When data becomes the “lifeblood” of the new economy

“The Economist” performed a classic image of Mark Zuckerberg, the founder of the American social giant “Facebook” on the cover of the magazine.

In that photo, Zuckerberg’s head was “crowned” on the statue of Emperor Caesar in ancient Rome. His face that was originally expressionless like a robot, because of this “grafting”, showed a trace of weight and majesty. The caption of the photo reads: “The ambition of the empire”.

Zuckerberg’s “ambition” is fully reflected in the collection and leakage of big data. In March 2018, more than 50 million user data on Facebook was leaked by a company called Cambridge Analytical. The Cambridge Analytica scandal triggered rhetoric against Zuckerberg and Facebook by the media and netizens at the time. The public discovered that those personal data were used to predict and influence the vote of voters in the 2016 U.S. presidential election. At that moment, data is no longer cold data, it really plays the role of “building” the world and affects the operation of the country.

Three years later, the influence of big data continues to grow. In China, it is also the news of some Internet companies and data, which has aroused more people’s concerns and worries about data security. Why is data so important today? In the context of highly globalization, from individuals to companies to countries, how can we protect our important data?

Infinite wealth
In a modern society, big data is very close to people. People leave traces of browsing on various platforms and post updates on social software every day. These inadvertently generate data, which is collected into a huge collection. However, people sometimes feel that the data is far away, because they are accustomed to it because they are accustomed to using various electronic devices and the Internet.

Therefore, when data and security are linked together, many people think of their privacy first. The products that were inadvertently mentioned in the chat with friends the day before appeared in the recommendation content of my shopping platform the next day; I just got married last month, and immediately received various invitations to take wedding photos. These became The typical data leakage of contemporary people also makes people feel that there is nowhere to put privacy.

While many people still regard data as privacy, the importance of data in the Internet age has long ceased to remain at the level of “personal privacy”. Regarding this point, some scholars pointed out that even for international communication studies involving data issues, before this, data was only regarded as a privacy issue, and data flow and privacy protection were regarded as opposite ends. However, the Facebook data breach scandal tells the world that data can even affect key political elections. According to Xu Kaihua, a researcher at the Center for Chinese Contemporary Culture Research at Shanghai University, some people’s previous views on data have overlooked that data has become the “lifeblood” of the new economy and is a productive “energy” close to oil. “Data should be understood as the’means of production’ of platform capitalism in the Internet age. People are beginning to realize that in addition to data affecting the political game between countries through “data sovereignty”, the era of data economy, which is the core driving force, is coming.

According to statistics, between 2011 and 2016, global mobile data traffic has increased by 18 times. In this regard, the McKinsey Global Institute estimated in 2016 that various forms of global flow will increase global GDP by at least 10% (approximately US$7.8 trillion), of which Internet data flow accounts for US$2.8 trillion, and digital trade and cross-border The growth rate of data flows will exceed the overall growth rate of global trade. As early as 2014, there were data showing that the flow of data has increased the US GDP by 3.4% to 4.8% and created 2.4 million jobs.

In China, in the “Decision of the Central Committee of the Communist Party of China on Several Major Issues Concerning Upholding and Improving the Socialist System with Chinese Characteristics and Promoting the Modernization of the National Governance System and Governance Capacity” adopted by the Fourth Plenary Session of the 19th Central Committee of the Communist Party of China in 2019, “data” was first proposed as a production factor. distribute.

Therefore, from the perspective of macro rather than personal privacy, the importance of data and data security to the economic development of enterprises and even countries is self-evident. So, at the micro level, why can data have such an impact on the economic development of modern society? In previous research, Xu Caihua mentioned that nowadays cloud technology is booming. Although governments in various countries generally encourage companies to store data locally instead of overseas, the cross-border data flow through the cloud has promoted the diffusion of innovation to a certain extent. This has given birth to new companies, and global companies and individuals can share data, design experiments, and analyze results, which greatly benefits people’s work and ultimately creates infinite wealth.

At present, on a global scale, data as an emerging “material of production” affects the operation of human society in the political and economic fields. This influence is continuous and silent, but the influence is beyond most people’s imagination.

Unavoidable contradiction
Data can create huge wealth today, and it will naturally cause various contradictions and disputes because of benefits. On the one hand, economic globalization and data flow do not require much cost, which makes “data globalization” more and more irreversible; on the other hand, due to the economic value brought by “data sovereignty” and data production, countries in recent years They have adopted technical means and issued policies and regulations, hoping to control the data by themselves as much as possible, instead of handing over citizens’ data to Internet giants around the world, that is, to achieve “data localization”.

Therefore, the contradiction between cross-border data flow and “data localization” will inevitably form. However, some scholars have pointed out that this contradiction is not an irreconcilable and complete opposition. If you can build a system for cross-border data flow that suits your own national conditions, you can still achieve a balance between free flow and data security.

At present, the issue of how to protect data security is subject to the diversity of political, economic, and cultural factors. There is no “standard answer” for all countries, and it is more of a spontaneous behavior. These spontaneous behaviors reflect the different attitudes of different countries towards this contradiction.

From the perspective of market value, American Internet companies are undoubtedly in a leading position. However, from the “Prism Gate” incident in 2013 to the data scandal on Facebook in 2018, these have caused the United States, which is at the forefront of the Internet era, to pay attention to measures and regulations in the field of data security. Domestic scholars have pointed out that the “Cloud Act” promulgated during Trump’s presidency “is an important measure taken by the United States to establish global data hegemony, directly serving the United States’ unlimited data. Hungry and thirsty”.

Specifically, the “Cloud Act” provides a legal basis for intelligence investigation agencies such as the US Federal Bureau of Investigation (FBI) to retrieve data from abroad. If companies do not provide corresponding content, it is illegal. The “Cloud Act” only allows “eligible” foreign governments that have signed an administrative agreement with the US government to send requests for assistance in investigations and data retrieval to organizations in the US.

“The United States advocates Internet freedom, but his freedom is not really equal freedom. The United States hopes to freely retrieve data from foreign companies in the United States, but it does not have a unified requirement for itself.” Xu Kaihua told Xinmin Weekly .

Unlike the United States, the European Union’s “General Data Protection Regulation” (GDPR), which was formally implemented and passed on May 25, 2018, provides another way to protect data security at the national level. This regulation is regarded as “the most stringent personal information protection regulation in history”, and its scope not only covers the entire EU, but also has legal effect on third-country enterprises and institutions related to the EU but not within the EU.

After the implementation of the GDPR, since China is not on the “white list” of third countries, it has put tremendous pressure on domestic Internet companies that also have a wide range of users in Europe. Some companies have begun to set up special response teams to make themselves comply with GDPR data transmission requirements as soon as possible.

In addition, under the influence of GDPR, many non-EU countries have revised their data protection laws accordingly to align with EU standards. The EU’s cross-border data flow texts with other countries are usually drafted by the EU, and these signs show the EU’s right to speak in the field of international data security.

How should China respond to such restrictions? In June 2019, the “Measures for the Security Evaluation of the Exit of Personal Information (Draft for Comment)” comprehensively strengthened the protection of my country’s exit of personal data. On June 10, 2021, the 29th meeting of the Standing Committee of the 13th National People’s Congress passed the “Data Security Law of the People’s Republic of China”, in which Article 7 states: “The state protects individuals, organizations and Data-related rights and interests, encourage the rational and effective use of data in accordance with the law, ensure the orderly and free flow of data in accordance with the law, and promote the development of a digital economy with data as a key element.” Article 8 states: “Fulfill data security protection obligations and assume social responsibilities. Endanger national security and public interests, and must not harm the lawful rights and interests of individuals and organizations.”

Zuckerberg’s Facebook “Magic Gourd”. Comics/Cui Hong

Coupled with the “Cyber ​​Security Law” and other regulations, it can be said that China is currently at the forefront of Asia in terms of data protection. In Xu Kaihua’s view, facing the contradiction between data security and freedom, China is currently finding a model of its own. “As a late-comer country, China cannot completely imitate Europe’s stringent new data law, take the initiative to put the shackles on the growing digital economy, and give up the opportunity of overtaking in corners. We are trying our best to promote it on the premise of improving the level of personal protection. Big data is the “legal rise” of the formal economy.

Invisible battle
In addition to the protection of data security by relevant government departments, there are also many domestic companies that focus on network security contributing their own strength. Know Chuangyu, founded in 2007, is one of them. From the cyber security of major national events, to the fight against cyber fraud, to the protection of corporate data security, in recent years, Chuangyu has accumulated its own “experiences” in dealing with data security threats.

The invisible battle has already begun in the huge data world. Those behaviors that threaten data security are becoming more and more difficult to identify, and the boundary between state behavior and the spontaneous organization of hackers has become blurred. It is foreseeable that protecting data security will be a frequently discussed topic in the future.

From the early years of the popularization of the Internet, Internet viruses and hacker attacks are nothing new to Chinese netizens. However, in the era of big data, hackers’ attack methods are constantly escalating, and the response of big data security companies is also constantly changing. In an interview with Xinmin Weekly, Zhang Yongbo, general manager of Chuangyu’s defense product line, mentioned a significant change: using big data to protect big data itself is becoming the norm.

“In the past, it may have been hacked, and after data security has been threatened, we will make up for it; now we will use big data monitoring to detect hacker behaviors in advance, such as stealing data, tampering with information, and large-scale data crawling. We have a Set up a complete hacker attack capture plan, and then build a big data threat intelligence database, and finally realize it in advance.” Zhang Yongbo said.

Data security has become more and more important, and higher requirements have been put forward for companies with large amounts of data. Zhang Yongbo told Xinmin Weekly: “In the past, when companies found their data was stolen, they would feel that they were victims. But now that the data economy is so developed, the corporate social responsibility has become correspondingly greater. If you can’t protect your key data, you may still Should bear corresponding responsibilities.”

In October 2020, after the 3rd anniversary of the launch of Orange, the Didi Map Division announced a set of data at the annual meeting of the Chinese Society of Surveying and Mapping: The accuracy rate of the basic data of Didi Map has exceeded 95%, and the daily new trajectory data exceeds 108TB. In addition, 550 million passengers will report hundreds of thousands of traffic incidents every day. More than 10 million Didi vehicles pass through Orange Vision every day to become Didi’s street view real-time surveying and mapping vehicle and an important platform for mastering my country’s urban and rural high-precision surveying and mapping data. Once these data are obtained by the United States, national security is bound to face a great crisis.

The United States enacted the Foreign Company Accountability Act (HFCA) in 2020, which requires companies going to the United States to accept the review of the accounting papers of the Public Company Accounting Supervision Committee. This has become the focus of the confrontation between the US Securities Regulatory Commission SEC and the China Securities Regulatory Commission CRSC. The audit manuscript is important because the audit report contains important business secrets of the company. Including customer and user data, board of directors, meeting minutes between middle and senior management, communication documents on important internal and external businesses and operations, summary of issues, program forms, and even emails. Therefore, it is not difficult to understand why companies have strict requirements on the reputation of the firm when hiring an accounting firm to conduct audits. Many Chinese companies that go public in the United States are leaders in various industries. Just like Didi, Boss direct hire, Yunmanman, truck gang, etc., once the U.S. passes the SEC and obtains all the audit papers of these companies, it can analyze China’s urban and rural consumption capacity, and then deduce China’s economic strength, not to mention Talk about the impact on important departments and national security, because these can use correlation analysis to produce a lot of data.

As an Internet company with huge basic data, how to protect its own data security? Relevant expert suggestions for attending the 2021 World Artificial Intelligence Conference Security High-end Dialogue:

One is to do a good job in data classification and hierarchical control. Internet companies should classify and categorize important data and core data related to national security, the lifeline of the national economy, important people’s livelihood, and major public interests; public data related to platform business and user data involving a large number of personal privacy. And use data identification tools to automatically mark the above data, and combine the hierarchical protection strategy to carry out “legal, compliant, and reasonable” automated and refined security control for the company’s massive data.

The second is to control the security of the entire life cycle of data. For data of different security levels, clarify the security protection requirements for all aspects of the data life cycle such as collection, transmission, storage, use, and deletion.

The third is to establish a complete data security monitoring and early warning mechanism. Through the construction of a data security risk monitoring platform, early warning and response to data security risks. Based on multiple dimensions such as sensitive data, strategies, and data flow baselines, it monitors, audits, and analyzes data production flow and data operations, and timely discovers abnormal data flow and abnormal data operation behaviors, and generates alarms and outputs reports. Conduct comprehensive deployment and control of personnel, businesses, systems, and partners, conduct risk identification and early warning, and effectively improve risk early warning capabilities and risk operation capabilities to achieve data security risk prevention and control at all stages of the data life cycle.

The invisible battle has already begun in the huge data world. Those behaviors that threaten data security are becoming more and more difficult to identify, and the boundary between state behavior and the spontaneous organization of hackers has become blurred. It is foreseeable that protecting data security will be a frequently discussed topic in the future.