Looking at the study of national security and the rule of law, tremendous achievements have been made in the protection of national security in non-traditional areas on the mainland under the leadership of the CPC Central Committee and the guidance of the overall national security concept. The Party and the state have made great efforts to promote the national security system and capacity building, and the national security capacity has been significantly improved. In order to cope with the more complex external environment and the comprehensive and complex problems caused by the interweaving of traditional and non-traditional security domains, the mainland has adopted comprehensive measures to deal with them. There are some problems in the legislation of security in non-traditional fields, such as unclear rights and responsibilities of power subjects, unreasonable system design, and lack of practical operability of norms, so it is necessary to further refine the top-level design of the system and the possibility of practical operation, so as to promote the modernization of the national security protection capacity and protection system in the non-traditional fields of the mainland.
The report of the 20th National Congress of the Communist Party of China pointed out that national security is the foundation of national rejuvenation, and social stability is the prerequisite for a strong country. We must unswervingly implement the overall concept of national security, and ensure national security and social stability by ensuring that national security runs through the entire process of all aspects of the work of the party and the state. Under the leadership of the CPC Central Committee and the guidance of the overall national security concept, the national security work in the new era has made tremendous achievements, the national security system and capacity building have been promoted, the national security system has been basically established, and the national security capacity has been significantly improved. The introduction of the concept of non-traditional national security on the basis of the traditional concept of national security is an important embodiment of the theoretical innovation of the overall concept of national security. Although the use of sabotage means against non-traditional security areas cannot directly cause substantial damage to the mainland's political power, sovereignty, unity, and territorial integrity, because the economy, people's lives, and social operations and development are closely related, they will affect people's security in the form of infiltration and erosion, disintegrate the mainland's national security defense line, and have a wide range of influences.
Non-traditional security involves economic, cultural, social, cyber, biological and other fields, and is comprehensive, technical, and pluralistic, and needs to be adjusted by adopting the rule of law means of comprehensive management, scientific monitoring, and hierarchical protection, which puts forward higher requirements for the mainland's governance capacity and governance system.
1. The characteristics and structure of the non-traditional security legislative system
Legislation in the field of non-traditional security is based on the overall concept of national security, and the new guidelines and policies of "safeguarding national security" are legalized and institutionalized, and given legal binding force. In the maintenance of non-traditional security areas, we not only coordinate the risk factors in various domestic fields, but also pay attention to the threats brought about by globalization, and incorporate international security risk assessment into the consideration factors of non-traditional security protection. In general, non-traditional security protection legislation has the following characteristics:
1. Political. The political nature of the legislation on the protection of non-traditional security areas is mainly reflected in two aspects: first, upholding the leadership of the Communist Party of China; The second is to give priority to political security. First of all, the leadership of the Communist Party of China is the most essential feature of socialism with Chinese characteristics, and upholding the party's absolute leadership over national security work is the fundamental guarantee for safeguarding national security and social stability. Since the beginning of reform and opening up, the Communist Party of China has always attached great importance to correctly handling the relationship between reform, development and stability, and has always regarded safeguarding national security and social stability as a basic task of the Party and the country. Article 4 of the National Security Law fully affirms the Party's role as the core of leadership in controlling the overall situation and coordinating all parties, and upholding the Party's absolute leadership is the fundamental principle for doing a good job in national security work. Second, when carrying out legislative work in the field of non-traditional security, we insist on putting political security in the first place, highlighting the high degree of compatibility between the field of non-traditional security and the field of traditional security.
2. People's nature. In the final analysis, the purpose of protecting non-traditional security and even overall national security is to protect the interests of the people, and the rule of law work in the field of non-traditional security adheres to the fundamental position that people's security is the purpose. First of all, in the legislation, the National Security Law fully considered the suggestions of the Standing Committee members, and moved the provisions of Article 29 of the draft on people's security to Article 2 of this chapter, emphasizing that safeguarding national security "has the people's security as the purpose". In the legislative process in various areas of non-traditional security, the opinions of the people have been fully listened to, and the issues of concern to the people have been attached importance to and responded to. Second, the people's nature is reflected in the legal provisions in the field of non-traditional security. In the overall planning of the protection of non-traditional security fields, whether from the perspective of overall leadership, such as strengthening the maintenance of national territory and maintaining the order of the market economy, or from the perspective of departmental fields, such as improving the safety production system, nuclear energy and nuclear technology emergency response, etc., it reflects the concern for the interests and security of the people in all aspects, truly closely integrates national security with the interests of individual citizens, and provides legal support for solving the security problems that the people strongly resent. Finally, in the implementation of laws and rules in various fields, the state fully respects the rights and obligations of citizens and other organizations, stipulates the obligation of mainland citizens and organizations to actively cooperate in the work of safeguarding national security, and gives the state security organs the right to request compensation and the right to criticize and suggest national security work in case of losses caused by the state security organs in case of necessary circumstances, and always regards the people as the basic force of national security.
3. Global. Work in the field of non-traditional security persists in the overall promotion of national security in all fields, and takes the overall concept of national security as the guiding ideology for legislative work in the field of non-traditional security. The overall nature of the National Security Law is reflected in three aspects: first, full coverage of horizontal national security fields, second, full coverage of vertical subjects, and third, full coverage of time and space, focusing on both development and security. First, non-traditional security covers 13 areas, including economy, science and technology, culture, society, ecology and military, focusing not only on the special governance of non-traditional security fields, but also on the intertwining of non-traditional security and traditional security, and insisting on taking domestic security as the guarantee and promoting international security as the basis to jointly safeguard and shape national security. Second, we should persist in defusing and preventing comprehensive national security risks and enhance our sense of worry. The National Security Law establishes a national security system and a national security guarantee system, which respectively stipulate the construction of non-traditional security fields and their safeguard systems from the aspects of system and decision-making, and start from the top-level design, link the central and local governments, and departments and departments to form a centralized, unified, efficient and authoritative national security leadership system, and orderly complete all tasks related to the protection of non-traditional security fields within the scope of the authority of each department. Third, we need to coordinate security and development tasks, promote development and security in depth, promote development through reform, and ensure safe development in the new development pattern. Maintaining non-traditional security is based on the concept of combining dynamic and static, which includes not only maintaining current national security, but also preventing and resolving future national security risks. Development is dynamic, organically combining security and development, developing in security, and promoting the protection of non-traditional national security through development. The legislative work in the field of non-traditional security focuses on green and sustainable development, open development and shared development, and regards development and security as the bottom line of the new development pattern, with the main goal of strengthening the material foundation of the Chinese nation, ensuring the sustainable growth of national strength, and enhancing the people's sense of well-being.
At present, the mainland implements a three-level standard for the protection of non-traditional security fields, with the National Security Law as the core, the Basic Law in the field as the framework, and the normative rules as the practical guidance, so as to transform the overall national security concept and the concept of attaching importance to non-traditional security into a realistic legal system. Taking network security protection as an example, the National Security Law stipulates the tasks of protection in the field of network security in terms of the construction of network information security system, security protection capabilities, research and innovation, and application development, and stipulates the basic means in the field of network security in terms of strengthening standardized management and punishing harmful behaviors. As a basic law in the field of cybersecurity, the Cybersecurity Law provides for all-round institutional legislation from the construction of key cybersecurity systems such as the network sovereignty system and the network operation security system. By stipulating monitoring, early warning and response measures for the occurrence of network security incidents, real-time monitoring and efficient response to network security threats and events are ensured. After the specific framework is established, the Data Security Law, the Regulations on the Security Protection of Critical Information Infrastructure, GB/T22239-2019 and other laws, regulations and normative documents are used as operational guidelines.
2. Deficiencies in non-traditional security legislation under the comprehensive governance system
Protection in the field of non-traditional security involves multiple subjects, multiple norms, and multiple procedures. In practice, in the process of implementing the law, there will be problems such as unclear definition of the scope of adjustment objects for new fields, unclear powers and responsibilities of power agencies, and overlapping system construction.
(1) The concept of legislation in new fields is confused
The protection of non-traditional security often involves cutting-edge technologies and multidisciplinary fields, and it is difficult for legal researchers and legislators to be familiar with the professional terms and concepts in this field due to their different functions, and there is a gap in understanding between scholars of different disciplines. Although German civil law scholars have made strong criticisms of conceptual jurisprudence in history, with the continuous development of the intelligent society, more and more similar concepts appear, and it is more necessary to pay attention to related issues such as concept interpretation in the legislative process. The following takes the legal norms in the field of cybersecurity as an example to explain the situation of multiple meanings and overlapping concepts in legislation.
1. The word has multiple meanings. In the process of legislation, due to the changes in the technical background and people's understanding at the time of legislation, there is also a certain gap between the value connotation of the concept and the actual existence, that is, the important role of the subject itself is ignored under the prevailing ideological trend of epistemology, resulting in different interpretations of the same concept, and also causing problems in the application of law. Taking the protection of cyber security as an example, the protection of key data such as personal information and biometric information has been given special attention, which is regulated in the Personal Information Protection Law, the Cybersecurity Review Measures, and relevant rules on data circulation. However, the wording is different. The Cybersecurity Law adopts the definition of personal information in the Civil Code, that is, all kinds of information recorded electronically or by other means that can identify the personal identity of a natural person, either alone or in combination with other information. However, the Personal Information Protection Law stipulates that "all kinds of information related to identified or identifiable natural persons recorded electronically or by other means do not include anonymized information." "The difference in the review of desensitized data between the two will not only lead to difficulties in choosing the method of safeguarding personal information rights, but also lead to the shirk of relevant responsibilities and abuse of rights in practice, which will pose a threat to network security.
2. Cases of overlapping concepts. When adopting legislative means to protect non-traditional security fields, due to different demand orientations, laws with different attributes of the same subject are often defined by similar concepts, which can easily lead to unclear situations in similar legal norms regarding the rights, obligations and responsibilities of the same legal subject. Taking the legislation in the field of cybersecurity as an example, the entities involved in the Cybersecurity Law include network operators and operators of critical information infrastructure. Network operators are defined in the Law as the owners, managers and network service providers of networks, and although the operators of critical information infrastructure are not clearly specified, they can be deduced by analogy from the concept of critical information infrastructure to refer to important industries and fields such as public communications and information services, as well as owners, managers and service providers of other important network facilities and information systems. There is a competing relationship between the two concepts, and the law has not yet stipulated whether it is necessary for subjects with dual identities to store personal information other than the right to store personal information and whether the disclosure of personal information should be subject to double punishment. For example, if a cloud service is classified as critical information infrastructure according to regulations, but it is also a network service provider, the administrative authority has punished it in accordance with the Cybersecurity Law in the event of information leakage. However, as a critical information infrastructure operator, whether it should be subject to double punishment if it violates the obligation to keep personal information confidential under the Regulations on the Security Protection of Critical Information Infrastructure, requires further consideration.
(2) Duplication of system construction
In order to meet the institutional framework of the national security law and the ideological and practical needs of the overall national security concept, the legislation in the field of non-traditional security often adopts a hierarchical protection mechanism and a unique protection mechanism formed according to the characteristics of each field to carry out multiple maintenance. However, at the same time, it will also be found that there is a tendency to duplicate institutional construction, which can easily lead to problems such as unclear application of law.
For example, in the field of biosecurity protection, a regulation may involve a number of security areas such as biosecurity, ecological security, and food security. The provisions of the Regulations on the Administration of Human Genetic Resources on the circulation of information on human genetic resources are generally in line with the provisions of the Cybersecurity Law on important data, but they lack more specific guidelines and rules for the application of the law.
For example, in the field of network security, in 2007, the Ministry of Public Security, the State Security Bureau, the Cryptography Administration, and the Information Office of the State Council jointly issued the Administrative Measures for the Classified Protection of Information Security, which marked the official implementation of the classified protection system for information security. This period is also known as the traditional era of hierarchical protection. During this period, the state divided information security into five levels according to the different consequences of the destruction of information systems, and stipulated relevant technical standards to distinguish them and provide special protection. There are a lot of competing approaches to the hierarchical protection system and the information infrastructure security protection system in terms of normative paths, evaluation criteria and punishment results, which adds unnecessary obligations to operators. In addition, some scholars believe that there are still great deficiencies in the mainland's classified protection of information security, and that not only the system construction is not perfect, but also there are some problems in the management system. This paper argues that, from the perspective of legislation, the hierarchical protection system is more inclined to require storage equipment based on the importance of data, focusing on preventing data leakage. As for the security protection system of critical information facilities, from the perspective of national security prevention and national government governance, the key nodes and equipment themselves are also the key protection subjects. As for the organic combination of the two, the mainland also needs to grasp the definition of critical infrastructure and legislature from the perspective of national security, and make the work legalized and modernized.
(3) Unclear organs of power and their powers and responsibilities
The overall concept of national security has a deeper and more macro understanding of the concept of national security. It has broken the shackles of the traditional concept of national security that is limited to territorial sovereignty, military national defense, political security and other fields, innovatively included security in all fields into the general concept system of national security, and adopted a comprehensive and overall overall approach to governance. However, in legislation, we still need to pay attention to the problems of unclear subjects of power organs and unclear boundaries for the exercise of power. In addition, in the process of exercising power, there are endogenous conflicts and abuses of power between power organs and certain basic rights of citizens, which seriously undermines the free exercise of citizens' legal rights.
In the field of biosafety protection, the lack of clarity of the subject of the authority is very serious. The Biosecurity Law inherits the framework established by the National Security Law, and in view of the comprehensiveness and particularity of the risk prevention and control system, the state has established different characteristic systems in four aspects: risk assessment and early warning, biosecurity information management, biosecurity review, and response to biosecurity incidents. The terms of reference of the State Council and relevant departments, as well as the military and customs, in the prevention and control of biosecurity risks. (See Table 1) It can be clear that there is a situation where a task is jointly responsible for multiple power departments, and it is necessary to further do a good job in the cohesion and coordination between departments to ensure the smooth progress of the task.
Table I
In the field of cyber security protection, the exercise of public power may have a fierce conflict with civil rights. The responsibilities of network operators mainly include the duty of care in the provision of network services and the obligation to ensure the security of the network, and the circulation of data and information may involve the leakage of personal information, and network operators need to pay special attention to the protection of personal information. However, there is an endogenous conflict between the current network operator responsibility system and the basic rights of citizens, and there is already a risk of abuse of censorship power in the international community. (1) Conflict between the right to information exploration and the right to privacy of the network operator. On the one hand, network operators need to ensure that the information stored in the service platform they provide should comply with laws and national security norms, and that the personal information and privacy of platform users are protected. In other words, users do not want information to be obtained by the outside world to be censored for the sake of the operator's compliance with cybersecurity obligations, so there is a risk of leakage and infringement. (2) Conflict between the management responsibilities of network operators and the political rights of citizens. Citizens' freedom of speech refers to the freedom of citizens to express and disseminate their thoughts and opinions through various forms of language. With the continuous development of network technology and the popularization of mobile networks, the diversification of communication subjects has made the exchange of opinions extremely active, which is manifested in the increasing participation of individuals and the tendency of opinions to be emotional. Network operators are responsible for the management and control of public opinion, and shall prevent the abuse of media power, ensure that media power seriously infringes on citizens' freedom of speech, and set reasonable boundaries between the control of public opinion and the exercise of freedom of speech.
III. On the improvement of efforts to protect non-traditional national security laws
There are many interacting and embedded disciplinary concepts in various fields of non-traditional security. The protection of non-traditional security through law is a major test for the construction of the rule of law and legislative technology on the mainland, and the following four points need to be achieved when carrying out legislation in non-traditional fields: first, build an institutional framework with clear rights and responsibilities; Second, strictly control the evaluation of interests in the exercise of public power for the protection of national security and the exercise of people's rights; Third, adhere to the concept of the relationship between the rule of law to promote protection and protection to promote the rule of law, ensure the convergence of legislation and reform decision-making, and promote institutional innovation; Fourth, strengthen supportive and protective legislation to promote the development of the social and educational systems.
When carrying out special legislation on cutting-edge issues in various non-traditional fields, first of all, it is necessary to design an effective institutional framework through scientific and democratic argumentation to ensure the necessity and comprehensiveness of the establishment of the system. Attention should be paid to the accuracy and necessity of adjusting the definition of the concept of the object when legislating substantive content, so as to prevent the situation where the process of applying the law is complicated and the definition is difficult due to the occurrence of multiple meanings and overlapping meanings of multiple words. Second, it is necessary to focus on promoting the system of lists of powers and the system of normative guidance, clarify the scope and boundaries of the exercise of powers, and focus on exploring the scientificity and operability of the legislative process. Finally, with the continuous progress of science and technology, although the legislative work is forward-looking, it may still lag behind compared with social development, so it is necessary to rely on industry self-discipline, strengthen talent protection and the formulation of industry standards and rules through stipulation, guarantee and supportive legislation, further promote the co-governance of government and enterprises, promote the high-quality development of industry and technology, fill the legislative gap with mature practical experience, and improve the national security legal system.