Last week was China's second annual "Awareness Week for National Cybersecurity," a publicity drive headed by the Central Internet Security and Informatization Leading Group. The working group was etablished last year under direct oversight by Xi Jinping, and directed by deputy CCP propaganda chief and "cyberspace minister" Lu Wei. To launch the week, Lu delivered a speech outlining "four haves" that make up "good Chinese netizens"—essentially, clear rules for individuals' online conduct—followed by four government practices to ensure these rules are publicized. From China Copyright and Media's English translation of the full speech:
First, they must have a high sense of security. The greatest risk in the area of cybersecurity is that there is no awareness of risk, cybersecurity risks are not remote, they are close to us, safeguarding cybersecurity not only is a matter for the State, experts of others, it is a matter for everyone themselves. When cybersecurity problems occur, they may affect a broader sphere and present greater risks than traditional security problems, we must tension the base string of cybersecurity at all times, build a firm “defence line of the mind”, and let awareness about cybersecurity be internalized in hearts and be realized in practice.
Second, they must have civilized online cultivation. They must consciously practice the Socialist core value view, carry forward online positive energy, advocate civilized and healthy online lifestyles, foster online behavioural norms that venerate virtue and are inclined towards the good, use outstanding ideas, morals and culture to nourish the network and nourish society, consciously eliminate filth and mire such as online rumours, online violence, sex and vulgarity, and make cyberspace become clean.
Third, they must have behavioural habits of observing the law. Cyberspace is not a space outside the law, the legal baseline may not be crossed, things that cannot be done offline can equally not be done online. They must use the yardstick of the law to measure their online words and acts, stress sincerity, abide by order, consciously study the law, respect the law, abide by the law and use the law, and build a firm protective rule of law screen for cybersecurity.
Fourth, they must have the skills to protect themselves. Internet is a “double-edged sword”, they must, at the same time as enjoying the convenience that the Internet brings, simultaneously grasp corresponding cybersecurity protection skills, be able to see pitfalls, be able to ward off underhanded attacks, and be able to plug loopholes, they must not lightly download software of unclear origins, they must not carelessly retweet harmful information, they must pay attention to protecting personal accounts and passwords, timely update application and software patches, change unhealthy surfing habits, and give online unlawful elements no chance to take advantage. [...] [Source]
As can be seen, the rules emphasize the management of individual conduct at least as much as they do enhancing security against cyberattacks. At the Council on Foreign Relation's Net Politics blog, CFR researcher Lincoln Davidson situates Lu's speech into recent government efforts to shape online etiquette, examines the rhetoric contained in the speech, and contrasts China's emphasis on social stability with other nations' cybersecurity awareness campaigns:
As China celebrates its second annual National Cybersecurity Week, top officials and the country’s leading papers have worked hard to spread the message that it’s not just the responsibility of the state to promote cybersecurity, but something all citizens should be concerned about and involved in. Building on Chinese President Xi Jinping’s claim that “without cybersecurity, there can be no national security,” they’ve called Chinese citizens to respect others online, teach children cybersecurity, stop swearing on the Internet, clear rumors from the web, and “inscribe cyber laws on their hearts.” Backing up these exhortations is a new model of how Chinese citizens should use the Internet: the “good Chinese netizen.”
[...] The rhetoric in Lu’s speech draws on traditional Chinese Communist Party (CCP) political language with its calls for “mass mobilization” by “every level of party committee and government” to maintain cybersecurity, making it easy to ignore. However, the speech is a succinct articulation of what the Chinese government wants from its citizens online, and in that sense, it encapsulates the Chinese vision of the Internet.
With its second cybersecurity awareness week, China may be mimicking Western governments, which have responded to a sharp rise in the volume and severity of cyberattacks in recent years with similar attempts to raise public awareness. But contrast Lu’s speech and the abundance of attention it and China’s other cybersecurity week events have gotten in the the Chinese press with “National Cyber Security Awareness Month,” held in the United States each October. Apart from a brief mention in a newsletter for cyber wonks and an article in The Hill by a member of Congress promoting some legislation he had sponsored, the event received little attention. What was written focused on substantive things U.S. citizens can do to make themselves more secure online—just one of Lu Wei’s “four haves.”
Lu Wei last week also highlighted 25 examples of the type of language that he wants off the Internet at a meeting of China's top web companies.