Author: Cheng Yong Title image source: Pexels

Reading /;

The adoption of the Data Security Law marks that the state encourages the lawful use of data, ensures the lawful and orderly circulation of data, clarifies the implementation of the big data strategy, and promotes the development of digital economy with data as a key factor of production. The Data Security Law emphasizes the balance between data security and development and utilization, and pays equal attention to ensuring data security and promoting data development and utilization. It not only standardizes data security supervision and governance, but also brings new development opportunities to multi-party data collaborative application.

In this situation, effective technology and business model innovation is urgently needed to achieve the compliance of multi-party data collaborative application, to achieve the balance of data security and data development and utilization. ** Privacy computing will become a key technology fulcrum to balance data security and application development. ** This paper mainly discusses the development trend of multi-party data collaborative application and privacy computing under the framework of data Security Law.

1. The Data Security Law advocates a balance between data security and development and utilization

On June 10, 2021, the 29th session of the Standing Committee of the 13th National People’s Congress voted to pass the Data Security Law of the People’s Republic of China (referred to as the Data Security Law), which will come into force on September 1, 2021. The full text of the Data Security Law consists of seven chapters and fifty-five articles, which stipulate the obligations and corresponding legal liabilities of data security protection from the perspectives of data security and development, data security system, data security protection obligations, and government data security and openness [1-15]. Its key provisions mainly involve data security systems at the national and local government levels, encouraging reasonable and effective use of data in accordance with the law, data security obligations at the data processor level, and penalties for violations. The balance between data security and development is one of the most important features of the Data Security Law. It is also a notable feature of the Data Security Law to make provisions for the security and open use of government data in a separate chapter (chapter 5).

The Data Security Law is a major milestone in the national data security legislation after the network Security Law of the People’s Republic of China (referred to as the Network Security Law) put forward the concept of data and data security which was implemented on June 1, 2017 [16, 17]. The Data Security Law, the Cyber Security Law and the Personal Information Protection Law of the People’s Republic of China (personal Information Protection Law (draft)) under legislation form the legal framework in the field of information and data security in China. The Data Security Law is not a law specifically for the protection of users’ personal privacy information. The law most relevant to the protection of personal privacy is the Personal Information Protection Law which is being formulated. On April 29, 2021, Chinanews.com published the Personal Information Protection Law (second review draft). At present, the Personal Information Protection Law (Second draft) has completed the consultation process on May 28, and is expected to pass the vote and be implemented within this year.

Figure 1. The full text of Data Security Law consists of seven chapters and fifty-five [3]

In the era of digital economy, data has become a key factor of production and an important strategic resource, exerting a significant impact on economic and social development, and the importance of data has been further highlighted. On the one hand, the development of digital economy is based on the development and application of big data. On the other hand, data security and privacy protection are increasingly concerned. Data security law of effective supervision and management to achieve the data, there are laws to fill the gaps in the data security protection legislation, perfect the law of network space and the data security management system, the * * also encourages the data in accordance with the reasonable and effective use of at the same time, encourage through technology and business innovation to achieve the balance of the data security and application development. Readers can refer to references [3-15] for key points of interpretation and interpretation of the Data Security Law. This paper mainly discusses the development trend of multi-party data collaborative application and privacy computing under the framework of Data Security Law from the perspective of data security and development balance. We can see that :(1) the data security law advocates the balance between data security and development and utilization; (2) Privacy computing will become a key technology solution to balance data security and utilization; (3) Multi-party data collaborative application will usher in more development opportunities. ** Here, data collaborative application refers to multi-party joint modeling and joint data analysis through privacy computing without sharing plaintext data, which is often referred to as “data available (considered) invisible”.

2. Multi-party data collaborative application under the Data Security Law will usher in more development opportunities

“Data Security Law” will benefit the development of multi-party data collaborative application, encourage safe multi-party data cooperation through technology and business model innovation, and achieve the goal of balancing data security and application development. For example, article 14 of Chapter 2 of the Data Security Law stipulates: “The state implements the big data strategy, promotes the construction of data infrastructure, and encourages and supports the innovative application of data in various industries and fields. People’s governments at or above the provincial level should incorporate digital economy development into their national economic and social development plans and formulate digital economy development plans as needed.” Therefore, the introduction of the Data Security Law will further promote the development of digital economy, promote more data application mode innovation, and promote the development of multi-party data collaborative application. While ensuring data security, multi-party data cooperation based on private computing will become the main cross-agency data cooperation mode.

2.1 Achieve a balance between data security and collaborative application development through technology and business model innovation

The Data Security Law does not only emphasize data security and governance, but advocates equal emphasis on data security and application development, and adheres to the principle of equal emphasis on data security and promotion of data development and utilization [14]. The Data Security Law fully clarifies the need to balance data security and application development, emphasizes improving data security governance and data development and utilization, and promotes the development of digital economy with data as the key element. , for example, in addition to the above mentioned data safety “chapter 2 of article 14, the data safety” article 7 of the first chapter is clear: “the state protects the rights and interests of individuals and organizations related to data, encourages the data in accordance with the reasonable and effective use, safeguard data orderly flow freely in accordance with the law, promote the digital economy development of the key elements for data.” Here again, we emphasize the importance of protecting data security and encouraging legitimate data applications. Under the framework of the Data Security Law, balancing the development of data security and big data industry is an effective way to conform to the national big data strategy and promote the development of digital economy.

In addition, the Second chapter of the Data Security Law also makes it clear: “The state plans development and security, insists on promoting data security by data development and utilization and industrial development, and ensures data development and utilization and industrial development by data security.” Here, the relationship between “data security” and “data utilization” is further emphasized: reasonable and effective data utilization can promote data security and governance, and data security can guarantee the healthy development of data application industry. Therefore, the Data Security Law focuses on “balancing data security and application development”, encourages innovation of data security technology and application business model, and promotes data security and governance through data application.

FIG. 2 The Data Security Law advocates a balance between data security and development and utilization. Privacy computing can be used as a technical fulcrum to achieve a balance between data protection and development and utilization

In the era of digital economy, data security and exploitation capability have become an important part of the national production capability matrix. The key elements of data and the role of innovation engine can accelerate the formation of a digital economy mainly led and supported by business model innovation, and better serve economic and social development. As a new factor of production, the analysis of big data can also boost scientific and technological innovation, judge business trends, realize precision marketing and reform education model, etc. [13]. Big data continues to drive technological breakthroughs, innovate business models, foster new industrial ecosystems and improve economic efficiency. With the rapid development of data technology, the under-development of big data industry will become the biggest insecurity of digital economy and society [13].

How to strike a balance between data security and encouraging data development and utilization, and realize the balanced governance of data security and development in the process of data value release, is a subject widely concerned at present. Achieving the balance between data security and development requires the innovation of data security technology and big data application business model, and the industry generally agrees that privacy computing will become the key technology to balance data security and application development [10, 19]. As a new technology, privacy computing can carry out multi-party data joint calculation without sharing plaintext data, and realize the collaborative application of data across institutions, which will become a key technical fulcrum for the balance between data protection and data application [10]. Under the premise of data compliance requirements, private computing enables enterprises to fully mobilize the enthusiasm of data resource owners and users, realize multi-party data collaborative application, release the value of data resources of third-party institutions, and promote the marketization of data elements. Under the framework of the Data Security Law, private computing becomes more valuable.

2.2 Implementation of data classification and hierarchical protection will bring more opportunities for data development and utilization

** The Data Security Law encourages the implementation of classified and tiered data protection, which will bring more opportunities for data application and make more data available for exploitation and utilization. ** For example, article 21 of Chapter III of the Data Security Law provides that: “Nation establishes a system of data classification grading protection, according to the data in an important degree in economic and social development, and once from alteration or damage, leaks or illegally obtained, illegal use, to national security, public interests and individual, the organization degree of the damage the legitimate rights and interests, implements classified classification for data protection. The national data security coordination mechanism coordinates and coordinates relevant departments to formulate important data catalogues and strengthen the protection of important data. Data related to national security, the lifeblood of the national economy, important people’s livelihood, and major public interests are core data of the state and subject to stricter management. All regions and departments shall, in accordance with the data classification and hierarchical protection system, determine specific catalogues of important data of their own regions, departments and related industries and fields, and give priority protection to the data included in the catalogues.”

Therefore, the Data Security Law stipulates the classification and hierarchical management of data for the purpose of national security. On the basis of distinguishing important data from non-important data, it strengthens the key regulation of national core data, and clarifies the security and openness system of government data in a special chapter (i.e. Chapter 5). The Data Security Law is equipped with a regulatory system centered on important data, which fully embodies the hierarchical and classified management and protection principles of data governance in China [14, 15].

Figure 3 example of data classification: Data, personal information, important data [15]

The data safety “is not on how to classify data classified and graded protection provide detailed guidance, but for the local government and industry regulators grading protection system based on data classification, determine the region, the department and related industries, important data in the field of specific directory, to focus on the protection of the data listed in the catalog. Moreover, the Data Security Law does not define “important data” clearly. Refer to the definition of “important data” in the Data Security Management Measures (Draft for Comments) : “Refers to data that, once disclosed, may directly affect national security, economic security, social stability, public health and safety, such as unpublicized government information, large population, genetic health, geography, mineral resources, etc.” It is worth noting that, according to the Data Security Management Measures (Draft), “important data” generally does not include enterprise production and operation, internal management information, personal information, etc. [15].

According to the full text of the Data Security Law and the Personal Information Protection Law under development, from the perspective of data security supervision, data may be classified into the following three categories in the future [15] : data (any electronic or non-electronic record of information), personal information and important data. For these three types of data, “network security Law”, “Data Security Law”, “Personal Information Protection Law (draft)” respectively put forward supporting security protection requirements.

** Hierarchical governance of data classification will bring more data application opportunities. Under the framework of “Data Security Law”, different classified data can be developed and used more flexibly. ** For different application scenarios, such as finance, government, medical, advertising, education, etc., different data protection mechanisms can be adopted to provide different levels of security protection, so that multi-party data can be used through different technical means to achieve collaborative application, can serve more business scenarios. In this context, the product of privacy computing platform should contain various privacy inclusion mechanisms, and provide optional privacy protection schemes according to specific classification and classification data protection scenarios, so as to be applicable to more practical application scenarios.

The Data Security Law has further improved the institutional norms for facilitating cross-border data flows. In the era of economic and technological globalization, cross-border data flow will become more and more frequent, supporting international cooperation in the field of data and promoting cross-border data flow [11]. For example, Article 11 of Chapter 1 of the Data Security Law stipulates: “The state actively carries out international exchanges and cooperation in data security governance, data development and utilization, participates in the formulation of international rules and standards related to data security, and promotes the safe and free flow of data across borders.” Under the framework of the Data Security Law, cross-border data flows should balance “security” and “development”, carry out classified and tiered protection for cross-border data, adhere to the bottom line of security in accordance with the requirements of the law, and continuously promote data flows to effectively release data value. Data export control helps balance data sovereignty and cross-border data flow, and puts equal emphasis on security and development [11]. Cross-border data collaborative application will bring huge market value of data application.

2.3 Open application of government data will effectively promote the development of data business in related industries

** The Data Security Law encourages the development and application of government data and will promote the collaborative application and development of government and enterprise data. As a kind of highly effective data, government affairs data has rich application scenarios in finance, government affairs, medical care, education and other fields. The rapid development of government, especially fintech, provides a broad space for the application of government data in the financial field [20]. Government data has become an important resource to promote the government to make scientific decisions, implement accurate policies and improve the efficiency of public management. On the premise of ensuring data security, the Data Security Law, in the form of a special chapter (i.e. Chapter 5), defines the basic concept that government data should be open in principle and not open in exception. For example, Article 42 of Chapter 5 of the Data Security Law stipulates: “The state establishes the catalogue of government affairs data opening, constructs a unified, standardized, interconnected, secure and controllable government affairs data opening platform, and promotes the open utilization of government affairs data.”

In terms of the interconnection of government data, the data Security Law requires the establishment of a government data opening platform at the national level for the widespread practice of “unwilling to open, dare not open, will not open” and other problems. And in the form of open directory of government data, the fragmentation of data resources in the field of government data, unbalanced development of government affairs, lack of mutual trust in government cooperation and other problems should be addressed. ** Under the framework of data Security Law, government data opening will bring new data application opportunities. * * privacy by computing technology, such as the federal study, secure multi-party computation, can joint government, enterprise, bank and so on various data calculation of joint implementation in the data without sharing joint joint modeling and data analysis, on the premise of protecting users’ privacy and data security release data fusion application value, create a new business model data applications.

FIG. 4 Data collaborative application among government affairs, enterprises and banks forms a closed loop of data collaborative application

The Data Security Law encourages the exploration of new application modes of government data through technological and business innovation. For example, it establishes classification and hierarchical sharing norms and systems, strikes a balance between convenience, security and privacy, protects the data that should be protected, and operates the data that should be open. Blockchain technology can be used to clearly define the ownership, management and use rights of data, so that all parties on the chain can exchange data based on algorithmic trust. It can make full use of federated learning, secure multi-party computing and other technologies, so that all parties can conduct joint modeling and collaborative training without sharing original data, which not only gives full play to the value of underlying data, but also avoids direct data sharing, so as to effectively solve the security and trust problems in cross-department data cooperation.

3. Under the Data Security Law, privacy computing will become a key technology solution to balance data security and development

** Under the framework of the Data Security Act, private computing will rapidly develop into a technological fulm for balancing data security and application development, playing a key role in the future of data governance and data collaboration between enterprises and organizations, as well as emerging digital industries such as artificial intelligence and new infrastructure. ** Supporting community standards, industry standards and even national standards for privacy computing will be gradually improved. Authoritative evaluation and certification of privacy computing platform products (including security, basic functions, performance and other aspects of evaluation) will gradually become standardized and mature, and further promote the large-scale commercial use of privacy computing.

3.1 Privacy computing will become the key technology fulcrum to balance data security and development and utilization

** The Data Security Law requires that relevant technical and other necessary measures be taken to safeguard data security and encourages technological innovation to achieve a balance between data security and development. ** For example, the “Data Security Law” chapter ii article 16 provides that “the state supports data development and utilization and data security technology research, encourages data development and utilization and data security and other fields of technology promotion and commercial innovation, cultivating and developing data development and utilization and data security products, industrial system. In this context, privacy computing will become a key technology fulcrum to balance data security and application development.

Private computing is a technology and system that is jointly calculated by two or more participants. Participants conduct joint machine learning and joint analysis of their data through collaboration without disclosing their own data [10, 19]. The participants of privacy computing can be different departments of the same organization or different organizations. In the framework of privacy computing, the data of participants are not in plaintext locally, and the cross-domain cooperation of multi-source data is realized while protecting data security, which can solve the problem of data protection and fusion application [19]. Common approaches to realize privacy computing include federated learning, secure multi-party computing, and trusted computing. In addition, blockchain is also an important complement to private computing, which can ensure that computing processes and data are trusted and enable a wider range of data collaborative applications.

Driven by the development of artificial intelligence and big data applications, federated learning is the main promotion and application method in the field of privacy computing, and it is the most mature technology path in the field of privacy computing. In artificial intelligence, big data, application of new technology cycle computing platform for Internet privacy and enterprises put forward higher data management requirements, is really want to do with the user as the center, don’t have to depend on the enterprise itself or a third party security, the data server to control the company let users really take control of your own data ownership, Data security and privacy requirements [20].

Figure 5 Privacy Computing Architecture [19]

Due to the advantages of protecting data security and breaking data islands, there are more and more excellent landing scenarios and cases of private computing. With the continuous improvement of data security and governance system, private computing will maximize the value of data and become a necessary infrastructure for data circulation and sharing. In the digital economy era where data is more and more valuable and data security is more and more important, privacy computing will become the most important technical solution between user data security protection and enterprise data value. ** In the future, privacy computing will be widely applied in finance, government affairs, medical care, advertising, education and many other data application fields. It will not only solve the problem of data privacy protection, but also help alleviate the problem of data island in the industry, and provide a compliant solution for multi-party data collaborative application. In the field of privacy computing, the legal positioning of data security, the analysis and application of intra-enterprise and inter-enterprise data, and the global cross-border data transaction flow are still facing unprecedented challenges.

3.2 Promote and standardize the development and large-scale commercial use of privacy computing through industry standards

** The Data Security Law will facilitate the standardization of privacy computing. ** Currently, there are many private computing enterprises in China, and each of them has launched its own private computing platform products, without forming unified technical standards and specifications. Article 17 of Chapter ii of the Data Security Law stipulates: “The State promotes the construction of data development and utilization technology and data security standard system. The administrative department for standardization under The State Council and the relevant departments under The State Council shall, according to their respective functions and responsibilities, organize the formulation and timely revision of standards related to data development and utilization technologies, products and data security. The state supports the participation of enterprises, social organizations, educational and research institutions in the formulation of standards.” Therefore, under the framework of “Data Security Law”, privacy computing technology standards will be increasingly perfect, and through unified standards to promote and standardize the development and large-scale commercial use of privacy computing technology.

Figure 6 Technical Specification for Multi-Party Secure Computing Finance Application (JR/T 0196 — 2020) by the People’s Bank of China [21]

For example, on November 24, 2020, the People’s Bank of China officially issued the Technical Specification for Multi-Party Secure Computing Financial Application (JR/T 0196-2020, referred to as the Specification), a standard for the financial industry. The Code stipulates the basic requirements, security requirements and performance requirements for the financial application of multi-party secure computing technologies, which are applicable to the product design, software development and technology application of financial institutions. The release of the Specification helps to promote data cooperation and collaborative application among multiple entities without disclosing original data and ensuring information security.

China Academy of Information and Communications Technology (CIICT) has jointly formulated and revised the privacy computing standards with leading enterprises in the industry, hoping to promote the development and compliance application of privacy computing technology and lay a solid technical foundation for data compliance circulation. Ciit Cloud Institute and Privacy Computing Alliance have long focused on the field of privacy computing. Relying on the standardization of Chinese communication association (TC601) big data technology standards committee established the data flow were calculated based on multilateral security products – technical requirements and test methods, the flow of data based on the learning products, technical requirements and test methods, the data computing platform based on the trusted execution environment – technical requirements and test methods “, “block chain auxiliary 4 functional standards of “Technical Requirements and Testing Methods for Private Computing Technology Tools”, and 2 performance standards of “Performance Requirements and Testing Methods for Multi-Party Secure Computing Products” and “Performance Requirements and Testing Methods for Private Computing – Federated Learning Products” [22, 23]. In addition, privacy computing platform product security standards and connectivity standards are also under development.

Beijing Fintech Industry Alliance is also actively cooperating with financial institutions, fintech enterprises and Internet companies to formulate technical standards related to privacy computing. For example, The standards under development include “Federal Learning Technology and Finance Application Specification – Technical Architecture”, “Federal Learning Technology and Finance Application Specification – Interconnection Agreement”, “Multi-party Secure Computing and Finance Application Status and Implementation Guidelines”, etc.

3.3 Enhance the security and performance of privacy computing platform through industry authoritative evaluation

** The Data Security Law will promote the development of evaluation systems for products of privacy computing platforms. ** In the face of numerous privacy computing platform products, there is no unified and authoritative security and performance evaluation certification in the current industry. Especially for security evaluation, there is no authoritative definition and testing method according to security boundaries. Article 18 of Chapter 2 of the Data Security Law stipulates: “The State promotes the development of services such as data security testing, evaluation and certification, and supports professional institutions such as data security testing, evaluation and certification to carry out service activities according to law. The state supports cooperation among relevant departments, industry organizations, enterprises, educational and scientific research institutions and relevant professional institutions in data security risk assessment, prevention and disposal.” Under the framework of “Data Security Law”, it will become an important development trend to improve the authoritative evaluation and certification of the security and performance of privacy computing platform products. At present, there are mainly two private computing product evaluation institutions in China.

Established with the approval of the People’s Bank of China, National Fintech Testing Center (Bankcard Testing Center) is an authoritative testing institution in China’s financial industry, responsible for the important technical support work of universal bankcard network, chip-based migration and fintech innovation. The National Fintech Assessment Center has launched the multi-party security computing application technology assessment in the financial industry. The assessment indicators include dozens of indicators in the four fields of basic characteristics, computing power, computing performance and product security.

“Big Data Product Capability Evaluation” is the first authoritative evaluation system for big data products in China. As the lead unit, China Information and Communication Institute (CIICT) works closely with academia, industry and field users to jointly formulate evaluation standards. The panel is composed of experts from the Information and Communication Institute, Tsinghua University, Chinese Academy of Sciences, Beijing University of Posts and Telecommunications, INDUSTRIAL and Commercial Bank of China, Everbright Bank, China Mobile, Unicom and other units. “Big Data Product Capability Evaluation” of China Academy of Information and Communication Technology has become an authoritative third-party evaluation brand in the field of big data, and a vane for supply-side product r&d and demand-side procurement selection. Angel PowerFL privacy computing platform developed by Tencent has passed the privacy computing product evaluation and certification of China Academy of Information and Communication Technology.

The Angel PowerFL platform adopts a decentralized architecture to effectively avoid single point of security risks. The 3072-bit high-strength homomorphic encryption computing is far superior to the 2048-bit encryption level requirements of financial regulation, providing stronger security. At the same time, due to the underlying use of asynchronous concurrency mechanism, while the encryption operation of the instruction level optimization, PowerFL achieved 5 times higher performance than the industry, the platform uses a distributed architecture, supporting hundreds of billions of scale of computing. In addition, the PowerFL platform supports federated data modeling and federated data analysis capabilities, providing end-to-end full-scenario privacy computing capabilities and one-click cloud native deployment capabilities, making it more agile and easy to use. PowerFL framework has completed product integration between CSIG AEGIS and Lingkun Yun to provide external privacy computing platform products and services.

FIG. 7 Tencent Angel PowerFL platform through the function evaluation of privacy computing products of ICT

FIG. 8 Tencent Angel PowerFL platform passed the performance evaluation of privacy computing products of ICT

The federal learning technology security assessment of “Zhuoxin Big Data Program” of China Academy of Information and Communication has also attracted the attention of all parties in the industry, and relevant enterprises have actively responded and participated in it. The “Zhuoxin Big Data” plan and “Federal Learning Security Assessment Special project” of China Academy of Information and Communication Technology take federal learning products or solutions as the evaluation objects, help enterprises find security problems and improve the security protection level in the application of federal learning technology.

4. Conclusion and outlook

Data security law countries implement the strategy of big data, deepening data security system construction, strengthen the regulation of data security and governance, countries will put forward for data classification grading protection, provision for data must fulfill the obligations data security protection, * * also emphasized to promote development and utilization of data at the same time, encourage data and compliance in accordance with the commercial exploitation of industrial development, Standardize data factor market. ** With the introduction and implementation of the Data Security Law, data resources will burst into stronger vitality, further promote the security control and marketization of data elements, and enhance the value of big data resources. Under the framework of the Data Security Law, it is necessary to strengthen the supervision and governance of data security and promote the collaborative application of data. Therefore, effective technical solutions are urgently needed to achieve the balance between data security and development. Data security control and compliance data flow, the safety joint computing will become a part of big data industry core competence, through computing technology to realize data privacy, “is it not visible” data “invisible” are available, and achieve the purpose of the data security and application development of balance, will continue to drive the data as a key element of the development of digital economy industry.

reference

[1] Xinhua Net, (authorized to publish) Data Security Law of the People’s Republic of China, www.xinhuanet.com/2021-06/11/…

[2] Baidu Baike, Data Security Law of the People’s Republic of China, baike.baidu.com/item/%E4%B8…

[3] arnhem information, the data safety “comprehensive interpretation, mp.weixin.qq.com/s/fEcrGIHCL…

[4] Wu our otstanding, the data safety “highlights, mp.weixin.qq.com/s/jt1U5gN94…

[5] deloitte China, the law of the People’s Republic of China on data security law interpretation, www2.deloitte.com/cn/zh/pages…

[6] depth interpretation of data safety, zhuanlan.zhihu.com/p/38001425

[7] interpret the data safety “, zhuanlan.zhihu.com/p/379919193

[8] Experts Interpret data Security Law, www.cac.gov.cn/2021-06/15/…

[9] Highlights of Data Security Law, www.163.com/dy/article/…

[10] Chinese data safety, privacy calculation to promote marketization of data elements, www.ccvalue.cn/article/113…

[11] How to understand the importance of cross-border data flows, cbnri.org/news/541867…

[12] data interpretation safety series (a) cross-border dilemma of broken mp.weixin.qq.com/s/FIAGQCjQe…

[13] to provide data security scheme of China’s legislation, finance.people.com.cn/n1/2021/062…

[14] the construction of a new data security law guarantee system, www.xinhuanet.com/tech/2021-0…

[15] understanding and understanding of the data safety “: data is classified, www.secrss.com/articles/23…

[16] Baidu Baike, Network Security Law of the People’s Republic of China, baike.baidu.com/item/%E4%B8…

[17]DLA Piper, Data Protection Laws of the World, www.dlapiperdataprotection.com/

[18] data sharing application in the field of financial, note.youdao.com/ynoteshare1…

[19] Tencent Privacy Computing White Paper (2021), www.tisi.org/18351

[20] Privacy Computing: What keeps Our data safe? Finance.sina.com.cn/tech/2020-1…

[21] of the People’s Bank of China, the various safety technical specification for calculation of financial application (JR/T 0196-2020), www.cfstc.org/bzgk/gk/vie…

[22] Private Computing Product Testing and Industry Development In the first half of 2021, mp.weixin.qq.com/s/3Dw8_0dF0…

[23] Interpretation of “Privacy Computing Standards and Testing Methods”, www.163.com/dy/article/…