DCC
Data Compliance China
Search · ⌘K
DCC · DATA COMPLIANCE CHINA China data law, for overseas counsel.
§ LAW · DATA TWENTY OPINIONS

Opinions of the CPC Central Committee and the State Council on Building a Basic Data System to Better Play the Role of Data Elements.

中共中央 国务院关于构建数据基础制度更好发挥数据要素作用的意见

FILED UNDER · Data Economy Data Security Personal Information

Promulgated by: CPC Central Committee and State Council.
Jointly issued by the CPC Central Committee and the State Council on December 2, 2022. Effective December 2, 2022.

I. General Requirements

(I) Guiding ideology. Guided by Xi Jinping Thought on Socialism with Chinese Characteristics for a New Era, we should thoroughly implement the guidelines of the 20th National Congress of the Communist Party of China (“CPC”), implement new development concepts in a complete, accurate and comprehensive manner and accelerate the construction of a new development pattern. It is imperative to adhere to reform innovation and system planning, take protecting national data security and protecting personal information and trade secrets as the premise, take promoting compliant and efficient data circulation and use and empowering the real economy as the main line, focus on data property rights, circulation trading, income distribution and security governance, deeply participate in the development of international high-standard digital rules, establish a basic data system that adapts to data characteristics, conforms to the law of development of the digital economy, ensures national data security and highlights the innovation leadership, fully realize the value of data elements, promote the sharing of development dividends of the digital economy by all the people and provide strong support for deepening innovation-driven development, promoting high-quality development and boosting the modernization of the national governance system and governance capacity.

(II) Work principles.

  • Following the law of development and innovating institutional arrangements. We should fully understand and master the basic laws governing data property rights, circulation, trading, use, distribution, governance and security etc., explore the property system and market system that are conducive to the security protection, effective use and compliant circulation of data, improve the systems and mechanisms for the data element market, improve the systems and mechanisms in practice and develop them in exploration so as to promote the formation of a new production relation compatible with digital productivity.

  • Adhering to the principle of sharing and releasing value dividends. We should lower the threshold for market players to access data to a reasonable extent, enhance the sharing and inclusiveness of data elements, stimulate innovation, entrepreneurship and creation, and strengthen anti-monopoly and anti-unfair competition, so as to form a development model featuring regulation according to the law, joint participation, taking what is needed, and sharing dividends.

  • Strengthening quality supply and promoting compliant circulation. We should, following the trend of digital transformation of the economy and society, promote the adjustment and optimization of data element supply and improve the quantity and quality of data element supply. We should also establish a data credibility circulation system and enhance the usability, credibility, circulatable nature and traceability level of data. Efforts should be made to make dynamic management in the whole process of data circulation and activate data value in the process of compliant circulation and use.

  • Improving the governance system and supporting the safe development. It is imperative to coordinate development and safety, implement the overall national security concept, strengthen the construction of the data security support system, ensure safety throughout the whole process of data supply, circulation and use, and define the bottom line and red line of supervision. We should strengthen the management of data by category and by level, effectively control what should be under management and delegate what should be delegated, actively and effectively prevent and resolve various data risks, and form a data governance structure that integrates government regulation with market self-discipline, the rule of law with industrial autonomy, and domestic and international coordination.

  • Deepening opening up and cooperation to achieve mutual benefits and win-win situation. It is imperative to actively participate in the formulation of international rules for cross-border flow of data and explore ways to become a member of regional institutional arrangements for cross-border flow of international data. We should also promote bilateral and multilateral negotiations for cross-border flow of data, boost the establishment of institutional arrangements such as rules of mutual benefits. Moreover, we encourage the exploration of new ways and models for cross-border data flow and cooperation.

II. Establishing a Data Property Right System for Protection of Rights and Interests and Compliant Use

It is imperative to explore the establishment of a data property right system, promote the structural subdivision and orderly circulation of data property rights, and strengthen the supply of high-quality data elements in light of the characteristics of data elements; under the national data classification and hierarchical protection system, we should promote classified and hierarchical right confirmation and authorized use and market-oriented circulation and transactions of data, and perfect the data element right protection system, so as to gradually form a data property right system with Chinese characteristics.

(III) Exploring a structural subdivision system for data property rights. It is imperative to establish a classified and hierarchical right confirmation and authorization system for public data, corporate data and personal data. We should, in light of the data source and data generation characteristics, respectively define the legitimate rights of various participants in the process of data production, circulation and use, and establish a mechanism for operating property rights such as the right to hold data resources, right to process and use data and right to operate data products. We should also promote the new model of “joint use and benefit sharing” of non- public data under the market-oriented mode to provide a basic institutional guarantee for the activation of data element value creation and value realization. Meanwhile, we should study the new methods for data property rights registration. Under the premise of ensuring security, efforts should be made to promote data handlers to develop and utilize original data in accordance with the laws and regulations, support data handlers in exercising relevant rights to data application in accordance with the laws and regulations, promote the reuse and full utilization of data use value, and promote the exchange and market-oriented circulation of data use rights. Moreover, we should prudently treat transfer trading of original data.

(IV) Promoting the implementation of the right confirmation and authorization mechanism for public data. As for public data generated in the process of Party and government organs at all levels, enterprises and public institutions performing their duties or providing public services in accordance with the law, we should strengthen convergence, sharing and open development, enhance overall authorization for use and management, promote interconnection and break “isolated data islands”. We encourage public data to be provided to society in the form of products and services such as models and verification services on the premise of protecting personal privacy and ensuring public security and in accordance with the requirements of “original data within domain and data available but not visible”. As for the public data that carries no personal information and does not affect public security, we should promote to expand the scope of supply and use according to their purposes. We should also promote the conditional free use of public data used for public governance and public welfare undertakings and explore the conditional free use of public data used for industrial development. The public data that should be kept confidential in accordance with laws and regulations should not be opened, and the original public data that has not been disclosed in accordance with the laws and regulations should be strictly controlled to directly enter the market, so as to protect the public interest in the supply and use of public data.

(V) Promoting the establishment of an enterprise data right confirmation and authorization mechanism. As for data collected and processed by various market players in the production and operation activities not involving personal information and public interests, market players have the right to hold and use them and obtain income from them in accordance with laws and regulations, and we should ensure reasonable returns for their input of labor and other factor contribution, as well as strengthen incentives for the supply of data factors. We encourage the exploration of the new model for the authorized use of enterprise data, give play to the leading role of state-owned enterprises, guide industry leading enterprises and Internet platform enterprises to play their driving roles, promote two-way fair authorization with micro, small and medium-sized enterprises, jointly and reasonably use data, and empower micro, small and medium-sized enterprises for the digital transformation. Meanwhile, we support third-party institutions and intermediary service organizations in strengthening data collection and the formulation of quality assessment standards, promote the standardization of data products, and develop industries such as data analysis and data services. Government departments may, in performing their duties, obtain relevant data of enterprises and institutions in accordance with laws and regulations, provided that they must agree on and strictly observe requirements for use restrictions.

(VI) Establishing a sound right confirmation and authorization mechanism for personal information data. For the data carrying personal information, we should promote data handlers to collect, hold, host and use data according to the scope of individual authorization in accordance with laws and regulations and regulate the processing of personal information. It is not allowed to excessively collect personal information by adopting “package authorization”, compulsory consent and other means, so as to promote the reasonable use of personal information. We should also explore the mechanism under which the trustees represent individual interests to supervise market players’ collection, processing and use of personal information data. The special personal information data involving national security may be authorized to relevant entities in accordance with laws and regulations. We should intensify the protection of personal information and promote key industries to establish sound long-term protection mechanisms. We should strengthen the responsibilities of enterprises as subjects and regulate the collection and use of personal information by enterprises. We should also innovate technical means, promote anonymous handling of personal information, and protect information security and personal privacy in the use of personal information data.

(VII) Establishing a sound system for protection of the legitimate rights and interests of various participants of data elements. Efforts should be made to fully protect the legitimate rights and interests of the party with data sources, promote data circulation and use models based on informed consent or with statutory causes, and protect the rights and interests of the party with data sources to acquire, copy or transfer the data generated due to its contribution. We should reasonably protect the rights and interests of data handlers in independent control over the data they hold in accordance with laws and regulations. On the premise of protecting public interests, data security and the legitimate rights and interests of the party with data sources, we should recognize and protect the right to process and use data obtained in accordance with legal provisions or contractual agreements, respect the labor and other contribution factors of data handlers in data collection, processing and other aspects, and fully protect data handlers’ rights to use data and obtain benefits therefrom. We should also protect the management right of data or data derivatives formed by processing, analysis or otherwise, regulate the rights of data handlers to license others to use data or data derivatives in accordance with laws and regulations, and promote the circulation and reuse of data elements. Meanwhile, we should establish a sound mechanism for the transfer of data-related property rights and interests on the basis of legal provisions or contractual agreements. When a data handler is merged, divided, dissolved or declared bankruptcy, we should promote the synchronous transfer of related rights and obligations in accordance with laws and regulations.

III. Establishing a Compliant and Efficient Data Element Circulation and Trading System Combining On-Floor and Over-the-Counter Markets

We should improve and regulate data circulation rules, establish a trading system that promotes use and circulation as well as combination of on the floor and over-the-counter markets, regulate and guide over-the-counter transactions, and cultivate and expand floor trading; we should also orderly develop cross-border data circulation and trading, and establish a reliable data circulation system with identifiable data sources, definable scope of use, traceable circulation process and preventable security risks.

(VIII) Improving the system of whole-process data compliance and regulation rules. It is imperative to establish data circulation access standards and rules, strengthen whole-process compliance governance for data of market players, and ensure legal sources of circulation data, effective privacy protection, and standardized circulation and trading. We should, in light of the data circulation scope, impact degree and potential risks, distinguish use scenarios and usage quantities, establish data classification and hierarchical authorization use specifications, explore the development of a data quality standardization system, accelerate the promotion of data collection and interface standardization, and promote data integration, interconnection and interoperability. Meanwhile, we support data handlers in the circulation of data on the floor and over the counter in accordance with laws and regulations in such manners as opening, sharing, exchange and trading. We encourage the exploration of technologies, standards and plans for safeguarding data circulation security. We also support the exploration of diversified pricing models and price formation mechanisms in line with the characteristics of data elements, and promote paid use of public data used for digital development under the government-guided pricing and independent pricing of enterprise and personal information data in the market. Efforts should be made to strengthen the development and regulation of enterprise data compliance system, severely crack down on black market transactions, and ban industries with illegal data circulation. We should also establish and implement data security management certification system, in a bid to guide enterprises to improve data security management through certification.

(IX) Building standardized and efficient data trading venues on an overall basis. It is imperative to strengthen the system design of data trading venues, optimize the planning and layout of data trading venues on an overall basis, and strictly control the number of trading venues. We should introduce administrative measures for data trading venues, establish sound data trading rules, and formulate a unified national system of standards for data trading and security to reduce trading costs. We should also guide the joint development of various types of data trading venues, highlight the compliance supervision and basic service functions of national data trading venues, strengthen their public attributes and positioning for public interests, promote the separation of functions of data trading venues and data dealers, and encourage all kinds of data dealers to trade in data trading venues. Meanwhile, efforts should be made to standardize regional data trading venues and industrial data trading platforms established by various regions and departments, build a multi-level market trading system, and promote the circulation and use of regional and industrial data. We should promote the interconnection between regional data trading venues and industrial data trading platforms and national data trading venues. We should also build intensive and efficient data circulation infrastructure to provide a low-cost, efficient and reliable circulation environment for centralized trading on the floor and over-the-counter decentralized trading.

(X) Cultivating the circulation and trading service ecology for data elements. We should, by orienting towards the need to promote the compliant, efficient, safe and orderly circulation and trading of data elements, cultivate a number of data dealers and third-party specialized service agencies. Through data dealers, we should provide both parties to data trading with the development, release and underwriting of data products and the compliance, standardization and value-added services of data assets so as to promote improvements to the efficiency of data trading. In key areas such as intelligent manufacturing, energy conservation and carbon reduction, green construction, new energy and smart city, we should vigorously cultivate industrial and industrialized data dealers close to business needs, and encourage data dealers of different ownerships to develop together and compete on an equal footing. It is imperative to orderly cultivate third-party specialized service agencies engaged in data integration, data brokerage, compliance certification, security audit, data notarization, data insurance, data custody, asset evaluation, dispute arbitration, risk assessment and talent training, and enhance the service capability for the whole process of data circulation and trading.

(XI) Establishing a safe, compliant and orderly cross-border circulation mechanism for data. We should carry out international exchange and cooperation in terms of data exchange, business interconnection, mutual recognition of supervision and service sharing, etc., promote the construction of cross-border digital trade infrastructure, and should, on the basis of the Global Initiative on Data Security, actively participate in the formulation of international rules and digital technology standards for data flow, data security, certification and evaluation, digital currency and so on. It is imperative to adhere to open development, and promote cross-border two-way orderly data flow. We encourage domestic and foreign enterprises and organizations to carry out business cooperation on cross-border data flow in accordance with the law, support foreign investment in entering open fields in accordance with the law, and promote the formation of an international market with fair competition. We should also explore safe and standardized cross-border data flow modes for typical application scenarios such as cross-border e-commerce, cross-border payment, supply chain management and service outsourcing. We should coordinate data development and utilization and data security protection and explore the establishment of a mechanism for classified and hierarchical management of cross-border data. Data processing, cross-border data transmission, foreign mergers and acquisitions and other activities that affect or may affect national security shall be subject to national security review in accordance with the laws and regulations. According to the principle of reciprocity, we should implement export control over the data that are controlled items relating to the safeguarding of national security and interests and the fulfillment of international obligations in accordance with the law, ensure that the data are used for legitimate purposes, and prevent the security risk of transmitting data abroad. Moreover, we should explore the establishment of a multi-channel and convenient cross-border data flow regulatory mechanism and improve the cross-border data flow regulatory system with coordination and cooperation among multiple departments. We oppose data hegemony and data protectionism and should effectively cope with the “long-arm jurisdiction” in the data field.

IV. Establishing the Distribution System for Income from Data Elements that Reflects Efficiency and Promotes Fairness

It is imperative to follow the development trends of digital industrialization and industrial digitalization, give full play to the decisive role of the market in resource allocation, and better play the role of the government. We should improve the mechanism for market-oriented allocation of data elements and expand the scope of market-oriented allocation of data elements and the channels for participating in the allocation based on value contribution. We should also improve the redistribution adjustment mechanism for income from data elements, so that all people can better share the fruits of the development of digital economy.

(XII) Improving the mechanism in which the contribution of data elements is evaluated by the market and the remuneration is determined based on the contribution. We should, in light of the characteristics of data elements, optimize the distribution structure, and establish a fair, efficient data value distribution mechanism combining incentives and regulation. It is imperative to adhere to the principle of “Two unswervingly” and the principle of “whoever invests and contributes will benefits”, focus on protecting the input and output income of all participants of data elements, and safeguard the rights and interests of data resource assets in accordance with the laws and regulations. Efforts should be made to explore the ways for individuals, enterprises and public data to share value and benefits, establish and improve a more reasonable market evaluation mechanism, and promote the matching between labor contribution and labor remuneration. We should promote the reasonable allocation of income from data elements to the creators of data value and use value, ensure that the investment in all stages of data value development and mining has corresponding returns, and strengthen the orientation of incentives based on data value creation and value realization. In addition, we should, by various ways of income sharing such as dividend and commission, balance the distribution of benefits among the relevant entities in different stages such as data content collection, processing, circulation and application.

(XIII) Giving better play to the role of government in guiding and regulating the distribution of income from data elements. It is imperative to gradually establish a system or mechanism for distribution of income from data elements that ensures fairness and pay more attention to public interests and relatively disadvantaged groups. We should increase efforts of government guidance and regulation, explore the establishment of a mechanism for reasonably sharing the benefits from the opening of public data resources, and allow and encourage various types of enterprises to provide public services based on public data in accordance with the laws and regulations. We should also promote large data enterprises to actively undertake social responsibility, strengthen the support and assistance for disadvantaged groups, and vigorously and effectively deal with various risks and challenges in the process of digital transformation. Meanwhile, we should continue to improve the systems and rules for the data element market, so as to prevent and regulate, in accordance with laws and regulations, problems such as the disorderly expansion of capital in the data field and the formation of market monopoly. We should also coordinate the use of multi-channel fund resources, carry out data knowledge popularization, education and training, improve the digital literacy of the whole society, strive to eliminate the digital divide between different regions and different groups of people, enhance social equity, guarantee people’s livelihood and well-being, and promote common prosperity.

V. Establishing a Safe, Controllable, Flexible and Inclusive System for the Governance of Data Elements

It is imperative to integrate safety throughout the whole process of data governance, establish a governance model with multi-party collaboration among government, enterprise and society, innovate government governance modes, clarify the responsibilities and obligations of all parties, improve the industry self-discipline mechanism, regulate the market development order, and form a data element governance pattern combining an effective market with a promising government.

(XIV) Innovating the government data governance mechanism. We should give full play to the role of the government in orderly guidance and standardized development, hold the bottom line of safety, clarify the red line of regulation, and create a safe and reliable, innovative, fair and open, and regulation-effective data element market environment. We should also intensify sub-industry regulation and cross-industry collaborative regulation, establish a joint data management and governance mechanism, and establish a sound fault tolerance and error correction mechanism that encourages and embraces innovation. Meanwhile, we should establish systems of compliance notarization, security review, algorithm review, monitoring and early warning for the whole process of production and circulation of data elements, and guide all parties to perform their responsibilities and obligations for data element circulation security. We should also establish a sound data circulation regulatory system, develop a negative list of data circulation and trading clarifying the data items that cannot be traded or that are strictly restricted for trading. Efforts should be made to strengthen anti-monopoly and anti-unfair competition, enhance enforcement and justice in key fields, strengthen the review of concentration of undertakings in accordance with the laws and regulations, investigate and punish monopoly agreements, abuse of market dominance, and illegal concentration of undertakings in accordance with the laws and regulations, and create a fair, competitive, standardized and orderly market environment. We should, on the basis of implementing the graded protection system for cybersecurity, comprehensively strengthen data security protection work, improve the network and data security protection system, and enhance the capabilities of protection in depth and comprehensive defense.

(XV) Specifying the data governance responsibilities of enterprises. It is imperative to adhere to the principle of “easy access and strict management”, firmly establish the awareness of responsibility and self-discipline of enterprises. We encourage enterprises to actively participate in the construction of the data element market, and should, by orienting towards data source, data property rights, data quality and data use, etc., promote the statement and commitment system for data circulation trading for data dealers and third-party specialized service agencies. We should also strictly implement relevant laws and regulations and promote enterprises to assume corresponding responsibilities in accordance with laws and regulations in various aspects such as data collection and convergence, processing, circulation trading, sharing and utilization. Enterprises shall strictly comply with the Anti-monopoly Law and other relevant laws and regulations, and shall not use data, algorithms and other advantages and technical means to exclude or restrict competition or implement unfair competition. Moreover, efforts should be made to regulate the security management of government data in enterprises’ participation in government informatization construction, and ensure that there are rules to follow, development in an orderly manner, and security and controllability. We should also establish a sound data element registration and disclosure mechanism, enhance the social responsibility of enterprises, break the “data monopoly”, and promote fair competition.

(XVI) Giving full play to the collaborative governance role with multi-party participation by social forces. We encourage industry associations and other social forces to actively participate in the construction of data element market, support the research and development of security technologies and services relating to data circulation, and promote the safe and reliable circulation of data elements in different scenarios. We should also establish a data element market credit system, and gradually improve mechanisms for the identification of dishonest practice, incentives for honesty, punishments for dishonesty, credit repair and objection handling, etc. in respect of data transactions. Efforts should be made to smooth channels for reporting, complaints and dispute arbitration, and maintain good order of data element market. Moreover, effort should be made to accelerate the implementation of national standards for data management capacity maturity and data element management regulations and promote various departments and industries to improve metadata management, data desensitization, data quality, value evaluation and other standards systems.

VI. Supporting Measures

It is imperative to intensify overall promotion, strengthen task implementation, and innovate policy support. We encourage qualified regions and industries to carry out pilot programs in respect of institutional construction, technical paths, and development models, etc. We also encourage enterprises to innovate their internal data compliance management systems and constantly explore and improve the basic data system.

(XVII) Effectively strengthening organization and leadership. Efforts should be made to strengthen the CPC’s overall leadership in the work of building a basic data system. Under the centralized and unified leadership of the CPC Central Committee, we should give full play to the role of the Inter-ministerial Joint Conference for the Development of the Digital Economy, strengthen the overall planning of work and promote cross-regional and cross-departmental coordination and linkage to strengthen supervision and guidance. All regions and departments should attach great importance to the development of the basic data system, unify their thinking and understanding, intensify reform efforts, formulate work measures in light of their respective realities, refine the division of tasks, and do a good job in promotion and implementation.

(XVIII) Increasing policy support. It is imperative to accelerate the development of the data element market and make data element enterprises bigger and stronger. We should improve financial services, guide venture capital enterprises to increase investment in data element enterprises, encourage credit reporting agencies to provide diversified credit reporting services based on business operation data and other various data elements, and support real economy enterprises, especially micro, small and medium-sized enterprises, in carrying out credit financing in enabling digital transformation. Meanwhile, efforts should be made to explore new models for data assets to be included into balance sheet.

(XIX) Actively encouraging experimental exploration. We should, by adhering to the combination of top-level design and grassroots exploration, support Zhejiang and other regions and qualified industries and enterprises to carry out pilot practices, give play to the role of high-level open platforms such as free trade ports and free trade pilot zones, and guide enterprises and scientific research institutions to promote innovation in technology and industrial applications relating to data elements. Meanwhile, we should, by adopting the approach of “result-oriented bidding”, support qualified departments and industries in accelerating to make breakthroughs in key technologies such as reliable data circulation and security governance, establish innovative fault tolerance mechanisms, explore and improve policies, standards and institutional mechanisms for data element property rights, pricing, circulation, trading, use, distribution, governance and security, and better play the active role of data elements.

(XX) Steadily promoting system development. We should, by orienting towards the establishment of a basic data system, gradually improve policies and standards for key links of major areas such as definition of data property rights, data circulation and trading, distribution of income from data elements, authorized use of public data, development of data trading venues and data governance. We should also strengthen theoretical research and legislative research on, among others, data property right protection, data element market system development, data element price formation mechanism, data element income distribution, cross-border data transmission and dispute resolution, and promote the improvement to the relevant legal systems. Meanwhile, efforts should be made to timely summarize and refine replicable and propagable experience and practices and promote new breakthroughs in the building of the basic data system by using the experience of key points to promote work in all areas. The Inter-ministerial Joint Conference for the Development of the Digital Economy shall regularly evaluate the development of the basic data system, make dynamic adjustments in due time, and promote the continuous enrichment and improvement of the basic data system.

§ COMMENTARY

Briefs on this law.

15 briefs reference this law.

  • § 01 · JUDICIAL

    Datatang v. Yinmu — China's First Ruling on a Data-IP Registration Certificate, and Why Open-Sourced Data Is Still Protected

    A consolidated case study of 数据堂诉隐木科技 (Datatang v. Yinmu) — the Beijing IP Court's June 2024 appeal ruling, widely called China's first case on the evidentiary effect of a data-IP registration certificate. The dispute: Datatang built voice datasets for AI training, open-sourced some under a license; Yinmu took and redistributed them in the same data-services market. DCC synthesizes four commentaries (the case report, a Tsinghua analysis, and two Shenzhen Data Exchange DEXC+ deep-dives) into the four holdings that matter for overseas counsel: (1) a data-IP registration certificate is prima facie evidence of property-type interests and lawful sourcing — but not an absolute property right (property-rights-statutism); (2) open-sourced data, though neither trade secret nor copyrightable compilation, is protectable under the Anti-Unfair Competition Law's general clause; (3) the protection hierarchy (compilation work → trade secret → AUCL Art. 2); and (4) whether the taker honored the open-source license is the hinge for 'improper conduct.'

    judicial · data-property-rights · data-registration
  • § 02 · DATA-PROPERTY-RIGHTS

    The 'Rights Block' — Xu Ke's Structural Theory Behind China's Data-Property Framework

    Xu Ke's highly-cited (255×) 政法论坛 article on the structure of data rights — the theoretical scaffolding that the Data 20 Articles' three-rights framework rests on. He maps the field's two warring paradigms (formalist 'empowerment' vs substantivist 'conduct regulation'), argues both fail alone, and integrates them via a 'reflexive law' approach. The payoff is a taxonomy of three possible rights structures — rights-ball, rights-bundle, rights-block — and the case that the 'data rights block' (数据权利块) best fits data's 'one principle, many manifestations' character. For overseas counsel, this is the conceptual map that explains why Chinese data rights are structured the way they are — and why Western property and IP analogies keep failing.

    data-property-rights · data-rights-theory · data-twenty
  • § 03 · DATA-ASSET

    When Does Data Become an Asset? Xu Ke on Identifying and Defining Data Assets

    Xu Ke (UIBE), writing for a practitioner audience, draws the line between data resource (国家视角, public/strategic) and data asset (市场主体视角, commercial), then between the broad sense (anything that creates value for the enterprise) and the narrow sense (meets the MOF accounting-standard test for on-balance-sheet recognition — owned/controlled, generates economic benefit, reliably measurable). He works the three-rights framework into operational boundaries by data type (personal / enterprise / government) and flags the practical questions overseas counsel face when a Chinese counterparty wants to put data on its balance sheet.

    data-asset · data-property-rights · data-on-balance-sheet
  • § 04 · DATA-ECONOMY

    Tang Linyao — Data-Broker Derivative Harms and the 'Data Integration Analysis Framework'

    Tang Linyao (Chinese Academy of Social Sciences) maps the regulatory gap for data-broker derivative harms — the harms that arise not from direct PI leakage but from the integration and aggregation activity that data brokers themselves perform. The analytical core: a vertical / horizontal data-relations framework that explains why existing PIPL-style protection (vertical-relationship-focused) systematically fails to address horizontal-relationship harms; and the 'abstract risk substantialization' doctrine borrowed from US precedent and EU GDPR to bring data-broker risk into ex-ante regulatory scope. Operationally, Tang proposes a 'Data Integration Analysis Framework' with concrete tiering (三高 / 双高 / 单高 / 三低) that translates academic doctrine into compliance-program-grade controls. Applied to a real Shenzhen Data Exchange listing as worked example.

    data-economy · data-broker · data-exchange
  • § 05 · DATA-PROPERTY-RIGHTS

    Wang Nian — Data Source's Rights as a 'Fair Use' Right Alongside the Three Rights

    Wang Nian (Tsinghua Law) takes on the unresolved fourth-right question in the Data 20 Articles framework: what is the data source's right (数据来源者权), and how does it relate to the three rights (hold/use/operate)? Drawing on the 'data symbiosis' (数据共生) framework from the ALI-ELI Data Economy Principles and the EU Data Act, Wang argues that pre-existing legal entitlements — privacy, PI rights, IP, trade secrets — cover only part of the source's interest, leaving a residual that needs an independent legal protection. He frames the data-source right as a 'fair use right' (公平使用权): a contractual-relationship right against the specific data processor, distinct from the property-style three rights, that captures the value contribution of the source's participation in data co-creation. The corporate-data-portability analog DCC flagged in our NDA brief gets its doctrinal foundation here.

    data-property-rights · data-twenty · data-source-rights
  • § 06 · DATA-PROPERTY-RIGHTS

    NDA Explains the Three-Rights Framework — A Plain-Language Walk-Through from the Regulator Itself

    The National Data Administration's official 政策解读 (policy interpretation) on the three-rights framework — the right to hold, the right to use, and the right to operate data — established by the Data 20 Articles. NDA walks through what each right means, illustrative scenarios (group-company data subsidiaries; hospital-pharma research pools; data-broker commission arrangements), how the rights relate to each other (independently severable; non-exclusive across parties for the same data), and why the structural-separation design was chosen over a unitary-ownership model. The clearest available statement of the regulator's own intent on the framework that anchors every downstream rule — data-resource registration, data-property-rights registration, FTZ data-circulation negative lists, on-floor / over-the-counter trading rules.

    data-property-rights · data-twenty · structural-separation
  • § 07 · DATA-PROPERTY-RIGHTS

    Who Is the 'Data Processor' Under the Three-Rights Framework — NDA's Farm-Equipment Hypothetical

    NDA's official 政策解读 on the threshold question that every three-rights allocation depends on: who is the 'data processor' and who is the 'information subject'? NDA uses a farm-equipment hypothetical — a farm rents tractor, irrigation, and fertilizer equipment from three different vendors; cultivation data is captured in the process — to work through who collects, who decides processing purposes, and how the property-rights regime balances the data-processor's commercial interest against the information-subject's rights to access copies of relevant data. The piece sketches the basic information-subject vs. data-processor dichotomy that anchors the entire downstream data-element regime, and surfaces the access-to-data right (data portability for commercial entities) that overseas counsel often miss.

    data-property-rights · data-twenty · data-processor
  • § 08 · DATA-PROPERTY-RIGHTS

    Cloud, BPO, and Other Entrusted-Processing Arrangements: Why the Processor Doesn't Get the Rights

    NDA's official 政策解读 on a tactically critical sub-question of the three-rights framework: when a data processor outsources storage, processing, or analysis to a third-party service provider — typical cloud, BPO, or e-government-system arrangements — does the entrusted party acquire any of the three property rights? NDA's clear answer: no. The entrusted processor (受托人) is not a 'data processor' in the property-rights sense — it merely executes instructions on behalf of the data processor (the principal). It cannot use the data outside the entrusted scope, cannot transfer the data into market circulation, and cannot apply the data to its own debt repayment or bankruptcy distribution. The line is anchored to the Civil Code's contract-of-mandate rules — a long-standing piece of Chinese commercial law extended cleanly into the data-element regime.

    data-property-rights · data-twenty · entrusted-processing
  • § 09 · TOKENS

    Cold Water on 'Token Trading' — Wang Qinglan on the NDA's High-Quality Data Set Initiative

    In March 2026, the National Data Administration released the *Implementation Plan for Promoting High-Quality Industry Data Set Construction (Draft for Public Consultation)*, which explores a 'token (词元) based value system' and 'token trading as a new transaction mode' for high-quality data sets. The Chinese AI policy community immediately heralded the move as 'revolutionizing data trading.' Wang Qinglan pours cold water: token is a measuring unit, not a magic transformer. AI tokens are not crypto tokens. The bottleneck in China's data-element market isn't measurement — it's supply, rights clarity, compliance cost, and data silos.

    tokens · ai-training-data · data-trading
  • § 10 · DATA-PROPERTY-RIGHTS

    Will Judicial Review 'Reset' the Data Registration Rush? — Reading Wang Qinglan on the SPC's New Data Disputes Case Category

    Wang Qinglan, head of compliance at a Chinese data exchange, asks what the Supreme People's Court's new 'data disputes' case category — effective January 1, 2026 — does to the data property rights registration certificates that institutions across the country have been issuing. Her argument: certificates issued through formal-only review will not survive substantive judicial scrutiny, and a single rejected certificate could erode trust in the entire registration regime. The path forward is a three-tiered protection model and aligned standards across regulators, registration institutions, and courts.

    data-property-rights · data-registration · spc
  • § 11 · DATA-FUNDAMENTALS

    What Is Data, Really? — A Plain-Language Primer on Rules and Compliance

    What does it actually mean to call something 'data,' and what turns raw recordings into a data asset? Wang Qinglan uses a toy storage room metaphor to walk through the foundational concept overseas readers often skip: data is not just 'records' — it's records made under rules. Master data, metadata, ontology, the three-tier compliance taxonomy (legal / ethical / promised), and the three-step compliance workflow (select / allocate / execute) — all anchored in a concrete example a non-specialist can follow.

    data-fundamentals · data-governance · compliance-architecture
  • § 12 · DATA-GOVERNANCE

    Data Governance vs. Data Management vs. Data Compliance — A Plain-Language Disambiguation

    Wang Qinglan disambiguates three terms that compliance and data teams habitually conflate: data governance, data management, and data compliance. Using a 'data manor' metaphor (the family council vs. the steward team vs. the community monitor), she maps each function to its job — setting direction, executing efficiently, and operating sustainably within external rules and self-imposed commitments. The piece is useful precisely where bilingual confusion is highest: 'data governance' in English carries different connotations than 数据治理 in Chinese practice.

    data-governance · terminology · dama
  • § 13 · DATA-PROPERTY-RIGHTS

    What Does Data Registration Actually Confirm? — A Doctrinal Reading

    Long before the SPC's January 2026 'data disputes' case category started squeezing data registration certificates against judicial review, Wang Qinglan had already written the foundational critique: data registration does not 'confirm rights' because there are no legal data rights to confirm. The Data 20 Articles created data property rights, not data legal rights, and Chinese property rights are not Article-conferred civil rights. Registration certificates are 'trust credentials,' not 'rights certificates.' This is the doctrinal essay overseas counsel should read before the SPC sequel.

    data-property-rights · data-registration · civil-law-doctrine
  • § 14 · DATA-EXCHANGES

    On-Exchange vs. Off-Exchange Data Trading — A Uniquely Chinese Market Structure

    Why does China have data exchanges? Wang Qinglan's piece opens with an observation overseas readers will recognize: 'When you tell foreigners about China's on-exchange data trading market, you get blank stares — because exchange-organized data trading is uniquely Chinese.' The analogy she offers — Shenzhen Data Exchange is to data what the Shenzhen Stock Exchange is to securities — unlocks the architecture. Five tiers of trading venues by public-risk level. Three waves of Chinese data-exchange evolution. And the operational meaning of why on-exchange and off-exchange trading coexist.

    data-exchanges · data-economy · szdex
  • § 15 · DATA-ECONOMY

    What Is Actually Traded on China's Data Exchanges — A Bakery Metaphor

    Per the Shenzhen Provisional Measures for Data Trading Administration, four categories of object can be traded on a Chinese data exchange: data products, data services, data tools, and other regulator-approved objects. Wang Qinglan walks through what each means in plain language with a bakery metaphor — wheat (raw data) becomes flour (data resources) becomes cakes (data products); a baker is a data service; the oven is a data tool. The piece is useful precisely because it answers a question overseas teams rarely think to ask: what are the data exchanges actually selling?

    data-economy · data-trading · data-products
§ SUBSCRIBE

The Monday brief.

One short email every Monday. New briefs on Chinese data-compliance rules from the previous week, with the source law cited.

Opt-in only. Unsubscribe anytime by replying "unsubscribe" to any issue.