Wednesday, February 09, 2022

Algorithmic Law: 欧黎 坚持党管数据 保障数据安全 (Ou Li: Adhere to the party's management of data and ensure data security) (30 August 2021)

 

Pix Credit HERE

 

One of the most significant potentials of the move from traditional to algorithmic law is its potential effects as a substitute for markets. That is, theoretically, at least, it may be possible--with enough robust data--to build a model of a market, and then use that model both to describe current actions and to predict future movements.  Yet such modeling can do more than that--the ability of models to "travel" to the future, based on the algorithms and analytics that make that possible, also presents the opportunity to experiment with future effects by changing one of more of the factors in the analytics. At its limit, the analytics becomes the thing that is modeled--and the thing that is modeled becomes the expression of the algorithm. (See a more theoretical discussion from a normative perspective in "Objective Subjectivities and the Simulacra of Semiotics in the New Era: Of the Simulation of Signification and of the Modeling and Objectification of Meaning Making" Remarks Delivered at the "The Rearguard of Subjectivity In Honor of Jan M. Broekman’s 90th Birthday").

For classical Marxist Leninist systems this would contribute greatly to what had once been a core hope--to eliminate markets in favor of centrally planned economies.  In effect, the ability not just to transpose markets into its own simulacra and then to experiment with management of that simulation to see what might happen, would invert the relationship between market and regulatory apparatus. It is already inherent in the evolution of the economic planning at the heart of the central planning enterprise in European Marxism--for example in Cuba (See, Cuba's Caribbean Marxism (2018); Chapter 6: The Ideology of Central Planning in the Economic and Social Development Plan 2030).

China appears, consciously or not, to be moving in that direction. At a minimum China appears to be engaging in a regulatory enterprise that may make it much easier to begin to develop the big data (probably AI assisted) mechanisms for the production of markets simulation with both predictive and managerial effects. A small but of evidence of that movement might be gleaned form a recent article: 欧黎 坚持党管数据 保障数据安全 (Ou Li: Adhere to the party's management of data and ensure data security) (30 August 2021) reproduced on the CPC News Website for broad circulation. What makes the article more interesting perhaps is that 欧黎 Ou Li is Secretary of the Party Committee and Chairman of China Hualu Group Co., Ltd. (real estate development. The Company provides housing renovation, housing loans, real estate brokerage, property management, and other services). Nothing revolutionary here, but an indication that is worth keeping in mind, especially in the "modeling race" between liberal democratic and Marxist Leninist systems). The abstract suggests its objective:

【Abstract】In 2020, the "Opinions of the Central Committee of the Communist Party of China and the State Council on Building a More Perfect Factor Market-oriented Allocation System and Mechanism" pointed out that "accelerating the cultivation of the data factor market". Currently, data has been regarded as one of the five factors of production alongside land, labor, capital, and technology. Big data is not only an important production resource, but also a governance resource as important as the "gun" and "pen". It is extremely important to the long-term stability of the country and the competition of comprehensive national strength. Central enterprises in the Internet and information industry must deeply understand, study and implement the "Data". The political significance of the Security Law, give full play to technical advantages, and continuously improve the party's ability to manage data. 【摘 要】2020年《中共中央 国务院关于构建更加完善的要素市场化配置体制机制的意见》指出,“加快培育数据要素市场”。当前,数据已被视作与土地、劳动力、资本、技术并列的五种生产要素之一。大数据不仅是重要的生产资源,更是和“枪杆子”“笔杆子”一样重要的执政资源,对国家长治久安和综合国力竞争具有极端重要性,网信类中央企业要深刻领会、学习贯彻《数据安全法》的政治意义,充分发挥技术优势,不断提高党管数据能力水平。

 The focus is on data and on its critical contribution both to the development of productive forces (the central thrust of the essay) but also as the building blocks for the construction of the analytics necessary for the modeling on which smart cities and the next generation of regulatory approaches to the rationalization of human activity are likely to be built in China. The essay follows in the original Chinese along with a crude English translation. 

Adhere to the party's management of data and ensure data security

Ou Li [1] (1967-), Chongqing native, master of engineering, researcher.
He is currently the Secretary of the Party Committee and Chairman of China Hualu Group Co., Ltd. [2]


August 30, 2021 09:29

【Abstract】In 2020, the "Opinions of the Central Committee of the Communist Party of China and the State Council on Building a More Perfect Factor Market-oriented Allocation System and Mechanism" pointed out that "accelerating the cultivation of the data factor market". Currently, data has been regarded as one of the five factors of production alongside land, labor, capital, and technology. Big data is not only an important production resource, but also a governance resource as important as the "gun" and "pen". It is extremely important to the long-term stability of the country and the competition of comprehensive national strength. Central enterprises in the Internet and information industry must deeply understand, study and implement the "Data". The political significance of the Security Law, give full play to technical advantages, and continuously improve the party's ability to manage data.

【Key words】Party management of data; Data security; Responsibility of central enterprises

The "Data Security Law of the People's Republic of China" (hereinafter referred to as the "Data Security Law") will be officially implemented on September 1, 2021, which fully demonstrates that the country attaches great importance to data security. General Secretary Xi Jinping emphasized: "It is necessary to effectively ensure national data security. It is necessary to strengthen the security protection of key information infrastructure, strengthen the protection capability of key national data resources, and enhance data security early warning and traceability capabilities." The "Data Security Law" regulates data from various aspects The overall layout and strategic planning at the macro level have been carried out for the protection and utilization of the system, and the rights and obligations are also clarified. As a central enterprise directly managed by the State-owned Assets Supervision and Administration Commission of the State Council, China Hualu Group should conscientiously study and implement the relevant provisions of the "Data Security Law", and continuously improve the party's ability and level of data management.

Deeply understand the political attributes of central enterprises, and earnestly understand the significance of studying and implementing the "Data Security Law"

Political attributes are the fundamental attributes of central enterprises. Only when you have a clear political understanding can you accurately comprehend it in thought and implement it in action. Adhering to the surname of the party and the high standard of central enterprises requires us to give full play to the advantages of party building in central enterprises, further strengthen the unified leadership of the party committee over network security and informatization work, and establish and improve the system and mechanism for the party to manage data. It is necessary to deeply understand the political significance of studying and implementing the "Data Security Law", put data security and development on the important agenda of the party committee, and use the big data thinking method to manage risk prevention, strategic development, and talent cadres.

Studying and implementing the "Data Security Law" is an inevitable requirement for implementing the overall national security concept. Data security is related to national security. The "Data Security Law" makes it clear that the central national security leading agency is responsible for the decision-making and deliberation and coordination of national data security work, researching, formulating and guiding the implementation of relevant major principles and policies, and coordinating major issues and important tasks. National data security work coordination mechanism to achieve the highest decision-making. When central enterprises study and implement the Data Security Law, they adhere to the overall national security concept, and implement the top-level design of my country's data security governance with practical actions from the perspective of responding to national security risks in the non-traditional field of data.

Studying and implementing the "Data Security Law" is a concrete manifestation of implementing the policy of governing the country by law and governing the enterprise by law. The "Data Security Law" implements classification and grading protection of data. The relevant state departments will formulate important data according to the importance of data in economic and social development, and the degree of harm caused by tampering, destruction, leakage or illegal acquisition or use. At the same time, data related to national security, the lifeline of the national economy, important people's livelihood, and major public interests are defined as national core data, and a stricter management system is implemented. Central SOEs are responsible for the construction of public infrastructure such as cities, energy, public health, finance, and emergency response. As processors of important data and even national core data, they should study and implement the Data Security Law, clarify the person in charge of data security and management agencies, and implement them. Data security protection responsibility, regular risk assessment of data processing activities, and submission of risk assessment reports to relevant competent authorities is a due legal obligation.

Studying and implementing the "Data Security Law" is an important measure to implement the national strategic deployment of the digital transformation of central enterprises. Digital transformation is an important means to transform and enhance traditional kinetic energy and cultivate new kinetic energy for development. The State-owned Assets Supervision and Administration Commission of the State Council clearly stated in the "Notice on Accelerating the Digital Transformation of State-owned Enterprises" that state-owned enterprises should build a data governance system and strengthen the security management of platforms, systems and data. The study and implementation of the "Data Security Law" by central enterprises is an important measure to take the initiative to shoulder the mission and build a new engine for high-quality development of enterprises.

Give full play to the technological advantages of central enterprises in the network and information category, and continuously improve the level of the party's ability to manage data

Internet and information central enterprises have relatively advanced digital technology and rich data resources, and are an important part of the national data security system. Whether it is data development and utilization and industrial development, data trading market cultivation, data life cycle compliance management system and process, or the establishment of data risk assessment mechanism, the central enterprises of the Internet and information industry will be irreplaceable backbones.

Adhere to overall development and security, and promote data security through data development and utilization and industrial development. Give full play to professional advantages, actively assist governments at all levels to formulate digital economy development plans, build data infrastructure, and promote data innovation and application. Up to now, Hualu Group has deployed data lakes in more than 30 cities across the country, building data infrastructure through central and local governments, and comprehensively assisting the development of digital economy in various regions. The next step will continue to provide government departments and various market entities with basic professional services such as data extraction, data cleaning, data cataloging, data conversion, paper file digitization, and data express delivery to help break through data barriers between regions and break through data fragmentation. The bottleneck of data application is to promote the large-scale application of data resources. Participate in the linkage of government, industry, academia, and research, carry out relevant standard formulation, testing and certification, risk assessment, education and training, etc., jointly cultivate and develop data security products and industrial systems, stimulate new momentum for high-quality development, and effectively promote security through development.

Focus on giving full play to the role of the main body of enterprises, and help localities cultivate data trading markets. Actively participate in the establishment and improvement of data transaction management systems, standardize data transaction behaviors, and help the development of data markets in various regions. Explore new models of data asset management and financing such as the establishment of data banks and the development of data asset securitization business, research and formulate normative standards for data asset ownership confirmation, pricing, and property rights protection, and actively use blockchain, federated machine learning, secure multi-party computing and other privacy Calculate new technologies and new means, build a data asset circulation management and operation platform, provide government departments and various market entities with services such as data value assessment, data deposit and loan, data transaction intermediary, etc. Efficiency governance, asset-based transactions, and full-scenario applications empower industrial model innovation, transformation and upgrading, promote government data fusion, sharing and open applications, effectively release data dividends, and promote the development of the data element market.

Establish a comprehensive data compliance concept, and establish a data lifecycle compliance management system and process. The Data Security Law, the Cybersecurity Law of the People's Republic of China and other relevant regulations and national standards together form the legal system for data compliance governance. It is necessary to establish a comprehensive data compliance concept, build its own macro strategy and management system for data governance, and achieve data compliance governance goals through institutional constraints. Accelerate the construction of the group's data governance system, clarify the centralized management department for data governance, strengthen data standardization, metadata and master data management, and regularly evaluate the maturity of data governance capabilities. Establish compliance management systems and processes for the full life cycle of data, and build corresponding systems, processes, and operational guidelines for data collection, storage, use, processing, transmission, provision, and disclosure. Establish data classification and classification catalogs and important data catalogs. On the basis of internal data governance, establish or refine corresponding data protection catalogs and systems according to the specific catalogs of important data of the country, competent authorities and industries, and match the data classification and classification protection system. regulatory requirements.

Relying on the information security supervision platform of state-owned assets and state-owned enterprises, data risk assessment and disposal are carried out on a regular basis. According to the relevant deployment of the State's "Guiding Opinions on Accelerating the Construction of a National Integrated Big Data Center Collaborative Innovation System", the state-owned and state-owned enterprise integrated network security information big data platform entrusted by the State-owned Assets Supervision and Administration Commission of the State Council has been connected to 104 central enterprises and secondary units. The Internet exit nodes, of which 97 central enterprise headquarters are fully covered, have basically formed the ability to perceive and access the enterprise network security situation in an all-weather and all-round way. It is recommended to rely on this platform to carry out "horizontal to edge, vertical to the end" data security information linkage and capability sharing, build a big data-driven data security assurance system, establish a normalized data risk assessment mechanism, and systematically sort out potential data compliance risks. , and classify and dispose of in a timely manner; accelerate the cultivation of new formats of data security governance services, and improve the overall level of data security capabilities of state-owned and state-owned enterprises.

(The author is the Party Secretary and Chairman of China Hualu Group Co., Ltd.)

references:

[1] Xi Jinping Talks about Governance, Volume III [M]. Beijing: Foreign Languages ​​Press, 2020.

[2] Opinions of the Central Committee of the Communist Party of China and the State Council on Building a More Perfect Market-Based Allocation System and Mechanism for Factors (N). Xinhuanet, April 9, 2020.

[3] my country's Internet network security monitoring data analysis report (N) in the first half of 2021. "National Internet Emergency Center CNCERT" WeChat public account, July 31, 2021.

(Source: "Flag" magazine)


坚持党管数据 保障数据安全

欧黎 [1]  (1967-),重庆人,工学硕士,研究员。
现任中国华录集团有限公司党委书记、董事长。 [2]


2021年08月30日09:29    

【摘 要】2020年《中共中央 国务院关于构建更加完善的要素市场化配置体制机制的意见》指出,“加快培育数据要素市场”。当前,数据已被视作与土地、劳动力、资本、技术并列的五种生产要素之一。大数据不仅是重要的生产资源,更是和“枪杆子”“笔杆子”一样重要的执政资源,对国家长治久安和综合国力竞争具有极端重要性,网信类中央企业要深刻领会、学习贯彻《数据安全法》的政治意义,充分发挥技术优势,不断提高党管数据能力水平。

【关键词】党管数据;数据安全;央企责任

《中华人民共和国数据安全法》(以下简称《数据安全法》)将于2021年9月1日正式施行,这充分彰显了国家高度重视数据安全。习近平总书记强调:“要切实保障国家数据安全。要加强关键信息基础设施安全保护,强化国家关键数据资源保护能力,增强数据安全预警和溯源能力。”《数据安全法》从多个方面对数据的保护与利用进行了宏观层面的总体布局和战略规划,赋予了权利,也明确了义务。作为国务院国资委直管的中央企业,中国华录集团应当认真学习贯彻《数据安全法》有关规定,不断提高党管数据的能力和水平。

深刻认识中央企业政治属性,认真领会学习贯彻《数据安全法》的重要意义

政治属性是中央企业的根本属性。政治上认识清醒,思想上才能精准领会,行动上才能贯彻到位。坚持央企姓党、高标站位,要求我们充分发挥中央企业党建优势,进一步加强党委对网络安全和信息化工作的统一领导,建立和完善党管数据的体制机制。要深刻领会学习贯彻《数据安全法》的政治意义,把数据安全和发展列入党委重要议事日程,以大数据的思维方法管好风险防范、管好战略发展、管好人才干部。

学习贯彻《数据安全法》是落实总体国家安全观的必然要求。数据安全事关国家安全,《数据安全法》明确,由中央国家安全领导机构负责国家数据安全工作的决策和议事协调,研究制定、指导实施有关重大方针政策,统筹协调重大事项和重要工作,建立国家数据安全工作协调机制,实现最高决策。中央企业学习贯彻《数据安全法》,就是坚持总体国家安全观,从应对数据这一非传统领域的国家安全风险角度,以实际行动落实我国数据安全治理的顶层设计。

学习贯彻《数据安全法》是落实依法治国依法治企方针的具体体现。《数据安全法》对数据实行分类分级保护,国家有关部门将根据数据在经济社会发展中的重要程度,以及一旦遭到篡改、破坏、泄露或者非法获取、非法利用造成的危害程度,制定重要数据目录;同时将关系国家安全、国民经济命脉、重要民生、重大公共利益等领域的数据定义为国家核心数据,实行更加严格的管理制度。中央企业担负着城市、能源、公共卫生、金融、应急等公共基础设施建设任务,作为重要数据甚至国家核心数据的处理者,学习贯彻《数据安全法》,明确数据安全负责人和管理机构,落实数据安全保护责任,对数据处理活动定期开展风险评估,并向有关主管部门报送风险评估报告,是应尽的法律义务。

学习贯彻《数据安全法》是落实国家关于中央企业数字化转型战略部署的重要举措。数字化转型是改造提升传统动能、培育发展新动能的重要手段。国务院国资委在《关于加快推进国有企业数字化转型工作的通知》中明确要求,国有企业要构建数据治理体系,加强平台、系统和数据等安全管理。中央企业学习贯彻《数据安全法》,是主动扛起使命担当、打造企业高质量发展新引擎的重要举措。

充分发挥网信类中央企业技术优势,不断提高党管数据能力水平

网信类中央企业拥有比较先进的数字技术和丰富的数据资源,是国家数据安全体系的重要组成部分。无论是数据开发利用和产业发展、数据交易市场培育、数据全生命周期合规管理制度流程,还是数据风险评估机制建立等多方面工作,网信类中央企业都将是不可替代的中坚力量。

坚持统筹发展和安全,以数据开发利用和产业发展促进数据安全。充分发挥专业优势,积极助力各级政府制定数字经济发展规划,建设数据基础设施,推动数据创新应用。截至目前,华录集团已在全国布局30多个城市数据湖,通过央地共建数据基础设施,全面助力各地数字经济发展。下一步将继续为政府部门和各类市场主体提供数据抽取、数据清洗、数据编目、数据转换、纸质档案数字化、数据快递等基础性专业服务,助力打通地区间数据壁垒,突破数据碎片化导致的数据应用瓶颈,推动数据资源的规模化应用。参与政、产、学、研联动,开展相关标准制定、检测认证、风险评估和教育培训等,共同培育、发展数据安全产品、产业体系,激发高质量发展新动能,切实以发展促进安全。

注重发挥企业主体作用,助力各地培育数据交易市场。积极参与建立健全数据交易管理制度,规范数据交易行为,助力各地数据市场融通发展。探索建立数据银行、开展数据资产证券化业务等数据资产管理和融通新模式,研究拟定数据资产确权、定价、产权保护等规范标准,积极运用区块链、联邦机器学习、安全多方计算等隐私计算新技术新手段,建设数据资产流通管理和运营平台,为政府部门和各类市场主体提供数据价值评估、数据存贷、数据交易中介等服务,实现数据的低成本汇聚、规范化确权、高效率治理、资产化交易和全场景应用,赋能产业模式创新和转型升级,推动政府数据融合共享和开放应用,有效释放数据红利,促进数据要素市场发展。

树立全面数据合规理念,建立数据全生命周期合规管理制度与流程。《数据安全法》《中华人民共和国网络安全法》及其他相关法规、国家标准共同组成了数据合规治理的法律体系。必须树立全面数据合规理念,构建自身数据治理的宏观策略和管理制度,通过制度约束,达到数据合规治理目标。加快集团数据治理体系建设,明确数据治理归口管理部门,加强数据标准化、元数据和主数据管理工作,定期评估数据治理能力成熟度。建立数据全生命周期合规管理制度与流程,针对数据的收集、存储、使用、加工、传输、提供、公开等,构建相应的制度、流程、操作指引。建立数据分级分类目录及重要数据目录,在做好内部数据治理的基础上,根据国家、主管部门、行业重要数据具体目录建立或细化相对应的数据保护目录和制度,匹配数据分类分级保护制度的监管要求。

依托国资国企信息安全监管平台,常态化开展数据风险评估和处置。按照国家《关于加快构建全国一体化大数据中心协同创新体系的指导意见》有关部署,国务院国资委委托建设的国资国企一体化网络安全信息大数据平台,已接入104个中央企业及二级单位互联网出口节点,其中97家中央企业总部全覆盖,基本形成全天候、全方位感知接入企业网络安全态势的能力。建议依托该平台,开展“横向到边、纵向到底”的数据安全信息联动和能力共享,构筑大数据驱动的数据安全保障体系,建立常态化的数据风险评估机制,系统梳理潜在的数据合规风险,并及时进行分类处置;加快培育数据安全治理服务新业态,整体提升国资国企数据安全能力水平。

(作者系中国华录集团有限公司党委书记、董事长)

参考文献:

[1] 习近平谈治国理政第三卷[M].北京:外文出版社,2020年.

[2] 中共中央 国务院关于构建更加完善的要素市场化配置体制机制的意见(N).新华网,2020年04月09日.

[3] 2021年上半年我国互联网网络安全监测数据分析报告(N).“国家互联网应急中心CNCERT”微信公众号,2021年07月31日.

(来源:《旗帜》杂志)


No comments:

Post a Comment