The 14th Five-Year Plan for National Economic and Social Development of the People’s Republic of China and the Long-Range Objectives Through the Year 2035 has pointed out the direction for digital transformation in the new era. Data security is of great significance to the national digital transformation strategy, and the security governance and value release of network data have become a reference for all parties in formulating digital transformation plans. However, there are still numerous problems in the process of data governance. The current task is to analyze data security governance, identify the root causes, and promptly adopt targeted measures to address these issues.
I. Current Problems in Data Governance
In recent years, the cloud computing and big data industries have accelerated their development and have become important technical cornerstones of the digital transformation strategy. During this process, relevant data security issues have continued to emerge, bringing many uncertainties to the full realization of the value of data resources.
(I) Lack of Evaluation Standards for Data Quality
With the popularization of smartphones, the number of Internet users in China has grown rapidly, and user-generated data has also shown explosive growth. However, many industries have not formulated overall plans for data resources, resulting in statistical work failing to meet expectations and making it difficult to estimate the volume of data. Especially in the field of government public services, when users handle personal business, they often have to deal with multiple platforms, leading to the repeated recording of personal information and a lack of a unified data management authority. At the same time, the irregular and unreasonable management of relevant personnel has also brought many problems to data governance. Moreover, due to the lack of corresponding standards, it is difficult to ensure the real-time performance, integrity, and authenticity of data elements, making in-depth data mining work difficult to carry out and reducing the application value of data resources.
(II) Lack of Collaboration in Data Opening and Sharing
A large number of issues need to be addressed when opening and sharing data resources. From a technical perspective, in the process of system opening, enterprises often protect their own interests, resulting in incompatibility between their internal architectures, differences in applied technical standards, and variations in the software and hardware used for network data storage and transmission—all of which make data sharing difficult. From a regulatory perspective, China has not yet formulated laws and regulations on data opening, nor has it established the scope, methods, and standards for opening, leading to a continuous increase in the difficulty of data opening.
(III) Unclear Data Ownership
In the process of developing the value of data for digital transformation, the ownership of data elements is an urgent issue to be resolved. The issue of ownership cannot be avoided in any link of the data lifecycle. Many enterprises do not clarify ownership when collecting data, allowing the same data to be used in multiple projects. This seriously infringes on user privacy and may even lead to significant property losses. In addition, some enterprises often back up data in unconventional ways to evade supervision by government departments, further increasing the difficulty of determining data ownership.
(IV) Defects in Data Transaction Systems
One of the key factors in measuring the value of data transactions is the rapid circulation of data. Currently, many network data resources have strong timeliness, and their value varies in different links. Therefore, it is difficult to conduct effective evaluation and pricing, which frequently hinders transaction activities. Furthermore, due to the lack of an established management system, it is difficult for data owners and buyers to set prices, making transactions difficult to complete and affecting the normal circulation of data. In addition, data transactions often face risks related to security and storage, which reduce transaction efficiency and create many obstacles to the development of the entire market.
(V) Absence of a Security Assurance System
The security of network data directly determines the effectiveness of governance work. As the value of data resources continues to grow, the relevant industrial chain has also achieved significant development. Data resources have gradually been applied in a variety of scenarios, which has also promoted the in-depth application of new technologies such as data mining and data analysis. In this context, data security has become extremely important. Currently, a large amount of users’ personal data is collected in violation of regulations without their knowledge and used in various commercial projects. Some enterprises rely on data mining technology to illegally provide customized services to users, send spam messages, and induce users to purchase value-added services; some enterprises even engage in fraudulent activities. As a result, the information security of users cannot be guaranteed, which in turn triggers more problems and exerts a huge impact on the stable development of society.
II. Key Countermeasures for Network Data Security Governance
At present, China’s digital transformation based on technologies such as cloud computing and big data continues to deepen and has penetrated into multiple scenarios. This has created conditions for the utilization of data value and improved the quality of social governance work. To address the current problems, efforts should be made from five aspects to provide support for relevant data security protection.
(I) Establish a Cloud Data Resource Management Database
Enterprises can fully utilize data resources by establishing a cloud resource database. To achieve this goal, it is necessary to integrate various data materials from enterprises and government departments at this stage, laying a solid foundation for the comprehensive opening, sharing, and orderly application of data. Publicity on data security should be carried out among all units to enhance people’s awareness of data security prevention. Continuous efforts should be made to improve the internal organization of data to facilitate temporary access in the future. In addition, each unit should establish a visualized dynamic resource monitoring cloud platform based on the development characteristics of its industry. In accordance with operational requirements and data characteristics, personal data and public data should be scientifically classified and stored in private clouds or public clouds respectively. Relevant personnel also need to enhance their professional security capabilities to improve the ability to ensure network data security.
(II) Clarify Standards for Data Circulation and Sharing
Relevant government departments need to continuously improve the data circulation system, establish a national big data platform as soon as possible, and encourage all enterprises to participate in it. Joint efforts should be made to strengthen resource management, make data more secure and reliable, encourage enterprises to gradually open up data, enhance collaboration, and promote innovation, thereby establishing a win-win sharing system. At the same time, efforts should be made to expand the scope of supervision, conduct in-depth research, improve the sharing system based on actual conditions, clarify boundaries, and enhance the awareness of rights and responsibilities among all subjects.
(III) Improve Data Property Rights Rules
Clarifying data property rights can stabilize the entire data transaction market, ensure the rational utilization of data, and provide legal support for subsequent data mining. Data property rights can generally be divided into three categories: ownership, right to use, and right to benefit. Ownership includes the ownership of personal data and the ownership of data redeveloped by enterprises. Regarding the right to use, the government should focus on using data in accordance with national laws and regulations, and relevant enterprises should also prioritize data protection.
(IV) Reasonably Establish a Pricing and Evaluation System
A pricing and evaluation system that meets actual conditions should be specifically established for data information to ensure the smooth progress of data transactions without being affected by other factors. Based on differences in regions, populations, and the attributes of data itself, the following rules can be referenced to set reasonable prices for data: When government departments establish a network big data platform, they should set prices in advance; enterprises participating in transactions can entrust the platform with the right to price data. Finally, staff should determine the final price based on the evaluation system and notify the relevant parties. At the same time, historical prices of similar data should be provided to data owners to clarify the specific transaction range, thereby ensuring the rationality of quotation activities.
(V) Improve Data Security Prevention Systems
Ensuring the security of network data resources has gradually become a basic reference for evaluating the security and health of the entire data environment. To this end, it is necessary to improve relevant laws and policies, strengthen the protection of data security and personal privacy, and severely crack down on illegal and non-compliant behaviors. Publicity work should be done to increase the popularity of laws and policies and strengthen the implementation of data security laws and policies by enterprises. Specialized positions responsible for the security of network data resources should be set up in relevant enterprises and institutions to improve the ability of risk early warning and achieve proactive prevention. At the same time, efforts should be made to integrate, improve, and optimize the internal risk control process, and establish a dedicated emergency response system. In the event of theft or leakage of users’ personal information, traceability can be carried out immediately and feedback provided promptly to reduce user losses. All staff should recognize the importance of their work, actively perform their job responsibilities, and ensure comprehensive data security protection.
III. Conclusion
In summary, data security is a crucial link in the promotion of the digital transformation strategy. The actual effect of data security governance is closely related to the development level of the entire industry and provides a security guarantee for the stable development of the data industry. Due to the relatively short development history of the data industry, relevant systems and standards are still immature, and some management work and personnel job responsibilities have not been fully implemented, leading to the frequent occurrence of various problems. Therefore, relevant enterprises need to conduct further research on data governance to promote the sustained and healthy development of the entire industry.
