On 3 January 2023, the Ministry of Industry and Information Technology (MIIT) and other 15 ministerial departments jointly issued the Guiding Opinions on Promoting the Development of Data Security Industry (hereinafter referred to as the Guiding Opinions) in support of Data Security Law. As data has become an important factor of production and core engine of economic development, the development of data security industry is of great significance in terms of empowering various industries, releasing the value of data elements, as well as consolidate the foundation of the construction of digital economy.

The Guiding Opinions are positioned as a top-level policy document for the data security industry. The overall considerations for the introduction of the document include:

  1. The Guiding Opinions firstly is to support the implementation of the Data Security Law and the implementation of the national data security coordination mechanism. The general idea is to spur the data security development through creating a favorable environment under the guidance of the policy.
  2. The second consideration is to clarify the task of data security industry development. Namely, it’s required to focusing on the types of demands: data security protection and data development &utilization, the main tasks of industrial development are defined in multi-dimensional and hierarchical ways, and technology, products and services are provided to ensure national data security from the supply side.
  3. Third, create an ecosystem for the development of the data security industry. We will strengthen the construction of the standard system and the training of professional talents to create a sound development environment and ensure the healthy and sustainable development of the industry.

The Guidance focuses on data security protection and the development and utilization needs of related data resources: First, it puts forward the general requirements for promoting the development of data security industry, including guiding principles and basic principles, and puts forward industrial development goals according to the two stages of 2025 and 2035. The second is to define seven key tasks to promote the development of data security industry in two levels. One level is focused on what the industry itself should do, and it defines four key tasks to enhance the innovation ability of the industry, strengthen data security services, promote the construction of standard system and promote the application of technology products. Three key tasks were identified: building an ecosystem of industrial prosperity, strengthening talent supply and deepening international cooperation and exchanges. Third, in order to ensure the implementation of the Guidance and effectively promote the healthy development of the industry, three safeguard measures were put forward to strengthen the organization and coordination, increase policy support and optimize the industrial development environment.