China takes the lead in global initiative on data security

The foreign minister reaffirmed that States should foster an open, fair and non-discriminatory business environment for mutual benefit, win-win outcomes and common development. At the same time, he said that States have the responsibility and right to ensure the security of crucial personal and finance to enhance their national security, public security, economic security and social stability.

“We welcome governments, international organizations, ICT companies, technology communities, civil organizations, individuals and all other actors to make concerted efforts to promote data security under the principle of extensive consultation, joint contribution and shared benefits.”

Yi underscored the need for all parties to step up dialogue and cooperation on the basis of mutual respect, and join hands to forge a community with a shared future in cyberspace placing peace, security, openness, cooperation and order at the core.

For the above to happen, Yi proposed the following measures:

• States should handle data security in a comprehensive, objective and evidence-based manner, and maintain an open, secure and stable supply chain of global ICT products and services.
• States should stand against ICT activities that impair or steal important data of other States' critical infrastructure or use the data to conduct activities that undermine other States' national security and public interests.
• States should come up with measures to prevent and put an end to activities that jeopardize personal information through the use of ICTs and oppose mass surveillance against other States and unauthorized collection of personal information of other States with ICTs as a tool.
• ICT companies should abide by laws and regulations of the State where they operate. States should not request domestic companies to store data generated and obtained overseas in their own territory.
• States should respect the sovereignty, jurisdiction and governance of data of other States, and shall not obtain data located in other States through companies or individuals without other States' permission.
• Should States need to obtain overseas data out of security concerns like combating crime, they should do it through judicial assistance or other relevant multilateral and bilateral agreements. Any bilateral data access agreement between two States should not infringe upon the judicial sovereignty and data security of a third State.

China also warned against the use of underhand dealings, saying ICT providers should not install backdoors in their products and services to illegally obtain users' data, control or manipulate users' systems and devices. “ICT companies should not seek illegitimate interests by taking advantage of users' dependence on their products, nor force users to upgrade their systems and devices.”

In good faith, ICT companies should make a commitment to notify their partners and users of flaws in their products in a timely fashion, and offering remedies to mitigate against any infringement or loss. China called for global cooperation by both governments and service providers to ensure that this initiative is a success, calling for the follow-through of all the above commitments through bilateral, regional and international agreements.