Author: Zhang Feng
According to a piece by Lu Lei, Deputy Governor of the People's Bank of China, published in the Financial Times titled "Digital Renminbi Will Transition from the Era of Digital Cash to the Era of Digital Deposit Currency," the new generation of the digital renminbi system will officially be implemented on January 1, 2026, marked by the "Action Plan for Further Strengthening the Management and Service System of Digital Renminbi and Related Financial Infrastructure Construction" (hereinafter referred to as the "Action Plan").
This evolution is not only a technological upgrade but also a profound transformation in the form of currency, operational mechanisms, and governance logic. In this process, how to construct a privacy and security governance system that effectively serves the real economy, strengthens financial regulation, and fully respects and protects users' personal information rights has become a core issue for the healthy development of the digital renminbi.
I. Basic Principles: Seeking Dynamic Balance Between Strengthening Regulation and Respecting Rights
The top-level design of the digital renminbi consistently embodies two parallel and non-conflicting basic principles: first, it is essential to strengthen the effectiveness of financial regulation to maintain the stability and security of the monetary financial system; second, it is necessary to respect and protect users' personal information rights, which are an important component of citizens' basic rights in the digital age. The two are not a zero-sum game but require sophisticated institutional and technical design to achieve dynamic balance and organic unity.
Strengthening the effectiveness of financial regulation is an inevitable requirement of currency digitization. While digitization brings payment convenience and efficiency improvements, it also harbors risks such as financial disintermediation, shadow banking, off-balance-sheet payment tools, and disorderly cross-border capital flows. Deputy Governor Lu clearly pointed out in the article that various emerging payment tools "objectively form and nurture various emerging 'currencies' that self-circulate outside the financial system as means of payment and circulation."
Therefore, as a digital form of legal currency, the digital renminbi must carry and strengthen the macro-prudential management and micro-behavioral regulatory functions of the central bank. The introduction of the "Action Plan" aims to "effectively enhance the quality and efficiency of digital renminbi management and service capabilities" by fully incorporating the digital renminbi into the existing financial regulatory framework (such as the reserve requirement system and deposit insurance), clarifying the responsibilities of operating institutions, and building a solid risk "breakwater." Strengthening regulatory effectiveness is a prerequisite for safeguarding monetary sovereignty, financial stability, and consumer fund security, as well as a foundation for combating illegal activities and maintaining social and economic order.
Respecting users' personal information rights is a value-based commitment to a people-centered approach. In the era of digital existence, personal information rights are crucial. The operation of the digital renminbi involves a large amount of sensitive data, such as user identities and transaction behaviors. If designed improperly, it may lead to data misuse, privacy breaches, and even damage to personal dignity. The development path of China's digital currency has always adhered to the "people-centered" development philosophy. Deputy Governor Lu emphasized that financial innovation must "adapt to the needs of consumers and investors."
This means that the design of the digital renminbi must prioritize user privacy protection and must not excessively collect, retain, or use personal information in pursuit of regulatory convenience. The concepts mentioned in the article, such as "controllable anonymity" and "voluntary at the front end, real-name at the back end," embody this principle. Respecting user rights helps enhance public acceptance and trust in the digital renminbi, forming the social foundation for its widespread circulation and application.
These two principles together form the cornerstone of the privacy and security governance of the digital renminbi: regulation provides a stable financial environment for rights protection, while respect for rights earns social recognition for the legitimacy and sustainability of regulation. The governance system of the digital renminbi is constructed and improved through the continuous reconciliation of these two relationships.
II. Basic Goals: Precisely Focused on "Three Anti" Measures to Maintain Financial Security and Order
Under the guidance of the principle of "strengthening regulatory effectiveness," a core and direct goal of the privacy and security governance of the digital renminbi is to effectively serve the financial regulatory requirements of "anti-money laundering, anti-terrorist financing, and anti-tax evasion" (the "Three Anti" measures). This is a common requirement from the international community for legal digital currencies and financial systems, and it is a key link in preventing and resolving major financial risks.
Deputy Governor Lu pointed out in the article that commercial banks bear direct responsibility for the "Three Anti" measures concerning the circulation of digital cash, which serves as an important basis for them to become the "responsible entities for digital cash." After entering the era of digital deposit currency, this requirement has been further institutionalized. The "Action Plan" standardizes the measurement framework, incorporating digital renminbi operations into reserve and margin management, providing institutional leverage and data analysis foundations for effective "Three Anti" monitoring.
The realization of the "Three Anti" goals for the digital renminbi has the following characteristics:
Full-chain Traceability: Based on a "global single ledger" and advanced digital technology, it is theoretically possible to record the entire lifecycle of the generation, circulation, and retrieval of digital renminbi. This changes the characteristic of physical cash being difficult to trace, providing a powerful tool for tracking illegal fund flows.
Intelligent Risk Control Capability: Utilizing big data, artificial intelligence, and other technologies to analyze transaction data in real-time or near real-time can more accurately and efficiently identify suspicious transaction patterns, achieving a shift from "post-reporting" to "in-process intervention" and even "pre-warning."
Penetrating Regulatory Potential: The article mentions that by "adding regulatory nodes on the blockchain service platform," the real-time and effectiveness of regulatory data can be improved. In specific closed-loop scenarios or cross-border businesses (such as mBridge), distributed ledger technology helps achieve cross-institutional and cross-border regulatory information collaboration, penetrating complex transaction structures.
However, achieving the "Three Anti" goals does not mean indiscriminate transparent monitoring of all user transactions. On the contrary, it requires drawing a clear line between necessary monitoring and reasonable privacy protection. This is precisely the issue that the measures described in the next section aim to address—how to design a mechanism that effectively achieves the "Three Anti" goals while minimizing the intrusion on the legitimate privacy of ordinary users.
III. Basic Measures: Building a Multi-layered, Three-dimensional Privacy and Security Protection Network
To achieve the above principles and goals, the digital renminbi, in its evolution from cash-type to deposit currency-type, has comprehensively utilized institutional, structural, and technical means to construct a multi-layered, three-dimensional privacy and security governance measure system.
First, a tiered anonymity mechanism achieves a balance of "small amount anonymity, large amount traceability." This is a core feature of the digital renminbi's privacy design, directly reflecting the art of balancing "strengthening regulation" and "respecting rights." Deputy Governor Lu affirmed in the article that "real-time settlement, anonymity, and offline payments are irreplaceable advantages of cash in the digital economy era," and the "Action Plan" also aims to preserve this advantage.
Small Transaction Anonymity: For small, high-frequency payment scenarios in daily life, the digital renminbi aims to simulate the anonymity characteristics of physical cash through design (such as hardware wallets and offline transactions). Transaction counterparties, commercial banks, and even within certain permissions cannot access complete user identity and transaction association information, effectively protecting the public's daily consumption privacy.
Large Transaction Traceability: When the transaction amount reaches a certain threshold or triggers specific risk rules (such as suspicious transaction models), the system activates a traceability mechanism. Under legal authorization and strict procedures, authorized agencies (such as judicial and anti-money laundering departments) can rely on backend infrastructure to track and investigate relevant transaction chains to meet the needs of the "Three Anti" measures and combat crime.
"Controllable Anonymity" Connotation: This tiered design is essentially a form of "controllable anonymity." It is neither complete anonymity (which would condone crime) nor complete transparency (which would harm privacy), but rather implements differentiated information visibility management based on transaction risk levels. This requires establishing scientific and reasonable threshold settings and triggering rules, supported by legal procedural guarantees.
Second, data permission isolation and the principle of minimum necessity solidify institutional privacy barriers. How data circulates and is stored among operating institutions, the central bank, and regulatory departments directly relates to the security and privacy of user information. The digital renminbi naturally forms data permission isolation through a "central bank-commercial bank" dual-layer operational structure.
Front-end Responsibility of Operating Institutions (Commercial Banks): Commercial banks, as the "second layer" operating institutions directly facing users, are responsible for wallet opening, KYC (Know Your Customer) verification, daily payment processing, and initial compliance screening for the "Three Anti" measures. They hold users' real-name identity information and front-end transaction details.
Limited Mastery by the Central Bank at the Back-end: The People's Bank of China, as the issuing layer, does not directly hold massive amounts of users' personal identity information and transaction details. According to the article, the central bank focuses more on mastering cross-institutional clearing summary data, macro circulation totals, and necessary risk data obtained through regulatory interfaces. This "layered data holding" model avoids excessive data concentration, reduces systemic data leakage risks, and complies with the "minimum necessity" principle of data collection.
Legal and Regulatory Information Retrieval: Regulatory departments (including internal regulatory units of the central bank) must obtain specific user transaction detail data based on clear legal authorization (such as anti-money laundering laws) and strict internal approval procedures to prevent data misuse. The "separation of management and operation" mechanism mentioned in the article also helps form internal checks and balances, ensuring the compliance of data retrieval.
Third, technology-enhanced protection builds a solid security defense line with advanced technology. Technology is the guarantee for the realization of concepts and systems. The digital renminbi actively employs various cutting-edge technologies to enhance user privacy and fund security from multiple dimensions.
Offline Payments and Hardware Wallets: Supporting value transfer in environments without network connectivity (such as through NFC "tap"), transaction information is only encrypted and exchanged between devices, with subsequent online synchronization. Hardware wallets store digital renminbi keys in dedicated chips, physically isolating them from the internet, greatly enhancing resistance to cyberattacks and tampering, providing a higher level of protection for high-risk scenarios or privacy-conscious users.
Cryptography and Privacy Computing Technologies: Domestic cryptographic algorithms are used throughout to ensure the security of communication and data storage. Exploring the application of privacy computing (such as zero-knowledge proofs and secure multi-party computation) in compliant scenarios allows for transaction verification and compliance checks without exposing original data, achieving "data usable but invisible."
Targeted Protection of Smart Contracts: The programmability of smart contracts is not only used to expand functionality but also to enhance privacy protection. For example, contract rules can be designed to limit the flow of funds within specific trusted scenarios, preventing fund misappropriation, while the execution logic of the contract itself can protect the details of commercial sensitive information from being disclosed.
Prudent Integration of Blockchain: In specific scenarios requiring multi-party collaboration and enhanced trust (such as supply chain finance and cross-border payment bridges), prudently utilizing the traceability and tamper-proof characteristics of blockchain technology. Through designs such as "unified ledger, business domain separation," it enhances efficiency and trust while leveraging its technical characteristics to strengthen the reliability and transparency of the transaction process, indirectly protecting the legitimate rights and interests of participants.
IV. Future Outlook: Moving Towards a Mature and Robust Governance Paradigm for Digital Currency with Chinese Characteristics
In summary, the privacy and security governance system of the digital renminbi, entering the era of digital deposit currency, is a complex and sophisticated system engineering. It is based on the two fundamental principles of "strengthening financial regulatory effectiveness" and "respecting users' personal information rights," with the core goal of effectively achieving "anti-money laundering, anti-terrorist financing, and anti-tax evasion" through a combination of measures such as tiered anonymity mechanisms, data permission isolation, and technology-enhanced protection, striving to find the best balance between safeguarding national financial security, public social interests, and protecting citizens' personal privacy.
This system has distinct Chinese characteristics: it does not follow a completely "decentralized" or "anonymized" path of encrypted assets, nor does it become a completely transparent, centralized control monitoring tool; it adheres to a "dual-layer operation," fully leveraging the positive role of commercial banks; it adopts a "account + value" hybrid structure, compatible with the efficiency of centralized management and the advantages of distributed technology; it upholds "integrity and innovation," steadily advancing technological innovation within a solid financial infrastructure and legal framework.
Looking ahead, as the "Action Plan" is implemented and the application scenarios of the digital renminbi continue to deepen, its privacy and security governance system will still need to be continuously iterated and improved in practice. For example, the specific standards for tiered anonymity, procedural details for data retrieval, and compliance application boundaries for new technologies all require more detailed rules and standards to support them. Meanwhile, public education is also crucial, as users need to fully understand how the digital renminbi protects their rights while providing convenience, thereby winning broader trust and acceptance.
Ultimately, a mature, robust, and trustworthy privacy and security governance system for the digital renminbi will not only serve as a solid foundation for building a "strong currency" and a "financial power," but also contribute Chinese wisdom and solutions that balance efficiency, security, and dignity to the development of global central bank digital currencies.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
