China Cybersecurity and Data Protection: Monthly Update - February 2024 Issue

This newsletter summarises the latest developments in cybersecurity and data protection in China with a focus on the legislative, enforcement and industry developments in this area. If you would like to subscribe for our newsletters and be notified of our events on China cybersecurity and data protection, please contact James Gong at [email protected].

Key Highlights

Multiple ministries, including the newly-established National Data Administration, have jointly or separately published official documents to promote the use of data to develop the economy and social welfare. Ministry of Finance has released its opinion to guide management of data assets, which apparently aims to encourage the utilization of data for its economic value. Local government in Jiangsu is following suit and published its own official statement to facilitate commercial use of data in the market. This could be an indication of a policy change towards a more balanced view of economic exploration and utilisation of data.

On data export, the Cyberspace Administration of Guangdong published the official filing process for the standard contract to be used for cross-boundary data transfer in the Greater Bay Area (for our comments on the GBA data export regime, please click here and here). Policy papers for local free trade zones in Shanghai and Guangdong also vow to facilitate cross-border data transfer and experiment with pilot programs. We expect to see similar arrangements in other free trade zones.

Our Views

On 18 December 2023, the Cyberspace Administration of China (CAC) unveiled the draft of the Cybersecurity Incident Reporting Management Measures which sets out obligations of the “network operator” in relation to cybersecurity incidents. Please read our article at the link below for an in-depth analysis of these Measures.

The CAC Draft New Regulation on Cybersecurity Incident Reporting for Public Consultation

Follow the links below to view the official policy documents or public announcements.

Legislative Developments

1. State Council issued the Regulations on the Implementation of the Archives Law of thePeople's Republic of China (25 January)

The State Council issued the Regulations on the Implementation of the Archives Law of the People’s Republic of China, which stipulate the responsibility for archiving. The Implementation Regulations mandate the timely and comprehensive archiving of materials and establish detailed rules for the collection, transfer, and custody of archives to ensure the security of electronic archives and disaster recovery. The Implementation Regulations also enhance the openness and utilization of archives. National archives are required to establish an archive openness review mechanism, innovate service forms, and promote the integration and social sharing of archive resources online and offline. This is aimed at fostering the effective use and protection of archives.

2. State Council issued the Comprehensive Reform Pilot Implementation Plan for the Pudong New Area (2023-2027) (22 January)

The General Office of the Central Committee of the Communist Party of China and the General Office of the

State Council issued the Comprehensive Reform Pilot Implementation Plan for the Pudong New Area (20232027). The Implementation Plan emphasizes principles such as liberating thoughts, innovation, openness and cooperation, systemic collaboration, co-construction and sharing, meticulous governance, and the rule of law. Specific measures of the Implementation Plan include strengthening institutional openness, optimizing the scientific and technological innovation system, reforming the talent development system, transforming government functions to stimulate market vitality, and exploring new models of governance for megacities.

3. Ministry of Transport issued the Railway Critical Information Infrastructure Security Protection Administrative Measures (3 January)

The Ministry of Transport issued the Railway Critical Information Infrastructure Security Protection Administrative Measures, which clarify the management system for railway critical information infrastructure, the primary responsibilities and obligations of operators, and supervision and safeguard measures. The core content of the Administrative Measures includes establishing the National Railway Administration as the competent department for the security protection of critical information infrastructure in the railway sector and the main body responsible for identification work. Operators are required to establish a comprehensive protection system and clarify their responsibilities in personnel, funding, equipment procurement, and data protection. 

4. Guidelines on Cybersecurity Protection for Industrial Control Systems issued by the Ministry of Industry and Information Technology (30 January)

With the acceleration of digital transformation and the trend of open interconnection of industrial control systems, industrial enterprises are facing increased cybersecurity risks and urgently need to strengthen protection. The Guide focuses on key aspects of security weaknesses, strengthens technical response strategies, improves industrial control security protection capabilities of industrial enterprises, and focuses on vulnerable network security risks, enhances threat discovery and disposal capabilities, and improves the security operation capabilities of industrial enterprises.

5. State-owned Assets Supervision and Administration Commission issued the Notice on Matters Relating to Optimising the Management of Asset Appraisal of Central Enterprises to improve the pricing of data assets (30 January)

In respect of data asset transactions, the Notice emphasises the need to improve the pricing of intellectual property rights, scientific and technological achievements, data assets and other asset transactions and flows. Central enterprises and their subsidiaries should use assessment or valuation results as pricing references when engaging in economic behaviour of relevant assets. If it is difficult to assess, the price may be determined through listing and auction after consulting professional institutions. When licensing the use of relevant assets, the licence fee may be determined by means of sales or profit commission, etc., and the fee shall be reasonably determined with reference to the relevant guidelines.

6. Ministry of Finance issued the Guidance on Strengthening Data Asset Management (31 December 2023)

The Ministry of Finance issued the Guidance on Strengthening Data Asset Management, which proposes the lawful and compliant management in accordance with data assets, clarification of the rights and responsibilities associated with data assets, improvement of related data asset standards, enhancement of data asset usage management, prudent promotion of data asset development and utilization, establishment of a sound data asset value assessment system. The guidance covers these 12 aspects and makes targeted provisions for the management of public data assets with state-owned characteristics, providing policy guidance to better manage and utilize public data assets by relevant entities. 

7. National Data Bureau and 17 other departments jointly issued the Three-Year Action Plan for 'Data Element Multiplier' (2024-2026) (5 January)

The National Data Bureau and 17 other ministries jointly issued the Three-Year Action Plan for “Data Element Multiplier” (2024-2026). The Action Plan selects 12 industries and fields including industrial manufacturing, modern agriculture, commercial trade circulation, transportation, financial services, scientific and technological innovation, cultural tourism, medical health, emergency management, meteorological services, urban governance, and green low-carbon development. It aims to promote the multiplier effect of data elements and unleash the value of data assets. The Action Plan focuses on enhancing the level of data supply, optimizing the data circulation environment, and strengthening data security guarantees, thereby bolstering support and protection in these three aspects.

8. NDPC and the National Data Bureau issued the Digital Economy Promotion of Common Prosperity Implementation Plan (23 December 2023)

The National Development and Reform Commission (“NDPC”) and the National Data Bureau issued the Digital Economy Promotion of Common Prosperity Implementation Plan, detailing China’s plans, and strategies for utilizing the digital economy to promote common prosperity. The plan aims to narrow the gap between regions, urban and rural areas, and different groups by promoting the deep integration of digital technology with the real economy, accelerating the efficient flow of production factors, optimizing resource sharing and social distribution mechanisms, and advancing the equalization of basic public services. Additionally, the plan covers strengthening the collaboration between the eastern and western parts of the digital economy, promoting digital transformation, and improving the level of remote medical and elderly care services, among other aspects.

9. MIIT and SAC issued the Guidelines for the Construction of the Data Security Standard System in the Industrial Field (2023 Edition) (19 December 2023)

The Ministry of Industry and Information Technology (“MIIT”) and the Standardization Administration of the People's Republic of China (“SAC”) issued the Guidelines for the Construction of the Data Security Standard System in the Industrial Field (2023 Edition). The Guidelines propose that by 2024, a preliminary industrial data security standard system will be established to effectively implement data security management requirements. By 2026, a more comprehensive industrial data security standard system is expected to be formed, fully implementing the requirements of relevant laws, regulations, and policy systems for data security. The technical level, application effect, and degree of internationalization of standards are expected to significantly improve. 

10. Ministry of Commerce indicated that it is pressing ahead with the issuance of Regulations to standardize and promote cross-border data flow (27 January)

Minister of Commerce stated that the competent authorities were actively working on the issuance of regulations to standardize and promote cross-border data flow.

11. China Cybersecurity Industry Alliance released the technical specifications Guidelines for the Protection of Personal Information and Rights of Children’s Smartwatches (31 December 2023)

The China Cybersecurity Industry Alliance released the technical specifications Guidelines for the Protection of Personal Information and Rights of Children’s Smartwatches. The Guidelines aim to assist manufacturers of children's smartwatches in understanding and implementing activities related to the protection of children's personal information and rights. They are designed to help manufacturers strengthen the mechanisms for protecting children’s personal information and rights during the development and operation of children’s smartwatches, thereby ensuring the maximum protection of children’s personal information and rights.

12. Beijing International Science and Technology Innovation Centre Construction Regulations were approved (25 January)

The Beijing International Science and Technology Innovation Centre Construction Regulations were approved by the vote at the second session of the 16th Beijing Municipal People’s Congress and will come into effect on 1 March 2024. According to Article 57 of the Construction Regulations, Beijing will strengthen the work of public data opening and sharing, improve the mechanism for the development and utilization of public data by multiple entities; enhance international cooperation in the digital field, and establish and improve mechanisms for the supervision and service of cross-border data transmission.

13. The Notice on the Implementation of the Guidelines for the Standard Contract for CrossBorder Flow of Personal Information in the Guangdong-Hong Kong-Macao Greater Bay Area (Mainland, Hong Kong) was released (4 January)

Cyberspace Administration of the Guangdong Provincial Office released a notice on the implementation of the Guidelines for the Standard Contract for Cross-Border Flow of Personal Information in the Guangdong-Hong Kong-Macao Greater Bay Area (Mainland, Hong Kong). The notice further clarifies the scope of application, filing methods, and filing procedures for the standard contract on the cross-border flow of personal information between Mainland China and Hong Kong within the Guangdong-Hong Kong-Macao Greater Bay Area.

14. Shanghai Pilot Free Trade Zone issued the Data Cross-Border Flow Classification and Graded Administrative Measures (Trial) for the Lin-gang Special Area (19 January)

The Lin-gang Special Area of the China (Shanghai) Pilot Free Trade Zone issued the Data Cross-Border Flow Classification and Graded Administrative Measures (Trial) for the Lin-gang Special Area, aimed at regulating the cross-border flow of data. It proposes to classify cross-border data according to enterprise needs, dividing data into three levels: core data, important data, and general data, with different flow restrictions set for different levels of data. The Administrative Committee of the New Area will establish a compliant data cross-border flow mechanism, provide supervision, management, and compliance services, and guide enterprises in conducting data exit risk assessments. 

15. Jiangsu Province issued the Jiangsu Province Data Intellectual Property Registration Administrative Measures (Trial) (22 January)

The Intellectual Property Administration of Jiangsu Province, the Jiangsu Higher People’s Court, the Jiangsu Provincial Development and Reform Commission, and the Department of Justice of Jiangsu Province jointly issued the Jiangsu Province Data Intellectual Property Registration Administrative Measures (Trial). The measures apply to data that has been lawfully obtained, processed through certain rules or algorithms, and possesses practical value and intellectual property characteristics, offering data intellectual property registration services for such data.

16. Jiangsu Province issued the Implementation Opinions on Advancing the Construction of Data Basic Systems and Better Leveraging the Role of Data Elements (18 January)

The Jiangsu Provincial Party Committee and the Provincial Government issued the Implementation Opinions on Advancing the Construction of Data Basic Systems and Better Leveraging the Role of Data Elements. The Implementation Opinions focus on key areas such as data property rights, circulation and transactions, revenue distribution, and security governance. The aim is to promote the resource utilization, elementisation, and marketisation of data, to rapidly unlock the value of data elements, and to drive the innovation and development of the digital economy. The goal is to establish a comprehensive data classification management system by 2030, build a unified and coordinated data operation management mechanism, construct an efficient and secure data market.

17. Guangdong Province issued the Strategic Action Plan for the Enhancement of the China (Guangdong) Pilot Free Trade Zone (19 January)

Guangdong Province issued the Strategic Action Plan for the Enhancement of the China (Guangdong) Pilot Free Trade Zone. The plan proposes to promote the safe and orderly flow of data across borders, supporting the construction of the Nansha (Guangdong-Hong Kong-Macao) Data Service Pilot Zone, international submarine cable landing stations, and regional international internet gateways. It aims to advance the development of comprehensive customs gateways in Qianhai, internet backbone direct connection points, the China-Singapore dedicated international internet data channel, and service areas for submarine cable landing stations. The plan also supports the development of Hengqin as an international data cooperation industry development cluster and initiates the pilot project for a dedicated cross-border research data network between the University of Macau and the Greater Bay Area.

18. Tianjin issued the Interim Measures for the Management of the Pilot Scheme for the Authorised Operation of Public Data in Tianjin (30 January)

The Measures aim to promote the high-quality development of the data element industry, clarify the working concept of "urban linkage", and encourage innovative exploration and application innovation. At the same time, it emphasises data security, and builds a strong data security bottom line through three dimensions: strict access control, strict data use standards and enhanced security supervision.

Enforcement Developments

19. Cyberspace Administration of China released the third batch of deep synthesis service algorithm filing information (5 January)

Article 19 of the Provisions on the Administration of Deep Synthesis of Internet Information Services stipulates that deep synthesis service providers with public opinion attributes or social mobilization capacity shall perform formalities for filing, modification, or cancellation of filing. Accordingly, the Cyberspace Administration of China (“CAC”) has released the third batch of domestic deep synthesis service algorithm filing information, including enterprises and algorithm as follows:

• Taobao: Taobao image stylized generation algorithm, Taobao dialogue generation algorithm
• Douyin: Volcano Engine Face Fusion Algorithm, Volcano Engine Text-to-Speech Algorithm
• China Telecom: China Telecom's digital human generative algorithm

20. CAC launched the "Clear Up- 2024 Spring Festival Network Environment Rectification" special action (29 January)

To create a peaceful online atmosphere for the Spring Festival, the CAC has decided to launch a one-month "Clean Up" campaign from February 2024. The special action will focus on the types of platforms and services commonly used by netizens during the Spring Festival, focusing on rectifying the following six issues: 

1. Issues of curiosity-hunting behaviours which violate public order and good morals;
2. Issues spreading online anger and inciting group antagonism;
3. Issues concocting false information and malicious marketing;
4. Issues increasing traffic through pornographic or gambling information and online fraud;
5. Issues advocating the problem of money worship and idolization without a bottom line;
6. Issues endangering the physical and psychological health of minors.

21. NAFR will continue to strengthen the supervision of cyber security and data security risks (25 January)

At a press conference, the spokesperson of the National Administration of Financial Regulation (“NAFR”) said they will enhance supervision and promote digital finance. They will guide financial institutions to improve service quality, efficiency, and risk management. Priorities include cyber and data security, improving daily monitoring and emergency response for cyber risks, protecting data and customer information, and managing technology outsourcing risks in the digital ecosystem.

22. MIIT notified the first batch of APPs (SDKs) that infringe on users' rights and interests this year (22 January)

MIIT cooperated with third-party testing agencies to inspect issues such as "random redirecting" and "can't be turned off" of pop-up windows that reported by users, as well as illegal collection and use of personal information. MIIT found and notified a total of 31 APPs and SDKs that infringed on users' rights and interests and ordered them to make rectifications in accordance with relevant regulations. The notified APPs (SDKs) include Xiudong, Xianyu, AutoNavi Map, etc. The issues involved include excessive or illegal collection of personal information, compulsory, frequent, or excessive requests for permissions, and failure to provide an exit indication for the window.

23. The Ministry of Housing and Urban-Rural Development notified the typical cases of infringement of citizens' personal information in the real estate agent industry (17 January)

The Ministry of Housing and Urban-Rural Development has notified five typical cases of violations of laws and regulations in the real estate agent industry that infringe on citizens' personal information, including real estate agents illegally selling the company's internal information, illegally purchasing the property owner's personal information from the outside, and privately retaining the property owner's information to conduct business. Meanwhile, the notice urges the housing and urban-rural development departments at all levels to strengthen the investigation and enforcement on violations that infringe on citizens' personal information and promote the steady and healthy market development.

24. MIIT announced the list of typical data security cases in the field of industry and information technology in 2023 (24 December 2023)

MIIT announced a batch of typical data security cases in the field of industry and information technology in 2023 and required the strengthening of publicity to improve the data security protection in the field of industry and information technology. The cases involve basic commonality of data security, monitoring and analysis, overall design and implementation, data classification, desensitization, encryption. Specifically, some cases relate to automotive data security protection.

25. China's first infringement case involving virtual digital persons upheld in second instance (6 January)

The defendant publishes videos through the Internet, uses the relevant video content released by the plaintiff, but replaces the relevant logos, and adds marketing information about their virtual digital human course. The Hangzhou Internet Court found that the image of the virtual digital person constituted a work of art, and the video involved in the lawsuit constituted an audio-visual work and a video product respectively, and the plaintiff enjoyed the relevant copyright and neighbouring rights, and then ruled that the defendant should eliminate the impact and compensate for economic losses of 120,000 yuan in the first instance. The original verdict was upheld in the second instance.

26. Judgement announced in China’s first case on the use of face recognition in public transportation (5 January)

The plaintiff filed a lawsuit because the railway department did not clearly inform or obtain consent when the plaintiff checked in with face verification at the self-service gate. Although the railway department collected passengers' facial information but did not store or transmit it, it is waived consent under law, but there were deficiencies in notification. The court ruled that the notification defect was not sufficient to constitute infringement alone and dismissed the plaintiff's claim. After the verdict was pronounced, the railway department further complied with the relevant notification obligations, updated the privacy policy through the 12306 website, set up reminder signs, provided manual channels and other methods to meet the people's right to know and choose.

27. NAFR issued the first batch of fines in 2024, institutions including Bank of China were punished for violations in the field of information systems (5 January)

The official website of NAFR has published its administrative penalty decisions against China CITIC Bank and Bank of China. According to the decision, the two banks were fined 4 million yuan and 4.3 million yuan respectively for cybersecurity-related reasons. Violations include incomplete identification of important information systems, failure to carry out security assessments in the field of network security, etc.

28. Beijing Forth Intermediate People's Court concluded a case between consumers and ecommerce platforms for leaking personal information (18 January)

The plaintiff, Liu, received a fraudulent call because his real name was leaked, and believed that the ecommerce platform was responsible. The e-commerce platform said it had taken protective measures and had no evidence that it had leaked information. The court of first instance found that the evidence was insufficient and rejected Liu's claim. After Liu's appeal, the court of second instance held that the e-commerce platform failed to prove that it was not at fault, so it presumed that it was at fault and should bear the liability for compensation and supported Liu's request for an apology from the e-commerce platform.

29. Beijing companies punished for failing to fulfil cybersecurity protection obligations (8 January)

This year, the cyber security department of the Beijing Municipal Public Security Bureau vigorously rectified the network order and punished several units that failed to fulfil their network security protection obligations. These units were given administrative penalties such as fines and warnings for failing to establish a data security management system and failing to take necessary security protection measures. These cases remind network operators of their obligation to protect their networks from interference, sabotage, or unauthorized access, and to prevent data leakage, theft, or tampering.

30. Sichuan and Chongqing Communications Administration jointly reported the first batch of apps that infringe on users' rights and interests in Sichuan and Chongqing this year (29 January)

The Sichuan and Chongqing Communications Administrations have inspected mobile Internet applications in mainstream app stores in Sichuan and Chongqing according to laws and regulations. Up to now, there are still 11 APPs that have not completed rectification, involving issues such as illegal collection of personal information, failure to specify personal information processing rules, and slow response to data subjects' requests. These APPs should be rectified before February 6, otherwise they will face legal liability.

31. Sichuan Communications Administration announced removal of the first batch of APPs infringing on users' rights and interests this year (29 January)

The Sichuan Communications Administration recently re-inspected the problematic APPs reported in the early stage, and 2 of them failed to complete the rectification within the specified time limit as required. In accordance with the requirements of laws and regulations, the Administration has decided to remove the above two problematic APPs from the shelves, considering their illegal collection of personal information and their application for unrelated permissions.

32. Guangdong High People's Court pronounced final judgment on the first case of illegally invoking the server API interface to obtain data for trading and resale (25 January)

The second-instance judgment of the unfair competition dispute case between W Company and J Company was publicly announced, and the original judgment was upheld: J Company illegally called the API interface of the Weibo server to obtain data and resell it, which was judged to constitute an act of unfair competition, and it was required to compensate W Company with 20 million yuan and litigation fees. 

33. Zhejiang Provincial Department of Public Security released the top 10 typical cybercrime cases (11 January)

Zhejiang Provincial Department of Public Security announced the results of the "Clean Network 2023" special action. Zhejiang have detected a total of 5,333 cases of online violations and crimes throughout the year and announced the "Top Ten Typical Cases". Among them, the police detected a case of stealing data and selling it to overseas wire fraud groups and seized more than 1.5 million pieces of citizens' personal information. In addition, the police also published other typical cases involving crimes such as illegal control of computer information systems, destruction of computer information systems, and infringement of citizens' personal information.

34. Top 10 typical cases of Internet Intellectual Property Rights in Hangzhou Internet Court were released (19 January)

The top 10 cases spotlight AI applications. They stress unified management of data, domains, and platforms, and balance the interests of rights holders with new business model development. They use new technologies and business forms to find new ways for digital copyright protection.

35. Chongqing passed the first batch of the filing of the standard contracts for the cross-border transfer of personal information of enterprises (13 January)

Two companies in Chongqing successfully passed the filing and review of the standard contract for the crossborder transfer of personal information by the Chongqing Internet Information Office, becoming the first batch of enterprises in the city to achieve compliant personal information cross-border transfer. This move has set a model for the industry's compliance with cross-border transfer of personal information in the fields of intelligent manufacturing and logistics.

Industry Developments

36. The China Academy of Information and Communications Technology released the Latest Development Trend of Global Digital Platform Governance (Year 2023) (17 January)

From the perspective of competition law, the report summarizes and analyses the latest trends in digital platform governance in the United States, the European Union, the United Kingdom, and China based on summarizing the new characteristics of digital platform competition in the intelligent era, and looks forward to the future institutional development, philosophy, and priorities of global digital platform governance.

37. Cyberspace Administration Directors National Meeting held in Beijing (4 January)

The national meeting of directors of the cyberspace administration at all levels was held in Beijing, which reviewed the work in 2023, planned the work in 2024, and emphasized the new achievements in building a cyber power to serve the construction of a modern country and national rejuvenation. The meeting called on the national network information system to implement the central deployment, improve the efficiency of network governance, and actively carry out international exchanges and cooperation.

38. More than 10 provincial or municipal-level data bureaus have been listed, including Sichuan, Henan, Tianjin, Shanghai, Guangdong, Hubei, Yunnan, Qinghai, etc

The establishment of the National Data Bureau in October last year signalled a further acceleration of the development of China's data element market. Less than a month into this year, more than a dozen provincial and municipal data bureaus were established. As of 31 January, Jiangsu Province, Sichuan Province, Shanghai Municipality, Tianjin Municipality, Yunnan Province, Qinghai Province, Hebei Province, Guangdong Province, Liaoning Province, Shanxi Province, and other provinces have already established their data bureaus successively.

39. Beijing takes the lead in secure and convenient cross-border transfer of data (9 January)

Up to now, 117 enterprises and institutions in Beijing have formally submitted the declarations of the security assessment of cross-border data transfer, including well-known domestic and foreign enterprises such as Xiaomi, Lenovo, Jingdong, BMW and Apple. Among them, the applications of 45 units such as Audi Automotive have been accepted by CAC; 39 units such as Schneider Electric have been approved to pass the security assessment. In addition, the Daxing Airport Airside Zone is compiling the administrative measures for facilitating data cross-border transfer in the Daxing FTZ and the relevant data list.

40. Beijing Chaoyang District launched the data element eco-partnership programme (23 January)

Chaoyang District continues to promote the development of the Beijing International Big Data Exchange (“BIBSE”), which provides a foundation for compliant, secure and efficient data trading. BIBSE is an important part of Beijing's digital economy, aiming to build a leading data trading facility and an international data crossborder trading hub. In the future, Chaoyang District will co-operate with partners around the whole data industry to enhance data circulation, trading and cross-border service capabilities, promote the integration of data elements with multiple fields, and create an international data element industry cluster.

41. Tianjin concluded the first data product transaction in response to EU "carbon tariff" (10 January)

China’s first transaction of data products in response to the EU "carbon tariff" was completed in Tianjin, which was achieved through the cooperation between the Northern Big Data Trading Centre and Tianjin Emission Rights Exchange, and the data transaction between enterprises upstream and downstream of the industrial chain was thereafter realised. The success of this transaction provides a new model to deal with the EU carbon border adjustment mechanism, promotes the compliant and efficient circulation and use of data, reduces the cost of circulation of carbon emission data elements, and solves the problem of "difficult to obtain data" for downstream enterprises. The North Big Data Trading Centre and Tianjin Emission Rights Exchange have signed a strategic cooperation agreement to provide data support for the industry to reduce carbon emissions and increase efficiency.

42. Jinan released the first local data resources survey report in China (25 January)

The Jinan Data Resources Survey Report (2023) was recently released as the first local data resources survey report in China. The report is based on a comprehensive survey of data resources in Jinan and aims to promote the cultivation of the data element market and industrial development, release the value of data, and help the construction of digital Jinan. The report shows that Jinan has a large scale of data production, a high percentage of stock, a large Internet export traffic, and a high growth rate of 5G users and 5G traffic, reflecting the significant results achieved in the development of the big data industry in Jinan.

43. Hainan issued the China’s first certificate of ownership registration for data products (29 December 2023)

Hainan Provincial Data Product Supermarket issued China’s first certificate of ownership registration of data products to Digital Hainan Ltd.'s "Smart Community Owners Certification" data product. Hainan has carried out systematic innovation in the registration of data products, aiming to promote the capitalisation of data resources.