New Cybersecurity Industry Plan Created by China to Improve Country’s Data Protections

China’s Ministry of Industry and Information Technology (MIIT) has launched a new cybersecurity industry plan to boost development of the country’s cybersecurity sector. The draft three-year action plan, worth more than 250 billion yuan, proposes securing more networks and updating infrastructure in sectors including energy, health, education, finance and transport. The proposals made in the plan reflect an effort by the Chinese authorities to better regulate data storage, data transfer and protection of personal data. The country’s drive to increase the efficiency of its cybersecurity industry is an outgrowth of concerns about data security.

MIIT presented the cybersecurity plan as part of an effort to address and protect data, as one of China’s most critical assets within the digital landscape. The plan offers the most comprehensive development strategy to date for the cybersecurity sector in China. Within the plan, key industries are required to allocate 10% of their information technology (IT) upgrade funds to cybersecurity protection by 2023. Mandates like this are crucial, according to MIIT, to ensure that the country’s top industries invest more in data security.

Cybersecurity threats are becoming more apparent around the world as hackers are increasingly adept at gaining entry into technology supply chains and carrying out attacks within the digital space. This has resulted in countries like China putting more resources into cybersecurity, in the same manner as they invest in national security and state sovereignty. According to Kenn Yee, a policy analyst at Access Partnership, “China’s three-year cybersecurity plan is also China’s cyber defence plan, which aims to harden China’s digital assets in its push for a resilient digital economy.”

Data protection has become a forefront issue in the current national and international setting. In China, efforts to protect data storage, transfer and privacy are considered critical to protect the digital economy of the country. The proposed cybersecurity industry plan points out that data protection is not a one-sided issue with a single solution. It presents cybersecurity instead as an issue to be addressed broadly, considering the country’s critical industries and building a more sustainable foundation for data security in the future.

China has been moving towards building a more resilient digital economy, for example, increasing its use of regulators to perform cybersecurity reviews and offering online services for the regions. Since the 2014 creation of the Cyberspace Administration of China (CAC), it has established more regulation for online services to enforce compliance with China’s data protection rules.
For example, the CAC called for smartphone app stores to stop promoting Didi Global Inc’s (DIDI.N) app. The CAC found that the DIDI.N app was illegally saving the personal data of users. Didi Global responded by complying with the orders, removing the app and stopping unauthorized gathering of users’ information.

In an effort to uphold China’s data privacy laws, and following the Didi Global cybersecurity breach, the CAC drafted rules for security reviews by tech companies with more than 1 million users. China has also placed harsher restrictions on the most powerful Chinese technology companies in an effort to address concerns about data safety and antitrust. The proposed cybersecurity industry plan is considered a next step for Chinese authorities to maintain control of data security and privacy.

The cybersecurity sector will continue to be significant in China. As the world becomes more interconnected in the digital space, the threat of cyberattacks and hackers will only grow, raising detrimental issues regarding data safety. The drive of countries like China to increase their digital resiliency points to a larger understanding that cybersecurity is a crucial part of national security. A country’s stability is now closely linked to its ability to protect itself from the ever-changing nature of cyberattacks. The drafting of China’s cybersecurity industry plan indicates the current understanding that data security will continue to be key in the digital landscape and security of a country.