Data Confidentiality Era: Development and Security – Highlights from Wei Tao’s 2022 Big Data Summit Speech

On June 28, 2022, the China Information and Communication Research Institute and the China Communications Standards Association co‑hosted the 2022 Big Data Industry Summit in Beijing, gathering experts to discuss current trends and challenges in the big data sector.

During the main forum, Wei Tao, Vice President and Chief Technology Security Officer of Ant Group, delivered a keynote titled “Data Confidentiality Era: Development and Security,” stressing that the circulation of data elements is entering a new confidential era where cross‑technology privacy‑computing security grading will be crucial for practical deployment.

China’s recent policies have elevated data to the status of the fifth production factor, prompting legal frameworks such as the Cybersecurity Law, Data Security Law, and Personal Information Protection Law to form a comprehensive security regime. However, data’s ease of replication creates five major challenges: rights confirmation, regulation, trust, pricing, and market entry.

Secure data circulation therefore requires rigorous security assessment beyond simple anonymization or encryption. The industry is moving toward abandoning plaintext data flow in favor of confidential data handling.

In the confidential data era, cross‑entity data must flow in a secure, controllable state, meeting industry demands for applicability, reliability (targeting 99.99% uptime), and cost efficiency (no more than an order of magnitude higher than plaintext processing). Privacy computing is identified as a key enabling technology, with two definitions: the broader “Privacy Computing” theory covering the full lifecycle of privacy protection, and the more specific “Privacy‑Preserving Computation” that enables analysis without exposing raw data.

To standardize security assessment, a five‑level security grading framework is proposed, analogous to pandemic control measures: baseline protection, audit‑traceability, breadth protection, deep inspection, and security proof. Each level defines specific technical and operational requirements for privacy‑computing systems.

The framework also introduces five evaluation dimensions—processing performance, service reliability, applicability, cost‑effectiveness, and security level—to guide the selection of appropriate privacy‑computing solutions for various scenarios.

Looking ahead, multiple privacy‑computing techniques such as multi‑party computation, federated learning, trusted execution environments, and trusted confidential computing will coexist to meet diverse data‑confidentiality needs across industries.

The article concludes that achieving secure data circulation in the confidential era requires industry‑wide collaboration, standardized security grading, and continuous innovation to balance digital development with robust data protection.