Editor’s Note — DCC.
This is DCC’s case brief of a judgment the Beijing Internet Court (北京互联网法院) published in its “e案e审” case column, and which the presiding bench and an invited outside expert both describe as the first published application of the data clause — Article 13 — of the 2025-revised Anti-Unfair Competition Law (反不正当竞争法), the revision that took effect on 15 October 2025. The judgment was handed down on 30 April 2026 by the court’s Comprehensive Trial Division No. 1 (综合审判一庭), deputy chief judge Zhang Qian (张倩) presiding. In the published copy the plaintiff and platform are anonymised (“某科技公司” / the “platform at issue”); the defendant is referred to as Mr. Wang (王某). The English renderings of the court’s language, and the framing for overseas counsel, are DCC’s.
Read this alongside DCC’s two earlier AUCL data cases — the Datatang v. Yinmu data-IP case and the AI-ghostwritten “seeding post” case. Both were decided under the general clause (Article 2) of the old AUCL. The significance here is that a court is now working from the purpose-built data clause the legislature added in 2025 — and is telling the market exactly how it reads it.
Why this one matters
China’s courts spent the better part of a decade policing data scraping and data free-riding through Article 2, the AUCL’s general good-faith / business-ethics clause, because the statute contained no provision aimed at data. The 2025 revision changed that: Article 13 now expressly prohibits an operator from using “fraud, coercion, circumventing or breaking technical management measures, or other improper means” to acquire or use data lawfully held by another operator in a way that harms that operator and disrupts market competition order.
The open question after October 2025 was whether a dedicated clause would actually change how courts reason — or just relabel the existing Article 2 framework. This judgment is the first data point, and it does two things overseas counsel should note: it builds a four-element test on the face of the new clause, and (in the accompanying expert commentary) it drops the “competitive relationship” inquiry that Article 2 data cases used to run through.
The case at a glance
| Court | Beijing Internet Court (北京互联网法院), Comprehensive Trial Division No. 1; deputy chief judge Zhang Qian (张倩) |
| Decided | 30 April 2026 — judgment now effective (no appeal by either side) |
| Legal basis | Anti-Unfair Competition Law (2025 revision, effective 15 Oct 2025), Article 13(3) — the data clause |
| Plaintiff | A technology company operating a well-known professional / career-networking platform (anonymised) |
| Defendant | Mr. Wang (王某), operator of the infringing site and reseller of access to it |
| Cause of action | Unfair competition (不正当竞争纠纷) |
| Result | Wang to pay ¥200,000 in economic loss + ¥30,000-plus in reasonable enforcement costs (fully supported); plaintiff’s other claims dismissed |
The facts
The plaintiff operates a well-known professional / career-networking platform (think of the LinkedIn-style category). The platform holds a large body of career data — user names or handles, current employer and job title, years of experience, and complete work and education histories.
The platform’s Service Agreement bars users from registering multiple accounts or using controlled accounts to scrape data, and the operator had deployed login verification, access-permission controls, and traceable encrypted parameters to keep non-members out of the data and to track anyone accessing it in violation of the rules.
Mr. Wang did the following:
- registered platform accounts using multiple phone numbers and topped them up to business-membership (商务会员) tier;
- obtained the page source code, wrote crawler programs, and stood up his own unlawful website, onto which he automatically scraped the platform’s career data; and
- resold access — selling the usernames and passwords needed to query his copycat site through second-hand-marketplace accounts (i.e., resale-platform listings), as short-term day-passes.
The plaintiff sued under Article 13(3) of the revised AUCL, seeking damages and reasonable enforcement costs.
Wang’s defence was, in essence, “no substantial substitution and no bad faith”: he argued his site sold only 1-to-15-day short-term access to users with temporary, simple look-up needs, offered only a single “contacts-view” (人脉查看) function, served a completely different audience, and therefore did not substantially substitute for the platform; that he had no subjective intent to infringe and had voluntarily stopped; and that the claimed loss was excessive and the claimed costs above industry norms.
The holding
1. How the court found the platform “lawfully held” the data
The whole case runs through one threshold: is the scraped material “data lawfully held” (合法持有的数据) by the plaintiff within the meaning of Article 13? This is where most of the court’s reasoning sits, and it is worth following the chain, because the court is effectively defining the term through its application. It built the conclusion in three findings:
- Lawful sourcing → the “lawfully” prong. The dataset was formed by the platform collecting and processing personal information with user consent, under its Service Agreement and Privacy Policy, and the record showed no unlawful data processing. So the holding is lawful at its root — the platform’s own PIPL-side compliance is what makes the dataset “lawfully” held. (Flip side: a platform whose upstream collection was unlawful would struggle to clear this prong.)
- Aggregation through investment → a protectable dataset, not raw records. By building and continuously operating the platform, the plaintiff aggregated scattered, single data points into a dataset of meaningful scale, which gave the collection an economic value distinct from any single raw record. The protected object is thus the operator’s invested-in dataset, not the underlying individual facts — the value is created by the holding and integration, i.e. by substantial investment.
- Competitive function → “brings business benefit or competitive advantage.” The fields at issue — name, employer and title, work and education history — are strongly correlated with job-seeking, recruiting, and networking, and are the foundational input that lets the platform precisely match social and hiring demand and keep improving its service; they are therefore important to the platform’s core business and to building and widening its competitive advantage.
Stacking those three, the court reaches its operative definition: a dataset that is lawfully collected, stored or used, formed through the operator’s substantial investment, and capable of bringing it business benefit or competitive advantage is “data lawfully held” under Article 13(3).
Note what the court did not do. It did not ask whether the platform owned the data, whether data is a typed civil property right, or whether some “data right” had been registered. “Lawful holding” is built from conduct and investment, not from title — which is exactly why it can be decided on the facts without waiting for China’s data-property legislation to settle. That move is what connects this case to the right-to-hold-data debate, below.
2. Wang’s conduct was improper acquisition and use → unfair competition
Wang registered and topped up multiple business-member accounts, then obtained source code, wrote crawlers, and built an unlawful site to circumvent the platform’s login verification and access-permission controls, auto-scraped the data, and disclosed it publicly to an unspecified audience. That conduct:
- improperly seized the plaintiff’s users and market share;
- produced a substantial substitution effect on the platform’s core business;
- created data-security risk; and
- harmed the plaintiff’s lawful interests and damaged the existing competitive order of the data-supply-and-circulation market.
That is unfair competition under the data clause. Note what the court did not require: it did not demand that Wang be a head-to-head competitor running an equivalent career-networking platform.
3. Damages — a four-factor calculus
With statutory data-clause damages unsettled, the court fixed ¥200,000 by weighing four factors:
- Manner of conduct — Wang committed both prohibited acts (improper acquisition and use); his scraping targeted the platform’s entire dataset and pushed it to unspecified outside users, with significant impact on the core business and on data security.
- Subjective fault — as a paying business member, Wang should have known the platform bars multiple accounts and scraping; after the platform banned some of his accounts he simply registered new ones and carried on — obvious fault.
- Scope of impact — he ran a self-operation-plus-distribution model, selling card-key access codes (卡密) across multiple platforms, and his resale accounts moved high volumes — a wide footprint (the expert commentary notes sales in the tens of thousands of orders).
- Duration — the infringing site ran from at least April 2025 to at least December 2025, i.e. not a long period.
The court fully supported the plaintiff’s claimed reasonable expenses (attorney and evidence-collection fees), given the necessity of enforcement and the difficulty of the case — adding ¥30,000-plus on top of the ¥200,000.
The framework the bench wants you to take away
In the judge’s own commentary (法官说法, Zhang Qian), the court frames this as the first case it has concluded under the AUCL’s new data clause, and lays out a four-element test for applying Article 13:
- Object element (客体要件) — the conduct must target data lawfully held by another operator.
- Subject element (主体要件) — the actor must be an operator (经营者).
- Conduct element (行为要件) — there must be improper acquisition or use of the data.
- Result element (结果要件) — the conduct must harm another operator’s lawful interests and disrupt market competition order.
And the “lawfully held data” standard: a dataset lawfully collected, stored or used by the operator, formed through its substantial investment, and capable of bringing it business benefit or competitive advantage.
Does “lawfully held” map onto the “right to hold data”? (数据持有权)
The natural question for anyone tracking China’s data-property debate: is Article 13’s 合法持有的数据 (“data lawfully held”) the same thing as the right to hold data (数据持有权) — the first of the three rights in the Data 20 Articles’ “separation of three rights” framework (持有 / 加工使用 / 经营; see the regulator’s own walk-through in NDA Explains the Three-Rights Framework)? The honest answer is a functional yes, but not a doctrinal one — and the difference is the whole point.
-
Same instinct, different instrument. Both ideas exist to protect the party that holds a dataset without having to decide who owns it. The Data 20 Articles invented a “holding right” precisely because data ownership (所有权) is contested; Article 13 protects “lawfully held data” precisely so a court can grant relief without ruling on ownership. The court here makes that explicit — it grounds protection in lawful sourcing + investment + competitive value, never in title. The verb 持有 (“hold”) is doing the same work in both: protect a position, not a property right.
-
This case is the holding right’s defensive content in action. On the official “complete separation” reading of the three rights — the one DCC covered through Hong Yanqing (洪延青) in Two Paths for the ‘Right to Hold Data’ — once you carve the use and operation rights out of it, the holding right shrinks to a bare “lawful-control state” whose only real content is defensive: the power to fend off third parties. And Hong’s key observation was that this defensive content is already supplied by existing law — PIPL Art. 10, DSL Art. 32, the Network Data Security Regulation, and AUCL Article 13 — not by any new property right. This judgment is that thesis made concrete: a court using AUCL Article 13 to enforce the holder’s defense against a scraper. It is, in effect, the holding right doing the one thing it can reliably do.
-
But the court refused the property-rights frame. It never called the dataset anyone’s 持有权, never treated “holding” as a typed civil property right, and (as the expert notes below) did not start from “is there a legally protected data right?” What it protected is a competition-law interest, enforceable in tort against improper-means competitors — not erga omnes against the world. So the case confirms Path 1’s conclusion (the enforceable substance of “holding” lives in competition law and contract, not in a standalone property right) rather than building out a property 持有权.
-
What that means in practice. A formal holding-right artifact — a data-resource-holding registration, or the data-IP registration certificate that anchored Datatang v. Yinmu — is strong evidence of “lawful holding” under Article 13, but is not required; the platform here won with none. Conversely, clearing Article 13 does not give the holder exclusivity over the data: data is non-rivalrous, and others may lawfully hold the same data in parallel (see Data ‘Parallel Property Rights’). Article 13 bars only improper-means acquisition and use. The wrong the court punished was how Wang took the data — circumventing the access controls and breaching the platform terms — not a monopoly over the facts themselves.
In short: read “lawfully held data” as the competition-law operationalisation of the holding right’s defensive core — the same protective instinct, delivered through unfair-competition tort instead of a not-yet-settled property right.
The expert reading — what actually shifted (Meng Yanbei)
The published piece carries a 专家点评 by Meng Yanbei (孟雁北), professor at Renmin University Law School and a member of the expert advisory group of the State Council’s Anti-Monopoly and Anti-Unfair Competition Committee. Her three observations are the most useful part for predicting where this line of cases goes:
- Competitive relationship is fading out. The court did not follow the habitual practice of first establishing a “competitive relationship” between the parties. Consistent with a broad, modern reading of competition (platform competition, data competition, cross-sector competition), it de-emphasised — even hollowed out — the competitive-relationship inquiry when finding data unfair competition. For foreign businesses this widens exposure: your scraper-adversary need not be in your line of business.
- The analysis no longer starts from “is there a data right?” Under the old Article 2 cases, courts asked whether a “legally protected data interest” existed. Here the court starts instead from the facts of lawful collection/storage/use + substantial investment + business benefit or competitive advantage — the “lawfully held data” standard above. This is a deliberately conduct- and investment-focused route that sidesteps the unresolved question of data ownership.
- “Substantial substitution” is sufficient here, but not the boundary. Wang took the platform’s full core-user dataset and disseminated it without limit, actually selling tens of thousands of orders — enough to show a substantial substitution effect on the core business. But Meng cautions that substantial substitution is one way to show harm to a competitor; whether market order is “disrupted” may need separate analysis, and conduct could disrupt market order even without a substantial-substitution effect. Read: don’t assume “we didn’t replace their product” is a safe harbour.
What overseas counsel should take from it
- There is now a named hook for data-scraping claims in China. Where before a plaintiff had to argue the open-textured Article 2 good-faith clause, it can now plead Article 13 directly. Expect more platform-vs-scraper suits framed this way.
- The protected thing is the aggregated dataset, not a data “right.” Liability turned on the operator’s investment in building and running the platform and the resulting dataset’s economic value — not on any registered or statutory property right in data. A defendant cannot win simply by pointing out that “data” is not a typed civil property right. (This is the same investment-and- free-riding instinct that drove Datatang v. Yinmu, now expressed through the purpose-built clause.)
- Lawful upstream data handling matters to the downstream competition claim. The court anchored “lawfully held” partly on the platform having collected the personal information with consent under its Service Agreement and Privacy Policy. A platform whose own PI collection was unlawful would have a weaker claim that its dataset is “lawfully held” — so PIPL compliance and competition-law standing are linked. This is why DCC files the case under both Data Economy and Personal Information.
- Circumventing technical controls is the core wrong. Login verification, access tiers, encrypted/traceable parameters, and anti-multi-account terms are not just product hygiene — defeating them is exactly the “circumventing or breaking technical management measures” the clause targets, and it drives both liability and the fault finding that lifts damages.
- The competitor-status defence is weakening. “We serve a different audience / we don’t substitute for you” did not save Wang, and the expert commentary signals courts will keep relaxing the competitive- relationship requirement.
Source: 北京互联网法院 (Beijing Internet Court), “e案e审丨不正当获取、使用平台用户数据,构成不正当竞争!”, WeChat Official Account, 5 June 2026 — original. Contributors credited: 张倩、张晴; expert commentary by 孟雁北 (Renmin University). The judgment was issued 30 April 2026 and is effective. DCC’s translation and analysis; not legal advice.