China is establishing data exchanges, promoting governance through the Digital Silk Road, and viewing data as a national resource rather than a matter of privacy.

      **TL;DR** China views data as a productive resource rather than a privacy right or corporate property, and is developing an economic framework around it, including regulated data exchanges, over 30 new standards anticipated in 2026, and a Digital Silk Road that provides governance frameworks along with telecommunications equipment to emerging nations. While the EU dedicated a decade to establishing the GDPR as a global data protection standard, China’s model offers a practical advantage that Brussels lacks: the necessary infrastructure—roads, cables, data centers, and exchanges essential for a functional data economy. The nation that constructs this infrastructure may establish the prevailing norms.

      The European Union considers data a privacy right, while the United States sees it as a corporate asset. In contrast, China treats data as a factor of production—an essential national economic resource comparable to land, labor, capital, and technology. This difference, though it may seem abstract, is leading to a data governance structure that diverges significantly from those developed in Brussels or Washington, with the Chinese model currently drawing the attention of many developing nations.

      Since late 2025, Beijing has launched an "AI-plus" initiative, a vigorous strategy for AI integration across sectors with an emphasis on data. The National Data Administration, established in 2023, has conducted three national data work conferences and designated seven provinces as Digital Economy Innovation Development Pilot Zones. Over 30 new standards concerning public data, data infrastructure, AI agents, high-quality datasets, and data cataloging are expected to be introduced in 2026. China is not merely regulating data; it is constructing an extensive economic framework around it.

      **The framework**

      China's data governance is based on a "3+1=4" structure: three core laws—the Cybersecurity Law, the Data Security Law, and the Personal Information Protection Law—along with one administrative regulation, the Regulation on Network Data Security Management, which is enforced through four sets of specific rules. This framework creates a layered system for cross-border data transfers, in which the data processor's identity, the type of data, and the scale of outbound transfers determine the applicable export mechanism: security assessments, standard contractual arrangements, or personal information protection certification.

      The PIPL, which became fully effective in November 2021, is frequently compared to the GDPR, although such comparisons are misleading. While the GDPR emphasizes individual rights and transparency within a democratic legal framework, the PIPL prioritizes state sovereignty and national security, highlighting the state’s interest in data control over individual privacy rights. Both laws govern data, but for fundamentally different reasons.

      The EU AI Act, which has recently come into effect, aims to establish a global standard for AI governance, echoing the GDPR’s philosophy of prioritizing individual rights over economic utility. Conversely, China’s framework reverses that order, prioritizing economic gains first, state security second, and individual rights last. The central question is which model other nations will adopt.

      A prominent aspect of China’s strategy is the creation of data exchanges—regulated marketplaces where data can be traded like a commodity. Cities such as Shanghai, Shenzhen, Beijing, Guiyang, and Guangzhou have established data exchanges where businesses and governmental bodies list data products, negotiate prices, and finalize transactions under standardized terms. By 2025, the Shanghai Data Exchange had cataloged over 5,000 data products. The total trading volume across China’s primary exchanges was valued at 87.7 billion yuan in 2022, expected to escalate to 515.6 billion yuan by 2030.

      No equivalent infrastructure exists in Europe or the United States. The EU’s Data Act proposes new guidelines aimed at granting users more control over data from connected devices, yet it does not develop a marketplace for trading this data. Meanwhile, the American approach largely delegates data transactions to private markets, lacking a federal data exchange framework or a national data administration comparable to China’s NDA. China is actively developing the foundation for a data economy that views information as a tradable asset class, including exchanges, pricing methods, standardized contracts, and regulatory oversight, positioning itself as the only major economy pursuing this vision on a national level.

      **The export**

      China's Digital Silk Road, a technological aspect of the Belt and Road Initiative, has entered into digital cooperation agreements with over 16 countries and constructed telecommunications networks, data centers, undersea cables, and 5G infrastructures across regions including Southeast Asia, Central Asia, Africa, and Latin America. This infrastructure is accompanied by a governance model. Countries embracing Chinese-built digital infrastructure often adopt data governance frameworks influenced by China—not due to mandates from Beijing, but because the technology and regulatory assumptions are designed to be compatible.

      The Cyberspace Administration of China has provided training to partner nations on topics such as internet monitoring, content management, and data governance. Chinese law mandates that technology companies operating in Belt and Road countries store specific data on servers within China and comply with security audits, establishing a de facto data sovereignty arrangement favoring Beijing. Europe