A new data regulation body that China is reportedly set to create is expected to clarify and establish new data sovereignty rules for multinational companies and accelerate tech-based initiatives such as public administration services built on anonymised citizen data.
The new government body will streamline data governance policies in the country, amid increasing confusion from businesses that deal with multiple bodies presiding over different aspects of data governance within the country's borders, according to a Wall Street Journal report citing sources familiar with the issues.
“The Chinese government is dedicated to helping organisations operating in the domestic market, both multinational corporations (MNCs) and local ones, to identify, consume, and protect data for security, privacy, and sovereignty throughout the lifecycle by a range of established regulations such as cybersecurity law (CSL), data security law (DSL), and personal information protection law (PIPL), which is similar to European Union’s GDPR,” said Charlie Dai, research director at analyst firm Forrester.
“The big data bureaus on a provincial level have been established for years, and this national bureau will help in the coordination and governance from a central government perspective,” Dai added.
The Cyberspace Administration of China, the country’s Ministry of Industry and Information Technology, as well as the National Development and Reform Commission, all currently share responsibility for data governance in the country.
The final decision to set up the regulatory body is expected to be examined at the annual session of the National People’s Congress that runs through March 13, according to Wall Street Journal report.
China’s data watchdog to accelerate digital initiatives
China’s president Xi Jinping has been promoting the idea of a digital economy in order to compete with other nations globally and the new data watchdog, according to Forrester principal analyst Sam Higgins, will accelerate initiatives such as data-based government online services.
“It is important to note that the creation of a National Data Bureau in China mimics the similar establishment of regulatory bodies in the region and the globe intended to help accelerate digital initiatives by better leveraging the vast data resources of governments worldwide,” Higgins said, giving the example of Australia creating the National Data Commission in 2021.
In India, the government has said that it will make its identity management and digital payments systems available to other nation via open APIs, under the Indiastack.global project.
When the new data regulator gets a green light, it could become the only Chinese watchdog that looks after issues such as what, if any, data can be exported by multinational companies operating in China and what kind of consumer data can or cannot be collected by businesses in the country.
Over the last two years, the Chinese government has already cracked down on multinational companies by requring them to store citizens’ data within its borders.
The Wall Street Journal also reported that the new watchdog agency, which is likely to be very similar to China’s Anti-Monopoly Bureau in stature and management, would have the powers to investigate digital data fraud, cybercrimes and issues such as data-security vulnerabilities.
Several other countries including the US and India have been working on introducing federal data privacy laws.
In 2018, the European Union introduced broad data privacy regulations in the form of its General Data Protection Regulations (GDPR), which has become a sort of template for nations around the world.