Why does data security matter to everyone?

Robin Li once said that "Chinese people are more willing to exchange privacy for convenience", which triggered a large-scale online public opinion against the criticism. People are sensitive when it comes to talking directly about rights, but on the internet it's not necessarily clear cut.

As for why, I think there are several reasons:

First, most people are unfamiliar with Internet technology, even including some Internet practitioners, they do not understand the basic situation of the new technology, the marketing is often in the name of high-tech convenient, default or require you to open the location of the reading of the address book, cell phone number ID card number, etc., the loss does not necessarily see but the convenience is right in front of us.

Second, a variety of use of the privacy agreement contains "overbearing provisions", to the phone number after the ID card number to complete the real-name authentication (gaming class financial class public **** service class mandatory except), check to agree to the registration of push a variety of advertising, a variety of format! Terms you can only "voluntarily accept" otherwise the software refuses to provide services. This is a great way to get the most out of your Windows 8 PC, and it's a great way to get the most out of your Windows 7 PC.

Third, the danger of Internet data leakage and misuse is something that society doesn't talk about enough.

I have a friend in the bank to do risk control told me that there are too many data leaks, not to mention reading the address book identity card address and other types of information, on a simple positioning of a person's user profile can be speculated on the seven or eight, such as which elementary school you went to, which middle school, which university, which company to work in, in which circle, can be through you, as well as your classmates, friends, colleagues, and so on. and the positioning of your classmates, friends and colleagues to synthesize the inference. If the positioning data is obtained by fraudsters, posing as an acquaintance fraud that is easy and easy to do.

The rapid development of the industry in the pre-Internet era, from the computer industry sub-category of the IT technology industry grew to about 1 billion Internet users accounted for a large part of the national economy of the cutting-edge industry growth is amazing, but it is also accompanied by a barbaric growth of the problem. When the data access to the Internet the moment you in the "naked run", this is a bit exaggerated but also shows that the phenomenon of data leakage is serious.

In March 2017, Jingdong and Tencent's security team joined forces to help the Ministry of Public Security to crack a large theft and trafficking of personal information of citizens, and its main suspects are Jingdong's internal employees, steal personal information of 5 billion, through a variety of ways in the network black market trafficking.

The People's Court of Suiyang District, Shangqiu City, in the referee's website, made public a criminal judgment showing that an undergraduate college student, Lu Mou, who lives in Shangqiu City, Henan Province, has been carrying out an eight-month-long data crawling on Taobao since November 2019 and stealing a large amount of user data. More than 1.18 billion pieces of user information had been leaked before Alibaba took notice of the problem.

Of course it's not just the giants that have seen data leaks, it's all over the internet in all related industries. According to Yongan online data leakage monitoring platform statistics, from January 1, 2020 to the present, *** occurred 21,620 data leakage incidents, involving industries including finance, Internet, e-commerce, education and other industries.

Here is no intention to discuss which giant data did not leak which data security is high, in the whole of the Internet to discuss who's "kung fu" better point is meaningless, the important thing is to establish a safe ecological and rules.

China in June 2017 released the "People's Republic of China **** and the State Network Security Law", in March 2021, the "People's Republic of China **** and the State Personal Information Protection Law (Draft)" submitted to the Standing Committee of the National People's Congress for deliberation. 2021 June, the "People's Republic of China **** and the State Data Security Law" full text release. It can be said that the basic legal framework of the Internet field is there. At the same time in the local also have Explore June 7 this year, "Shenzhen data regulations" officially announced to the public, January 1 next year officially implemented is the first local basic comprehensive legislation.

To pay attention to the degree that we may not lose any country, in April 2020, data is recognized by the state as the land, labor, capital, technology, after the "fifth factor of production", and in the digital transformation of enterprises to play an important role. So the importance of data can't be overemphasized.

Some people may worry that the provisions are good, but can they be implemented? This problem has been fully considered by the data security law, in order to avoid the lack of formality, the data security law to the policy to make a variety of sub-divisions, at the same time, the technical division of the implementation of certain guidance.

The data security law pointed out that by 2021, the development of data security industry standards more than 20, the initial establishment of telecommunications and Internet industry data security standards system, the effective implementation of data security management requirements, basically to meet the needs of the industry data security protection, to promote the application of standards in key areas.

By 2023, more than 50 data security industry standards will be developed, the data security standard system of telecommunications and Internet industry will be improved, the technical level, application effect and internationalization of the standards will be significantly improved, and the industry's data security protection capability will be strongly supported.

Even if you don't encounter the situation of killing, then the data leakage may be the common daily. Nowadays, all kinds of APPs, web pages, small programs, etc., will ask for different information about the user's personal location, identity, cell phone number and so on. Various platforms are saying that they will desensitize the data, but when you receive a customer service call when you receive a delivery, often your real information is completely exposed to others. The first thing you need to do is to get your personal data back on the Internet.

It's a good thing that the Personal Information Protection Act was just passed on August 20th, and it's clear that it will come into force on November 1st.

Specifically, some points are still very relevant and realistic, such as not to collect personal information in a fraudulent or induced manner, not to conceal the function of collecting personal information of the product or service, and the automatic collection of personal information should be the minimum frequency of realizing the function of the product or service business. In this way, we can have a clear understanding of the collection situation, and we can cancel the deletion in a targeted manner.

In the past, when registering for an app, the first time you ticked the "notification" box, you were authorized for life, which means we can't withdraw the authorization from the previous barbaric period, which is by default legal, and this is a huge infringement of the user's rights.

The Personal Information Protection Act specifically makes new requirements for this issue, consent should be given voluntarily and explicitly by the individual under the premise of being fully informed, and can be withdrawn conveniently. A product or service may not be refused on the grounds that the individual has not consented or withdrawn his or her consent.

The Personal Information Protection Law has special laws and regulations for sensitive personal information, such as biometric information, medical and health information, and financial account information, etc. Businesses should differentiate between sensitive types of personal information, develop internal classification and grading standards, and adopt higher-level technical measures to protect it.

But it's not impossible, the system level is difficult to coordinate the consideration of technical means. 2019, the CBRC, the Internet financial risk special rectification and other regulatory agencies jointly with the public security organs of the "cash loan" data source crawling purged, known as the big data wind control industry history of the most stringent investigation. The relevant departments realized the harm and seriousness of the leakage of "explicit data". Therefore, privacy computing is almost the only technical solution for data interoperability. Privacy computing is a technology for full-cycle protection of private information, and by encrypting plaintext data, it can realize that the data is "available but not visible".

So with privacy computing will data processing slow down affecting the efficiency of the enterprise? According to industry insiders privacy computing processing data is the slowest plaintext 3-5 times, the fastest is hundreds of times, the next year or so the industry can be optimized to improve 5-10 times. There should be no need to worry about security and efficiency, but the economics of applicability still need to be explored.

In the real environment, the data dispersion of each family is different, the data interaction standards are different, the standardization of business processes is also different, the underlying architecture of each vendor and the underlying components are also different, which are to be involved in multi-party collaborative work should be done as far as possible to achieve the safe development of standards first.

Liu Bo, Chief Scientist of ACE Information, pointed out that, on one hand, globally, data security is far from reaching the maturity of technology, and even about 80% of data security related technology is in the primary stage; and for China, there are still a lot of neck-breaking problems to be broken in data security technology.

So in a period of time, the Internet industry may still exist in the misuse of data, data leakage, data trafficking and other issues, of course, we can not completely put the problem pushed to the technology, but also from the economics, sociology, social ethics, social data security awareness of the education to make up for the shortcomings of the data governance level can be said to be all for one and one for all.

Since the impact of the epidemic, China's economy has been under pressure, but the good thing is that the "three new" economy is still maintaining growth results. Here to explain what is the "three new economy", "three new" economy is to new industries, new forms, new business models as the core content of the collection of economic activities.

The specific performance is a series of business activities relying on emerging technologies and Internet information technology.

According to the National Bureau of Statistics on July 6, 2020, China's "three new" economic added value of 16.9 trillion yuan, an increase of 4.5% over the previous year, than the same period of the gross domestic product (GDP) growth rate of 1.5 percentage points higher than the current price of the gross domestic product (GDP); equivalent to the proportion of the GDP of 17.08%, an increase of 0.7 percentage points over the previous year. by 0.7 percentage points.

"Three new economy" and the Internet is inseparable, if there is no data security everything will be a castle in the air, it can be said that the more frequent the economic activities of the data risk will increase accordingly. 2021 July 14, in the twentieth session of the Internet of China Conference on data security forum, the China Academy of Information and Communication Research Institute of security, said Wei Wei, director of information security department. Wei Wei, director of the Information Security Department, said that some research organizations have statistics that the number of global data leaks in 2020 exceeds the sum of the past 15 years. The impact of these data security risks has gradually radiated from individuals and enterprises to industries and even countries, and data security risks are very prominent.

Data security is a new problem and a new opportunity in the new era, and data interoperability is a major direction, and if handled well the potential between the various factors of production will be infinitely stimulated, while efficiency will also be greatly enhanced. Whether it is big data or cloud computing is built on the basis of data security, in our personal protection of personal data security, is in the guardianship of their own wealth to protect personal security.

Reference: