Editor's note: 2024 marks the 10th anniversary of General Secretary Xi Jinping's strategic goal of becoming a cyber power, and the 30th anniversary of the mainland's full-featured access to the Internet. At present, with the rapid development of new technologies such as the Internet, artificial intelligence, and big data, the national cybersecurity situation is becoming increasingly severe and complex, and cyber security has become a major event related to the national economy and people's livelihood and the overall strategic situation. At the National Conference on Cyber Security and Informatization held last year, General Secretary Xi Jinping clearly put forward the mission and task of "raising the banner to gather the hearts of the people, preventing risks and ensuring security, strengthening governance to benefit the people's livelihood, increasing momentum to promote development, and seeking win-win cooperation", clarifying the important principles of "ten adherences", and raising the understanding of the regularity of network information work to a new height. How to coordinate development and security, build a solid national network security barrier, and promote the high-quality development of the cyberspace industry? This newspaper invited three experts to discuss and exchange.
Moderator: Chen Yu, reporter of this newspaper
Guest: Hui Zhibin, Director and Researcher of the Internet Research Center of the Shanghai Academy of Social Sciences
Tianshu Que is a professor and vice president of the China Institute of Legal Strategy, East China University of Political Science and Law
Lu Chuanying is a researcher at the Shanghai Institute of International Studies and secretary-general of the Center for International Governance in Cyberspace
Moderator: "There is no national security without cybersecurity. "Cyberspace is the country's "fifth frontier" and a matter of national sovereignty. Cyber security also often affects the whole body, which has a profound impact on the security of political, military, economic, cultural, social, scientific and technological fields. This year marks the 10th anniversary of the overall national security concept, how to deeply understand the importance of cyber security from the perspective of the overall national security concept?
Hui Zhibin: Coordinating development and security is the eternal theme of human civilization and the requirement of Chinese-style modernization. The key word of the overall national security concept is "overall", which also corresponds to the cross-domain characteristics of modern risks referred to by the famous risk sociologist Giddens. In today's world, with the cluster application of a new generation of digital technologies such as mobile Internet, Internet of Things, big data, and artificial intelligence, cyberspace and the real world are accompanied by each other, and data elements flow and integrate across domains and borders. There can be no national security without cybersecurity, which is not only the strategic judgment of the CPC Central Committee, but also the deep consensus of the whole society. Therefore, in the process of building a cyber power in the new era, it is necessary to fully consider the systematic, holistic and collaborative nature of various elements of network data security governance, strive to improve the level of network governance and network use, promote the comprehensive governance of cyberspace, and promote the formation of a good network ecology.
Tianshu Que: The Internet era has undoubtedly brought unprecedented opportunities and dividends, but the field of cyberspace security is facing increasingly complex and urgent challenges, and cybersecurity risks have become a typical representative of non-traditional security. From the perspective of the overall national security concept, the network security concept and the overall national security concept are not only inclusive, but also organically coordinated with other security concepts, so to establish a correct network security concept, we must deeply understand the important connotation of the overall national security concept in the new era. On the one hand, cyberspace plays a carrying role in the overall planning and layout of the national security concept, and national security, social stability and sustainable development are inseparable from cybersecurity. It not only means that the concept of cyber security is one of the connotations of the overall national security concept, but also shows that building a strong cyberspace security defense line is of great practical significance for the realization of the overall national security concept. On the other hand, cyber security issues exhibit intertwined interactions with other areas of the overall national security outlook. It goes far beyond its own technical scope and is deeply embedded in multiple dimensions such as political security, economic security, and cultural security, and is interrelated with and functional. Especially in today's rapid changes in artificial intelligence and information technology, the cyberspace security situation has shown a deeper linkage, and maintaining cyberspace security is not only a purely technical practice to defend the digital frontier, but also a cross-domain strategic action to safeguard the country's comprehensive security interests.
Lu Chuanying: Cyber security is not only an important security area under the overall national security concept, but also has a profound impact on other traditional and non-traditional security fields. This includes not only the increasing cybersecurity conflicts in the military and intelligence fields, but also the increasing cybersecurity risks faced by key industries related to the national economy and people's livelihood, such as finance, energy, transportation, and medical care. In recent years, the game between major powers in the field of cyber security has intensified, which has become one of the most important risks and challenges in the field of national security. Under such circumstances, it has become a common practice for governments to pay attention to cybersecurity risks, raise awareness, and increase cybersecurity capacity building. Compared with other security fields, network security has the characteristics of ubiquitous security, uncertain risk sources, and fuzzy security boundaries. This makes traditional security strategies ineffective in addressing cybersecurity challenges. Therefore, it is not only necessary to look at cyber security challenges from a strategic perspective, but also to adapt to the trend of technological development and the characteristics of cyber security, and establish a more resilient cyber security system. It is necessary not only to prevent risks, but also to establish a correct concept of network security.
Moderator: At present, the trend of the information revolution is at a historical intersection with the overall strategy of the great rejuvenation of the Chinese nation and the great changes in the world unseen in a century. General Secretary Xi Jinping profoundly pointed out that "network security and informatization are complementary to each other. Security is the premise of development, development is the guarantee of security, and security and development must be promoted simultaneously", "network security and informatization are two wings of one body and two wheels of drive". In the context of accelerating the construction of a cyber power, how to coordinate the relationship between network security and informatization?
Hui Zhibin: Cyber security and informatization complement each other. Coordinating development and security is an important requirement for implementing the overall national security concept. The development of informatization in mainland China started earlier, but it was once in a state of first building applications and then security governance, especially with the popularization and application of mobile Internet and artificial intelligence, network data security risks are becoming increasingly prominent, which are prominently manifested in critical information infrastructure, data security and privacy protection, cyberspace militarization threats and many other aspects, which are directly related to national security, social stability and people's interests. To this end, we must focus on overall development and security, adhere to the correct concept of network security, deeply grasp the important characteristics of network security is dynamic rather than static, open rather than closed, relative rather than absolute, based on an open environment, and establish a dynamic network security protection concept. At the practical level, it is necessary to increase the safety investment and awareness education of the whole society, continue to test the safety protection capabilities of the whole society and various industries in actual combat, integrate safety genes into the whole life cycle of digital transformation, and achieve synchronous planning, construction and operation.
Que Tianshu: The construction of a cyber power requires a deep understanding of the dialectical unity relationship between network security and informatization construction, informatization has a positive leading role in the construction of a cyber power, and network security provides a solid security foundation and protection guarantee for informatization construction. According to the 53rd Statistical Report on the Development of China's Internet Network, the Internet penetration rate in mainland China has reached 77.5%. This shows that the scale of informatization development of the cyber power strategy is unprecedented, but it should also be noted that the demand for cyber security is also increasing day by day. The efficiency of informatization development is constrained by the level of network security, the faster the development of informatization, the greater the network security risk index, if the network security is not in place, the development of informatization will have the risk of getting out of control and even cause catastrophic consequences. Therefore, it is necessary to actively explore the path of coordinated development and deep integration of network security and informatization construction, and pay attention to the actual output of network security efficiency while increasing investment in informatization development, not only to promote the high-quality development of informatization, but also to build a solid network security protection barrier. In practice, the layout of critical information infrastructure represents the degree and level of informatization development, and its protection capabilities should be further strengthened, and multiple measures should be taken simultaneously in terms of technology, systems, and personnel, so as to build a security governance system integrating monitoring, early warning, and response, and improve the overall resilience and resilience to major cyber crisis events, so as to achieve the organic unity of network security and informatization development practices.
Lu Chuanying: Network security is ubiquitous security, which is widely present in all information systems, and informatization and intelligence have become the main development direction of today's economic development and social governance. Building a cyber power is inseparable from the vigorous development of information technology and digital technology. Therefore, any pursuit of absolute security is not advisable. In order to ensure the development of the digital economy and information technology by improving network security capabilities, it is necessary to continuously improve the understanding of the fundamental attributes of network security. In order to strike a balance between security and development, it is necessary to pay attention to cyber security and avoid generalization of security, and avoid simply equating cyber security with national security. For example, any cyber attack that occurs in the military field is a national security issue, while a cyber attack that occurs in the financial field needs to be determined according to the consequences of the loss and the size of the impact area. The network security risk is directly proportional to the degree of informatization, and the higher the degree of informatization, the greater the network security risk faced. Therefore, it is also necessary to have an objective understanding of the acceptance of cyber security risks. It is necessary to establish a larger security landscape and incorporate development benefits into the consideration of security costs.
Moderator: General Secretary Xi Jinping has given important instructions on "four insistences" on cyber security work, one of which is to "adhere to the unity of promoting development and management in accordance with the law". At present, a new round of technological revolution and industrial transformation is accelerating, and digital application scenarios are becoming increasingly rich and complex, such as the large-scale rise of generative AI in recent years, which has brought new challenges to cybersecurity. In this context, how to not only dance the wings of innovation, but also consolidate the foundation of the rule of law, and build a solid security foundation for the development of the digital economy?
Hui Zhibin: In the era of digital economy, insisting on equal emphasis on security, controllability, and open innovation is the way to achieve stability and long-term success. Cyberspace security needs to uphold the concept of collaborative governance and gather the wisdom and strength of the whole society, so it is particularly important to build a cyberspace rule of law system that keeps pace with the times, which is the foundation for ensuring the healthy development of the digital economy and cyberspace. At present, the development of generative artificial intelligence, Web 3.0, blockchain and other technologies is in the ascendant, and cyberspace has entered the era of code as rules. Therefore, we need to strengthen forward-looking research on these new technologies, new models, and new applications, scientifically study and judge all kinds of risks that may exist, and at the same time allow more innovative entities to actively participate in the design and formulation of new rules, promote the ethical construction and value alignment in the era of artificial intelligence, and protect science and technology for good with the power of institutions.
Que Tianshu: The healthy development of the digital economy is inseparable from the solid foundation of cybersecurity, and data security is the key to taking into account the order of cybersecurity and the vitality of the development of the digital economy. Due to the upgrading and iteration of technical characteristics, the digital economy has an urgent need for data security, which is not only a security shield to maintain the stable operation of the digital economy, but also a catalyst to accelerate the high-quality development of the digital economy. Data security governance should not only emphasize the enabling effect of data circulation, but also pay more attention to the security protection of the whole life cycle of data. It is necessary to further promote the improvement of the basic data system and ensure the role of data security as an innovation engine in the development of the digital economy. Therefore, it is necessary to improve the construction of the "one code and five laws" system in the field of digital economy from the perspective of data security governance, clarify key elements such as data rights and obligations, subject status, and use norms, and provide a solid legal foundation for data security for the development of the digital economy. At the same time, the basic data system should increase the attention to and adoption of the development of artificial intelligence science and technology elements, build a data security system in accordance with national data laws and regulations and industry standards, and promote the construction of a credible data space architecture, so as to ensure the safe, efficient and orderly flow of data.
Lu Chuanying: The rule of law is one of the important means to ensure cybersecurity. In recent years, the mainland has successively enacted the Cybersecurity Law, the Personal Information Protection Law, and the Data Security Law, as well as the Regulations on the Protection of Critical Information Infrastructure, and the Measures for the Management of Generative Artificial Intelligence. While these laws play an important role in ensuring the mainland's cybersecurity, they are also testing the mainland's judicial and law enforcement capabilities. As an emerging field, the cybersecurity-related legal system is facing great challenges for both law enforcers and compliance providers. The clearer the legal provisions and the clearer the enforcement rules, the lower the compliance costs for enterprises. On the contrary, it will not only greatly increase the compliance cost of enterprises, but also inhibit innovation and development. In this regard, it is necessary to give full consideration to the actual situation of the mainland's digital economy and digital technology development stage, and cannot simply copy foreign practices. There is a so-called "Brussels effect" in the international community, that is, the regional laws and regulations formulated by the EU have an important impact on other countries. It is necessary to fully realize that China, as a cyber power and artificial intelligence power, has its own pace and characteristics of development, and should not be interfered with by other countries and regions. At present, network technology and artificial intelligence technology are in a stage of great development, and the scientific and technological game between major countries is becoming increasingly fierce. Whether or not a breakthrough can be made in core technologies is not only related to the construction of a cyber power, but also related to the great rejuvenation of the Chinese nation. Therefore, the relationship between technological development and legal governance should be considered at the strategic level in the legal construction of cybersecurity, artificial intelligence and other fields. It is necessary not only to reserve enough time for technological development, but also to improve the ability to understand technology, strengthen capacity building, and promote the level of rule of law in the cyber field.
Moderator: Internet information work is directly connected to more than 1 billion netizens, and is closely related to the sense of gain, happiness and security of more than 1.4 billion people. In recent years, network security problems related to the vital interests of the people, such as personal information leakage, telecommunication network fraud, online rumors, online blackmail, and malware proliferation, have frequently emerged. How to continue to promote the comprehensive governance of cyber security and safeguard the legitimate interests of the people in cyberspace?
Hui Zhibin: Adhering to the people-centered approach is the core principle of ensuring that the Internet better serves the people. The Internet has been deeply integrated into all fields of economy and society, and has become an important platform for the people's production and life, knowledge and beauty, innovation and creation. We must further grasp the construction of online content, cultivate a positive, healthy, upward and benevolent online culture, and nourish people's hearts and society with the core socialist values and the achievements of human civilization. Shape and purify cyberspace with the new style of the times, so that positive energy and the main theme will always fill cyberspace, and enhance the people's sense of gain, happiness and security in cyberspace. Advancing rule of law governance and improving long-term governance mechanisms is a guarantee for the healthy operation of the Internet on the track of rule of law. We should organically combine centralized governance with normalized governance, persist in treating both the symptoms and the root causes, continuously improve the long-term governance mechanism, further do a good job in the basic work of Internet management, continue to escort the development of the mainland's network security and informatization industry, and promote the healthy and stable development of the Internet. Therefore, in order to maximize and enhance the strong driving force for the development of the Internet industry, it is necessary to adhere to multi-party coordination and form a joint governance force. Under the premise of the party's management of network governance, industry organizations should play a good role in supervising and strengthening the awareness of industry self-discipline; Internet platform entities are to increase their sense of responsibility and guard the first line of defense for network governance; The vast number of netizens regulate their personal online behavior and enhance their ability to distinguish online.
Que Tianshu: Building a clean and harmonious cyberspace environment is fundamental to deepening the comprehensive governance of cyber security and safeguarding the legitimate rights and interests of the people. In recent years, the Cyberspace Administration of China has launched a series of "clear" series of special actions to address prominent problems in the network ecology, which covers various rectification tasks that show that: first, it is necessary to strengthen the full-cycle supervision of network security risks, control online false information from the source, cut off its transmission chain, and quickly launch an online debunking action to effectively block the flood of false information in cyberspace and purify the network ecology. Second, it is necessary to promote a new pattern of cyberspace security co-governance, especially social media platforms, as the main field for the breeding, convergence and proliferation of cybersecurity risks, their operators should bear unshirkable social responsibilities. Government departments must guide and complement social governance forces, and work with all parties to build a cyber security line of defense. At the same time, establish and improve the cyberspace risk assessment and early warning mechanism, strengthen the collection and analysis of risk intelligence, accurately identify potential threats and system vulnerabilities, enhance the forward-looking and predictability of responding to cyber risks, and promote the comprehensive governance of cyber security. In addition, it is necessary to improve and optimize the network information supervision and reporting mechanism, ensure that reports of online illegal acts can be quickly responded to and effectively handled, improve the enforcement and openness and transparency of network security law enforcement, effectively protect the people's lawful rights and interests online, and enhance the public's sense of gain and happiness in the digital age.
Lu Chuanying: "Cyber security for the people, cyber security by the people" is the fundamental purpose of the mainland's cyber security work. With the continuous improvement of the level of informatization and intelligence in the mainland, the people are facing more and more cyber security risks while enjoying convenience. The virtuality, transnationality and anonymity of the network have brought great challenges to the country's governance of cybercrime. In order to do a good job in preventing and combating various forms of cybercrime, it is necessary to do a good job in a multi-pronged manner. First of all, it is necessary to improve the public's awareness of cyber security and digital literacy, and build the first line of defense against cybercrime. Second, it is necessary to strengthen international cooperation and promote the early adoption and entry into force of the United Nations Convention on Combating Cybercrime, so as to prevent criminals from taking advantage of legal loopholes between different countries to evade punishment. Finally, it is necessary to improve the comprehensive governance capacity of network technology, and better use emerging technologies such as artificial intelligence, big data, and blockchain to deal with various forms of cybercrime.
