Specifically, the NDA has been tasked with driving China’s digital development by creating blueprints, introducing unified standards for data sharing, and supporting the digitalisation of public services. It will also act as a coordinator among government departments, such as the NDRC, the Ministry of Industry and Information Technology, and local governments.
The agency is headed by Liu Liehong, former chairman of state-owned telecoms firm China Unicom and an industry veteran with over 30 years of experience working in information technology.
Shen Zhulin, former deputy director of the NDRC’s hi-tech industry department, has been named a deputy head.
“The data agency focuses on serving [China’s] development. It is expected to set up standards and mechanisms to smooth data sharing among various parties, especially among government departments,” a government source familiar with the matter said.
“But it doesn’t mean China will put less emphasis on data security, which remains under the purview of the CAC,” the source said. “Under the current international situation, security issues remain a top priority for China.”
Zeng Liaoyuan, associate professor of information and communication engineering at the University of Electronic Science and Technology of China in Chengdu, said the NDA was set up because Beijing recognised the urgency of making efficient use of its vast data pool as it pursued the rapid growth of its digital economy.
“The establishment of the NDA shows that China wants to make better use of its huge data resources, which are largely fragmented and inconsistent in different government departments, industries and sectors,” Zeng said.
China generated about 8.1 zettabytes of data last year, an amount that would fill more than 8 billion high-end home computers, placing it second only to the US, according to CAC data.
The value of China’s digital economy is estimated to have reached 50.2 trillion yuan (US$690 billion) last year, accounting for 41.5 per cent of China’s GDP.
However, the rapidly growing field has created huge problems in management and regulation. About 15 government organisations are responsible for data regulation and governance, resulting in bureaucracy and inefficiency. Several ministries and over a dozen local governments have set up their own data centres or bureaus, leaving outsiders with limited access.
Zeng said China not only faced the problem of scale in regulating the data business but also new challenges such as AI.
“I think the most direct trigger [for setting up the data agency] is artificial intelligence. As China is keen to develop AI, it needs to make its massive data relevant and accessible,” Zeng said.
Michael Frank, a senior fellow at the Wadhwani Centre for AI and Advanced Technologies under the Washington-based think tank Centre for Strategic and International Studies (CSIS), agreed.
“To actually make artificial intelligence work, four inputs are critical: computing power, talent, financial capital and data. With the [NDA], China is addressing one of the critical inputs for artificial intelligence,” Frank said.
“Having a lot of data isn’t particularly helpful if it isn’t centralised and labelled in a way that researchers can know what they have access to. I can tell you as a researcher, the lack of useful data is a major challenge on the way to broad AI diffusion.”
Frank said the establishment of the NDA was a “sound policy that should, in theory, make research easier for Chinese scholars across many different disciplines”.
“However, it has to work. China has blocked the kinds of pathways to training and leveraging AI that international researchers easily access through the open internet. It also remains to be seen whether the NDA will matter for international researchers.”
The NDA was “very likely” to become the leading state agency to promote China’s global data governance norms, in a role much like that played by the CAC in seeking consensus on global internet governance, said Jian Xu, a senior lecturer in communication at Deakin University in Australia.
“The launch of [the NDA] is a sign of the Communist Party’s attempt to consolidate China’s data governance regime,” Xu wrote in an April article in Internet Policy Review, a peer-reviewed online journal based in Europe.
“China’s further engagement in global data governance and the promotion of its data governance framework, standards and measures worldwide will become a strong competing force against those promoted by the US and the European Union.”
Xu cited the Global Initiative on Data Security, launched by Beijing in September 2020, as an example of China’s ambitions to compete with Western democracies in making international rules and standards for data.
The initiative has been endorsed by Russia, Tanzania, Pakistan and the Arab League, among others. It requires data gathered locally to be stored locally to protect national security and “data sovereignty” – the idea that a country has the right to control data generated within its territory. It also opposes Washington’s “weaponisation of data” against Beijing in the name of protecting the privacy of citizens and sensitive information of companies.
A government source, speaking on condition of anonymity, said the new agency must tread carefully to deliver on its mandates.
“Data management is a completely new field [in China], and every step the agency takes will be in uncharted territory, so it’s important to proceed with caution,” the source said.
The bureau was in the process of setting up departments and must invest a lot of time to find its pace and direction, according to the source.
Another government source, also speaking on condition of anonymity, said the role of the data bureau required further clarification as its portfolio appeared to overlap with that of the CAC and the NDRC’s hi-tech development department.
A senior researcher at Tsinghua University in Beijing said the NDA would face an “extremely difficult” task in sorting out ownership of the massive volume of data generated by public institutions and private companies, and persuading them to hand over their data.
Public bodies, in particular, might prove harder to prevail on, he said.
“The NDA will face fewer problems in dealing with private companies because, traditionally, China’s private sector can do little in the face of the authorities’ demands. Even China’s internet giants have to listen to the authorities,” said the researcher, who requested anonymity because of the sensitivity of the matter.
“The bigger problem for the NDA is how other government agencies will work with them, especially those of the security apparatus.”
“The CAC, the powerful Ministry of State Security and the Ministry of Public Security all hold crucial data resources. Can the NDA break the barriers and get data from the security apparatus? It would be a very difficult job,” he said.
“There are so many government agencies that have jurisdiction over the digital economy in China. Coordination of policies has been a prevalent issue among government departments, causing many problems,” the researcher said.
Another challenge would be dealing with the CAC, a ministry-level government department supervised by both the State Council and the Central Cyberspace Affairs Commission, a powerful party organ.
While the new data agency oversees data sharing and facilitates data exchange, it must work closely with the data security watchdog, according to analysts.
“This is a new frontier in Xi’s total national security narrative. The creation of the agency will result in a centralised data control for the whole of China,” said Alfred Wu, an associate professor at the National University of Singapore’s Lee Kuan Yew School of Public Policy.
Wu said the NDA’s duties included easing cross-border data circulation, making it another crucial department for foreign companies to understand and work with.
A senior executive in charge of the China market for an American consultancy firm said he hoped the new agency would be able to help clarify the rules on cross-border data exchange, which is crucial for foreign business information and consultancy companies.
In a bid to ease the concerns of foreign enterprises, the CAC proposed in late September to ease its stringent cross-border data security controls, making it easier for companies to transfer commercial data in and out of China.
A set of draft rules said transfers of data relating to international trade, academic collaboration, global manufacturing and marketing activities that did not contain personal information or other data deemed “important” by authorities would no longer need to go through certain regulatory steps, such as security review or obtaining consent before they could be shared with overseas parties.
“The language in the proposed loosening is very vague, and we are not sure how it would affect our business practices. We need the exact definition of what is ‘important’ data,” the consultancy firm executive said, adding that he hoped the new agency could take care of the needs of the international business community.
Additional reporting by Sylvie Zhuang