, it is related to economic security. At present, telecom network fraud has become a prominent problem affecting public security. In some provinces and cities, the number of fraud cases has accounted for half of the criminal cases, which is very difficult to solve, and it is difficult to recover stolen money after solving the case, causing huge losses to the common people.
Thirdly, it is related to personal safety. Once a large number of citizens’ personal privacy, such as personal identity, family, economic status, hobbies, etc., as well as irreversible biometric information such as faces, fingerprints, DNA, etc., are maliciously leaked, the hidden dangers of security should not be underestimated.
In addition, it is related to the health, security and sustainable development of the digital economy. At present, the integration of the digital economy and the real economy has accelerated, and the problem of data ownership has become more prominent. Only by clarifying the ownership relationship of data can the subject and boundary of the data be further clarified; and the value of rights such as data ownership can equity allocation, market trading and income distribution be reasonably carried out.
Therefore, data security has been in a critical period that must be paid attention to, and the introduction of data security law is the general trend.
In recent years, China has formulated the Cyber Security Law, Electronic Commerce Law and Civil Code. These laws, together with data security laws, constitute a legal system in the field of data with Chinese characteristics. The difficulty that the law needs to solve is also the pain point of concern to consumers, enterprises and society.
How to implement data security?
According to He Xiaorong, Vice President of the Supreme People’s Court, from the current judicial practice, the legal issues of data are concentrated in four aspects:
First, the ownership of data property rights is unclear. Data has become a factor of production juxtaposed with land, labor, capital and technology, but the attribution of data generation, the boundaries of the legitimate rights and interests of data collectors, and the unilateral deletion right of data collectors pose great challenges to judicial practice.
Second, data processors infringe on personal privacy. The Civil Code stipulates that data processors shall not use the privacy of natural persons unless explicitly consented by the obligee. At present, China is formulating relevant judicial interpretations on face recognition. Third, big data concentration leads to “killing familiarity”.
The phenomenon of “killing familiarity” of network platform merchants seriously infringes on the legitimate rights and interests of consumers. The deep-seated reason for this phenomenon is mainly that platform merchants collect consumer transaction data for a long time and is not properly used. Fourth, there is a lack of discretionary standards for the rationality of data algorithms. Once there is a problem, it is difficult to provide a basis for clarifying the basic facts of the case.
“The average annual compound growth rate of China’s big data industry exceeded 30% during the 13th Five-Year Plan period, and the overall scale of the industry in 2020 exceeded 1 trillion yuan.” Wang Jiangping, Vice Minister of Industry and Information Technology, believes that in order to look at the new field of data governance from a development perspective, some problems are now small problems and may become big problems in the future.
Data security law provides some important compliance for solving data security and ownership problems. However, there are still some specific issues in the implementation process that need to be further identified.
“Big data plays an important role in the prevention and control of COVID-19.” According to Chen Zhimin, the national health code has been used more than 60 billion times in 2020, helping China’s economic and social order to smoothly restore. However, there are also great security risks to collect and use personal data on such a large scale, so that a large amount of personal data can be held in the hands of communities, properties and enterprises.” How to protect the legitimate rights and interests of citizens, especially to ensure that irreversible biometric information such as citizens’ fingerprints and faces is not risky, needs to be solved by laws and regulations.” He said.
How to use precious and sensitive data? and relation with How to implement data security?
Chen Zhimin put forward several suggestions to implement the data security law:
1 – the main body is in the people. In the era of big data, the data right of individual citizens is equally important as the right of personality and property, which together constitutes the basic rights of citizens. Data rights include informed consent rights, modification rights, property rights, especially the right to distribute data.
2 – sovereignty is in the country. The state shall enjoy the right to generate, disseminate, manage, use, regulate, supervise, protect, evaluate and review data within the scope of political power management.
3 – enterprise development. Data was originally scattered, isolated and disconnected, but through the collection, collation and clarity of enterprises, it has become an organic chain and a commodity of useful value. We should clarify the legitimate rights and interests of enterprises in data development, ensure the fairness and reasonableness of data transactions, oppose unfair competition and oppose data monopoly.
4 – share and share. On the basis of clarifying the dominant status and rights of data citizens, national sovereignty and rights, data sharing and sharing is promoted in accordance with the laws of the socialist market economy.
Next 5 Days more information about Host Location and relation with How to implement data security? question .