A Quantitative Analysis of Data Security Governance Policies in Local GovernmentsA Three-Dimensional Framework of "Instruments–Objectives–Processes"

Data security governance policies in local governments are of great significance in promoting the healthy development of data elements and improving local governments’ governance capabilities and public service levels. Based on a sample of 151 data security governance policies issued by local governments, this study constructs a three-dimensional analytical framework encompassing policy instruments, policy objectives, and governance processes, and conducts quantitative analysis of policy texts related to data security governance in local governments using both bibliometric analysis and content analysis. The findings indicate that the local data security governance policies demonstrate a trend characterized by fluctuation, rapid growth, and slow rise. The structure of policy tools is unbalanced, with insufficient push and pull effects, and an overall structure characterized by overreliance on environmental instruments, insufficient supply-side tools, and weak demand-side measures. Policy objectives lack coordination, resulting in limited governance integration. Moreover, governance processes exhibit uneven coverage, with deficiencies in top-level design and implementation. Future governance should prioritize balancing and optimizing the structure of policy instruments, enhancing policy coordination and stability, strengthening regulation of sensitive data, improving the quality and effectiveness of integrated data governance, reinforcing strategic planning for data security, and promoting high-level implementation of data security policies. These measures will effectively improve the data security governance capacity of local governments.