On September 8， China proposed the Global Initiative on Data Security to meet the new challenges emerging in global digital governance. State Counselor and Foreign Minister Wang Yi announced the proposal while addressing the International Seminar on Global Digital Governance via video link.

　　Besides the eight points （see box） the initiative is based on， Wang highlighted a few other issues. The response to the novel coronavirus pandemic has seen digital technologies play an important role in keeping society and the economy running. Wang likened the ensuing explosive growth of data to the discovery of oil， providing a new source of energy for economic growth and industrial transformation.
　　However， since different countries have different data laws and regulations， it is pushing up the compliance costs for global businesses. Therefore collective governance of cyberspace with unifi ed rules will benefi t everyone. The initiative is meant to be a start to that process.

Individual efforts

　　In recent years， many countries have been making laws on their own data use and protection. For example， the EU introduced the General Data Protection Regulation， which came into effect in 2018. It is the 27-member bloc’s primary law now， regulating companies’ protection of EU citizens’personal data.
　　The United States’ Clarifying Lawful Overseas Use of Data Act enacted in 2018 can compel U.S.-based technology companies to hand over any data the government wants， regardless of whether it is stored on servers in the U.S. or on foreign soil.
　　China has nearly 900 million Internet users， and a massive amount of data is generated every day. The security of data is vital for the privacy of the users， the intellectual property rights of enterprises， and national security. The Chinese Government has in recent years stipulated multiple laws to guarantee data security， including the Cybersecurity Law， Intelligence Law and Anti-Terrorism Law. A data security law and a personal information protection law are under consideration.
　　But even as states enhance their own data security and sovereignty， concerted global efforts are hard to implement due to lack of coordination of their policies. The absence of international rules has increasingly become a stumbling block for the development of the global digital economy and international cooperation.

Acting together

　　China’s legislation can be viewed as being exploratory since data security protection is a new area. But some of its efforts have been misinterpreted by the international community. So the initiative， as an offi cial statement of China’s position on data security， responds to those concerns.
　　For example， some countries have recently accused China of being non-transparent in its data protection policies and forcing Chinese enterprises to transfer their overseas data back home. The initiative says states should not request domestic companies to store data generated and obtained overseas in their own territory.
　　It is also a response to the U.S. administration’s Clean Network program， which calls for clean carrier， clean store， clean apps， clean cloud and clean cable. However， its critics regard it as an initiative to upgrade American containment and suppression of Chinese technology companies such as Huawei and digital products like TikTok on the ground of so-called national security concerns.
　　This， besides violating China’s national security， also affects the security of global supply chains and the innovation environment in cyberspace. In the long run， such unilateral actions will further split cyberspace and pose serious threats to global economic growth and people’s wellbeing.
　　On the other hand， the initiative proposed by China is not unilateral. It upholds multilateralism， fairness and justice， and calls on all countries， international organizations and other stakeholders to participate in the rule-making process on an equal basis to forge a community with a shared future for all in cyberspace. Wang said China is open-minded to good ideas and suggestions from all.

　　If governments， international organizations， information technology companies， technology communities， civil organizations and all other actors join the discussions， the ensuing extensive consultations will lead to joint contributions and shared benefi ts.
　　China has already given its inputs on digital governance at multilateral forums like the UN， Group of 20， BRICS and the ASEAN Regional Forum. It should continue the diplomatic drive on more international platforms like the Shanghai Cooperation Organization and Forum on China-Africa Cooperation to seek wider international support for the initiative. 　　In addition， it can be promoted through bilateral cooperation dialogues with other countries. A consensual global initiative will contribute to cybersecurity and the development of the global digital economy.
　　Key Points of the Global Initiative on Data Security
　　● States should handle data security in a comprehensive， objective and evidencebased manner， and maintain an open， secure and stable supply chain of global information and communications technology （ICT） products and services.
　　● States should stand against ICT activities that impair or steal important data of other states’ critical infrastructure， or use the data to conduct activities that undermine other states’ national security and public interests.
　　● States should take actions to prevent and put an end to activities that jeopardize personal information through the use of ICTs， and oppose mass surveillance against other states and unauthorized collection of personal information of other states with ICTs as a tool.
　　● States should encourage companies to abide by laws and regulations of the state where they operate. States should not request domestic companies to store data generated and obtained overseas in their own territory.
　　● States should respect the sovereignty， jurisdiction and governance of data of other states， and shall not obtain data located in other states through companies or individuals without other states’ permission.
　　● Should states need to obtain overseas data out of law enforcement requirement such as combating crimes， they should do it through judicial assistance or other relevant multilateral and bilateral agreements. Any bilateral data access agreement between two states should not infringe upon the judicial sovereignty and data security of a third state.
　　● ICT products and services providers should not install backdoors in their products and services to illegally obtain users’ data， control or manipulate users’ systems and devices.
　　● ICT companies should not seek illegitimate interests by taking advantage of users’dependence on their products， nor force users to upgrade their systems and devices. Products providers should make a commitment to notifying their cooperation partners and users of serious vulnerabilities in their products in a timely fashion and offering remedies.