DCC
Data Compliance China
Search · ⌘K
DCC · DATA COMPLIANCE CHINA China data law, for overseas counsel.
Back
§ 062 · DATA-PROPERTY-RIGHTS

Data 'Parallel Property Rights' — They Can Confer Status, but Can't Secure Control

Part four — and the synthesis — of Hong Yanqing's (洪延青, 网安寻路人) study notes on China's 'separation of three rights' data-property framework takes up 'parallel property rights' (数据平行财产权): how to allocate rights when the *same* data is held, used, and operated by *multiple* parties at once. Building on Xiong Bingwan and Zhuang Hongshan's 'one-data, multiple-rights' (一数数权) idea — data is non-rivalrous and copyable, so the same right over the same data can sit with several parties without excluding each other — Hong argues parallel property rights are best understood as *default rules* for incomplete-contract, collaborative-production settings: internally, parallel use is presumed; externally, operation is classified by data type (by-products each party may operate alone; purpose-built or fused data needs the others' consent); and parallel holders share a *joint defensive* interest against third parties. But the substance, he shows, falls back on derivative data — and here Xiong, Xu Ke (许可), and Shen Weixing (申卫星), despite different scenarios and tests, all tilt the derivative-data right to the *processor*, leaving the data contributor with contract/compensation/tort/PI remedies rather than ownership of the new product. DCC's read for overseas counsel: parallel property rights cut *attribution* uncertainty (who may use, operate, defend) but not *control* uncertainty (future use, detection, tracing, modelled value, third-party chains, ongoing compliance) — status, not control.

DCC Editorial SOURCE · ZH .MD ↓

Editor’s Note — DCC.

This is DCC’s summary and analysis — not a translation — of 《数据平行财产权:能定资格,难保控制》, the fourth and concluding study note by Hong Yanqing (洪延青) on his 网安寻路人 channel in his series on China’s “separation of three rights” (三权分置) data-property framework. It follows the Right to Hold Data (part one), the Right to Use Data going external (part two), and why upstream won’t operate its data (part three). The piece is legal theory, but it lands on the practical question every data-collaboration and data-exchange deal in China runs into: when several parties hold the same data, who owns what they each build from it? The original is linked at the foot; the framing for overseas counsel is ours.

What “parallel property rights” are

The first three notes worked through the three rights one at a time. This one turns to the case the framework is quietest about: the same data held, used, and operated by more than one party at the same time. Hong builds on Xiong Bingwan and Zhuang Hongshan’s paper On Data Parallel Property Rights (《论数据平行财产权》), whose core move is that because data is non-rivalrous and copyable, the same right over the same data can be enjoyed by several parties simultaneously without necessarily excluding one another — call it “one data, multiple rights” (一数数权).

The point is not independent collection of identical data (two mapping companies separately recording the same road have no shared structure). It is collaborative production — where several parties, in joint operation, co-development, or data fusion, come to hold the same data, and the contract is incomplete because much of the data was a by-product nobody priced at signing. Parallel property rights fill that gap with default rules:

  • Internal use — presumed. Absent a contrary agreement and so long as it does not defeat the collaboration’s purpose, each parallel holder may use the data. This kills the “we all hold it but nobody dares touch it” deadlock.
  • External operation — classified by data type. For data purpose-built by the collaboration, or fused from several parties, external operation in principle needs the other participants’ consent (because “who you hold it with” is itself the protected interest). For incidental by-product data, each holder may in principle operate alone and keep its own revenue.
  • External defence — joint. A third party’s theft, leak, or destruction of one holder’s copy can harm the others, so parallel holders share a defensive interest and can act against the intruder. Hong flags this as a real increment: part one’s single-holder defensive right was thin because public law already supplied most of it, but the jointly-assertable protection among parallel holders is an against-the-world increment specific to the multi-party setting.

So parallel property rights are not traditional co-ownership — not slicing data into shares, not requiring everyone to jointly dispose of everything. They are a scenario-based default arrangement: liberal internal use, classified external operation, joint external defence.

But it all comes back to derivative data

The moment parallel use is presumed, the next question is unavoidable: when one party processes the shared data into something new — a label system, index, model, score, report, or data product — who owns the result? Hong’s answer (following Xiong): if the output crosses the derivative-data (衍生数据) threshold — a substantial change in content, form, and structure plus a marked increase in value — the processor holds an independent property right, and the other parallel holders do not share it.

That pulls parallel property rights into the same orbit as the general derivative-data debate, and lets Hong line up three scholars who reach the same destination from different roads:

  • Xu Ke (许可) — source-data holder vs. derivative-data processor, via law and economics. Not an unconditional gift to the processor: he switches on transaction cost, the processor’s good or bad faith, and compensation cost (good-faith processor takes the right; where costs are higher, it takes the right but pays the source holder). Tilting to the processor does not strip the source holder, who keeps holding and defensive rights against theft, tampering, and leakage.
  • Shen Weixing (申卫星) — the most direct. Derivative data is a new object identified by a three-part test (substantial change + value increase + irreversibility); absent agreement it vests in the processor by contribution and “fullest use of data” (数尽其用), and — crucially — acquisition does not require the processor to hold a use right in the raw data: even an unlawful scraper may own its derivative output, with illegality affecting only liability, not attribution. The source holder is left with PI-rights, unjust-enrichment, or tort claims.
  • Xiong Bingwan (熊丙万) — drops the same question into the parallel-holding scenario: one co-holder processes the shared data, and if the result is genuine derivative data, that processor owns it and the others don’t share, because they contributed to the raw data but not to the value-add.

The differences are real — the identification threshold (Shen’s three-part test vs. Xu Ke’s “marked value increase” core vs. Xiong’s compact “substantial change + value increase”); the weight of the processor’s good/bad faith (decisive for Xu Ke, mostly a liability question for Shen); and, most overlooked, the relationship to the raw-data use right — the official definition premises derivative data on “data the processor has a use right in,” so Xiong hugs the official text (parallel use right as the basis), Shen cuts the premise (even scrapers can qualify), and Xu Ke sits in between (reading “has a use right” to include “does not know it lacks one,” i.e. good faith). In a true entrusted-processing relationship, both Xu Ke and Shen agree the client keeps the process and result data; the fight is only when the processor exceeds instructions or there is no/again unclear contract.

But the differences do not change the shared conclusion: once derivative data exists, the centre of gravity shifts to the processor. Hong’s sharp observation is that even Xiong — the most “co-ownership-friendly” of the three — gives the other co-holders nothing at the layer where value is actually created: his protections (unanimous consent for operating purpose-built/fused data; joint defence) attach to the raw shared data, not to the derivative output. That is where the data contributor’s worry comes from.

What the default rules settle — and what they leave open

Hong’s payoff is a clean split between two kinds of uncertainty.

Default rules answer questions of status (资格). Absent agreement, they tell the parties: who may use the data (each parallel holder), who may form derivative data (any holder may process; a real derivative product vests in the processor), who may operate externally (by data type), and who may defend externally (parallel holders jointly, at least for an injunction; damages still need proof of loss). They reduce the “do I have the standing to do this?” uncertainty — and that is genuinely useful.

Default rules cannot answer questions of control (控制). They cannot guarantee what downstream will build (value is combinatorial and unforeseeable at signing), whether it quietly trains a model or exceeds scope (derivative data hides inside downstream systems as parameters, scores, labels), or whether you can ever trace a finished product back to your data after fusion, de-identification, and modelling. Some value is simply unrecoverable — a learned model capability is not a deletable dataset. Third-party chains (re-licensing, scraping of the downstream product) escape a contract that only binds the counterparty. And compliance risk does not end on delivery — if the source is personal information, a downstream claim of “anonymised derivative” does not by itself exit PIPL, since reversibility, substantial change, and value increase still have to be judged.

So, Hong concludes, parallel property rights reduce attribution uncertainty, not control uncertainty; they fix who has status, not whether risk is controllable; they encourage reuse but cannot replace contract, technology, audit, and compliance. This is also his answer to part three: parallel rights ease the part of upstream’s reluctance that came from unclear ownership, but not the more practical part — future use, detection, tracing, modelled value, third-party chains, and ongoing compliance.

Why overseas counsel should care

  • In any China data collaboration, write the derivative-data terms — do not rely on the default. Across all three scholarly views and the parallel-holding case, the unbargained-for default sends models, scores, indices, and labels to whoever builds them. If your data feeds a joint venture, consortium, or vendor, specify ownership, grant-back, no-train/no-fusion, and revenue-sharing for derivative output up front; “we co-hold the data” buys you nothing at that layer.
  • Distinguish raw shared data from derivative output. Consent rights and joint-defence may protect the raw fused dataset, but the value-bearing derivative typically will not be shared — so the protections that look reassuring on paper attach to the wrong layer for value capture.
  • Parallel use is the presumption — scope it. Default Chinese rules lean toward letting every co-holder use the data; if you need to restrict a partner’s internal use or downstream modelling, that restriction has to be express.
  • Plan for control loss, not just attribution. Pair clean ownership/authorisation drafting (the attribution layer) with technical and audit controls — sandboxes, privacy computing, output review, deletion and no-retrain covenants — because, as Hong stresses, the default rules cannot give you detection, tracing, or recovery once data enters a longer chain.

DCC sources

This is an editorial summary and analysis of Hong Yanqing’s commentary, written in DCC’s own words for overseas readers — not a translation of his article, and not a reproduction of it. Named scholars’ positions are summarised from Hong’s account; quoted phrases are short and attributed. Not legal advice.

FILED UNDER

— Not legal advice.

§ SUBSCRIBE

The Monday brief.

One short email every Monday. New briefs on Chinese data-compliance rules from the previous week, with the source law cited.

Opt-in only. Unsubscribe anytime by replying "unsubscribe" to any issue.