A profound redefinition of data is underway in China, establishing a state-driven model that fundamentally diverges from Western paradigms by treating information not primarily as a matter of personal privacy but as a strategic national resource. This ambitious initiative positions data as a core “production factor,” equivalent in economic importance to land, labor, and capital, setting the stage for an entirely new data economy with its own distinct logic, infrastructure, and regulations. For global enterprises and artificial intelligence developers, navigating this emerging landscape is no longer a choice but an operational imperative, demanding a deep understanding of a system that shapes everything from compliance obligations to the technical architecture required to access one of the world’s most valuable and expansive data pools. This national project represents a coherent and formidable alternative to global norms, constructed with remarkable speed and strategic intent to unlock economic value on an unprecedented scale.
The State as Chief Architect of a New Data Economy
At the core of China’s data strategy lies the conviction that free-market mechanisms have been insufficient to unlock the immense value trapped within isolated data silos across government agencies, state-owned enterprises, and private technology giants. The government diagnosed this fragmentation as a critical impediment to national economic progress and has consequently positioned itself as the central coordinator and architect of what it terms a “socialist market economy with Chinese characteristics” for data. This top-down approach deliberately prioritizes the allocation and utilization of data to maximize national economic benefits, a philosophy that stands in contrast to the individual-centric control common in the West. This overarching principle drives a series of distinctive policies, including mandatory data localization for certain categories and stringent, government-led security assessments for cross-border data transfers, all designed to break down barriers and orchestrate the flow of data toward its most productive uses for the nation.
The foundational policy for this new economy is the “Twenty Provisions on Data,” a landmark framework that ingeniously sidesteps the philosophically complex and legally contentious issue of data “ownership.” Recognizing that data is non-rivalrous and can be infinitely replicated, the policy introduces a revolutionary principle of “structural separation” of property rights. Instead of assigning singular ownership, it unbundles rights into three distinct and tradable categories: the right to hold data, the right to process data, and the right to operate or derive value from data products. This pragmatic solution is designed to facilitate market transactions and promote data circulation by allowing different entities to hold different rights simultaneously. This encourages collaboration and the creation of value-added data products without requiring the transfer of the sensitive raw data itself, thereby resolving a key friction point that has historically hindered data sharing and market development.
Forging a Financial and Technical Infrastructure
Complementing this legal innovation is a groundbreaking financial one that solidifies data’s role as a tangible economic asset. In a global first, China’s Ministry of Finance issued national accounting regulations for data assets, which became effective at the start of 2024. This directive allows enterprises to formally recognize and record eligible data resources on their balance sheets, classifying them either as inventory if intended for sale or as intangible assets if used internally to provide services. This formal accounting treatment marks a critical step toward the full financialization of data, transforming an abstract resource into a bankable asset that can be valued, leveraged for financing, and traded on emerging marketplaces. Overseeing this entire ecosystem is the National Data Administration, a central body established to coordinate data development and circulation. It works in tandem with the Cyberspace Administration of China (CAC), which retains control over data security, creating a division of labor that explicitly manages the inherent tension between promoting open data flows for economic growth and maintaining strict control for national security.
To operationalize its ambitious policy goals, China is constructing a sophisticated, three-layered technical infrastructure guided by the principle that data’s value can be utilized without ever exposing the underlying raw records—a concept summarized as making data “available but invisible.” The first layer of this infrastructure consists of state-supported data exchanges, which act as regulated marketplaces and critical intermediary platforms. Prominent examples, such as the Shanghai Data Exchange and the Beijing International Big Data Exchange, are more than just transaction platforms; they are integrated compliance hubs. These exchanges are responsible for registering data products, verifying metadata and usage rights, implementing the “separation of three rights,” and embedding third-party security and compliance checks directly into the transaction process, ensuring that data circulation occurs within a controlled and supervised environment.
Enabling Secure Data Flow and AI Development
The second and third layers of China’s technical infrastructure provide the advanced capabilities necessary for secure data collaboration. The enabling layer is composed of powerful Privacy-Preserving Computing (PPC) platforms. The nation has actively fostered the development of industrial-grade, open-source PPC technologies, with leading examples like WeBank’s FATE and Ant Group’s SecretFlow providing a robust suite of tools. These include federated learning, which allows multiple parties to collaboratively train AI models on their respective datasets without sharing raw data, and secure multi-party computation, which enables joint calculations on private inputs. The most advanced layer is the creation of trusted data spaces, envisioned as the core production infrastructure for secure data flow. These are regulated environments embedded with digital contracts that feature automatic compliance execution, real-time monitoring, and complete, blockchain-based audit trails for ultimate traceability. The National Data Administration’s goal to establish over 100 such spaces by 2028 signals a massive national investment in this secure and controlled method of data sharing.
This entire data infrastructure is deeply intertwined with China’s ambitions in artificial intelligence, serving both to fuel and to govern its development. The state is actively involved in sourcing and curating high-quality training data for large language models through national initiatives like the Beijing International Big Data Exchange’s “AI Alchemy Project,” which targets strategic sectors like finance and manufacturing. Concurrently, the AI compliance landscape is governed by the world’s first national regulation for generative AI, which mandates that training data be legally sourced and respect intellectual property rights. A suite of binding national standards, set to take effect in November, will codify detailed requirements for data pre-training, service security, and data annotation. PPC technologies serve as the crucial bridge, allowing AI development to proceed in a compliant manner. For instance, federated learning enables hospitals to build powerful medical AI models without sharing sensitive patient records, demonstrating a pathway to innovation that respects data security mandates.
A Divergent Path and Its Global Implications
The fundamental divergence between China’s approach and the Western model, exemplified by the European Union’s GDPR, lies at an ideological level. The EU’s framework is fundamentally rights-based and human-centric, viewing data privacy as an extension of individual autonomy and designing regulations to protect citizens from the overreach of both corporate and state power. In this model, personal data belongs to the individual, and mechanisms like consent and purpose limitation are designed to uphold that control. In stark contrast, China’s model is driven by industrial policy and is state-centric. It conceives of data as a strategic national resource whose economic potential must be unlocked through state intervention. The primary role of government is therefore not protection but allocation—guiding data flows to generate maximum economic value for the nation. This explains why multinational companies in China often face a “dual-stack” reality, requiring them to maintain a separate, localized IT architecture to comply with a web of laws built on this different set of assumptions.
For any company developing or deploying AI in China, this unique ecosystem imposed specific and non-negotiable technical and operational requirements. A robust data traceability system became mandatory, capable of recording the provenance of all training data, maintaining consent records, and identifying “important data” that required government approval for cross-border transfer. A comprehensive content security infrastructure also proved essential, including tools for filtering prohibited content and complying with the CAC’s algorithm filing system. Ultimately, building privacy-preserving data pipelines using technologies like federated learning became more than a compliance measure; it represented a key competitive advantage. This approach provided the only legitimate pathway to access the vast and valuable sensitive data resources held within China, and mastering it was the price of admission to one of the world’s most dynamic and regulated digital economies.
