DCC
Data Compliance China
Search · ⌘K
DCC · DATA COMPLIANCE CHINA China data law, for overseas counsel.
Back
§ 016 · CRIMINAL-LIABILITY

When PIPL Violation Becomes a Crime — Hong Yanqing on China's Personal Information Criminal Threshold

Hong Yanqing on the criminal-side analog to PIPL — when does mishandling personal information cross from administrative violation into the crime of 'infringing on citizens' personal information'? His critique: the two key elements ('relevant State provisions' and 'serious circumstances') are too loose, and courts have stretched them in ways that should worry compliance teams.

DCC Editorial SOURCE · ZH .MD ↓

Editor’s Note — DCC.

Hong Yanqing is one of the most influential voices on Chinese data-protection law. This piece is a republication on his WeChat channel 网安寻路人 of a 2023 paper he originally published in the academic journal 《数据法学》(Data Jurisprudence) — a journal hosted at the People’s Public Security University of China. It is academic in form but practitioner in stakes.

The stakes: PIPL describes administrative liability — fines, business suspensions, individual penalties. But mishandling personal information in China is also a crime under Article 253-1 of the Criminal Law — the offense of “infringing on citizens’ personal information.” Conviction can carry up to seven years’ imprisonment for serious cases. The line between “administrative violation” and “criminal offense” is drawn by two elements of the crime, both of which Hong argues are dangerously underspecified. Courts have stretched both — sometimes to convict on the basis of regulations that have nothing to do with personal information protection at all.

For overseas compliance teams operating in China, the practical lesson is not that the criminal line is bright. It is that it is not bright. And how Chinese courts read the two ambiguous elements is the difference between a notice of administrative penalty and a criminal docket. We rewrote rather than literally translated the paper because the core diagnostic — that the quantitative threshold and the unrelated-regulation problem both threaten the principle of legality — is exactly the kind of conceptual move that gets lost in plain rendering but reshapes how an overseas reader should weigh China’s criminal-side PI exposure.

China’s regime for personal information protection has two layers. The civil and administrative layer — the Civil Code and PIPL — is the layer foreign compliance teams know well. The criminal layer — Article 253-1 of the Criminal Law and the 2017 Judicial Interpretation issued jointly by the Supreme People’s Court and the Supreme People’s Procuratorate — is less familiar, and more consequential.

The crime is called qīnfàn gōngmín gèrén xìnxī zuì — the offense of “infringing on citizens’ personal information.” It was inserted into the Criminal Law in 2009, refined in 2015, and given a detailed implementation regime by the 2017 Judicial Interpretation. By 2023, courts had handled tens of thousands of cases under it. Maximum sentence: seven years.

The crime has six elements, but two of them carry the real weight in deciding whether a defendant goes to jail. Both, Hong Yanqing argues, are too loose to deliver legality.

Element one — “relevant State provisions”

The first ambiguous element is what counts as “relevant State provisions” (guójiā yǒuguān guīdìng) — the predicate body of law that defendants must have violated.

Until 2015, the operative phrase was the narrower guójiā guīdìng (“State provisions”), defined in Article 96 of the Criminal Law as laws and decisions of the National People’s Congress and its Standing Committee, plus regulations, administrative measures, decisions, and orders of the State Council. Departmental rules — issued by ministries — were not included. The 2015 Criminal Law Amendment changed the predicate to guójiā yǒuguān guīdìng — adding the word yǒuguān (“relevant”), broadening the scope.

The 2017 Judicial Interpretation went further. Under it, “relevant State provisions” includes laws, administrative regulations, and departmental rules (部门规章) related to personal information protection. That expansion is the source of the trouble.

Hong’s critique has two strands.

The first: the principle of legality (zuì xíng fǎ dìng yuán zé) — the requirement that criminal liability be foreseeable from the statute — pushes the other way. Article 96’s definition of “State provisions” is intentionally narrow, because in the Chinese legal hierarchy departmental rules can contradict each other and proliferate quickly. Using them as the predicate for criminal liability creates exactly the kind of unpredictability the legality principle is meant to prevent. Hong’s read: the broader “relevant State provisions” formulation should be read within the framework Article 96 sets — the addition of “relevant” narrows the universe of State provisions to those relevant to personal information protection, not enlarges the universe to include subordinate rules.

The second strand is the empirical one — and this is where Hong’s argument bites. He gives three case examples in which Chinese courts have used regulations that have nothing to do with personal information protection as the predicate “relevant State provisions” for conviction.

  • In one case (Ding et al.), an employee of a Real Estate Registration Center sold property-ownership and homeowner phone-number records to outsiders. The court found him guilty under Article 253-1, citing the Interim Regulations on Real Estate Registration and the Interim Measures on Real Estate Registration Information Inquiries as the relevant State provisions he had violated. But — Hong observes — those regulations exist to govern the real estate registration system, not to protect personal information. They contain no personal-information-protection rules. Using them as the predicate for an Article 253-1 conviction stretches the statute.

  • In another case (Zheng et al.), a baby-formula salesperson bribed hospital staff for new-mother and newborn contact information to sell formula. The court convicted under Article 253-1 by reference to the Administrative Measures for the Sale of Breast-Milk Substitutes and the Maternal and Infant Health Law. Again — those statutes regulate the marketing of breast-milk substitutes and maternal-health work, not personal-information handling. Their use as the predicate of a personal-information crime is, in Hong’s reading, a category mistake.

  • In a third case (Chen Moulin), the court held that domain-name registration records held by the defendant constituted “citizens’ personal information” — because the Internet Domain Name Management Measures prescribe first-come-first-served registration. But the Measures protect the integrity of domain-name registration; they do not address whether domain-name records are personal information. The court used the unrelated regulation to convict.

Hong’s positive proposal: “relevant State provisions” should be limited to provisions that (i) are at national level (not local rules, not provincial measures); and (ii) substantively concern personal information protection — they actually exist to regulate how personal information is handled. Anything else risks expanding the criminal scope past the legislative purpose of the crime, and past what foreseeable.

This last point matters more after PIPL took effect. The Civil Code (Articles 1034–1039) and PIPL set the affirmative boundaries of personal information protection in civil and administrative law. Some prior regulations contain definitions of “personal information” that do not match PIPL. Hong argues that where the older regulations and the newer specialized statute conflict, criminal courts should follow the newer specialized statute — otherwise the criminal predicate drifts away from the substantive regime that defines what personal information protection actually is.

Element two — “serious circumstances”

The second ambiguous element is “serious circumstances” (qíngjié yánzhòng) — required for criminal liability to attach at all, and especially serious circumstances for the upper sentencing tier.

The 2017 Judicial Interpretation tried to make this operational by listing quantitative thresholds:

  • Selling, providing, or illegally acquiring 50 or more pieces of certain sensitive personal information items (location data, credit information, communication content, health, transaction information).
  • 500 or more pieces of communication or accommodation records, credit information, and so on.
  • 5,000 or more pieces of ordinary personal information.

Plus qualitative criteria: using the information to commit further crimes, causing serious harm to the individual, illegal gain above stated thresholds, repeated offenses, etc. The “especially serious” tier kicks in at 10× the “serious” threshold.

Quantitative thresholds were a sensible move when the Interpretation was drafted — they give lower courts a predictable rule of thumb. But in the big-data era, Hong argues, they have become a problem. Modern personal-information cases routinely involve tens of millions to hundreds of millions of records. By a straight reading of the thresholds, nearly every contested case would land in the “especially serious” tier and trigger the upper sentencing range.

Hong cites the Zou Moulong case to make the point. Defendant Zou ran a “China Black Defense League” forum that distributed 100 million+ personal-information records. Defendant Huang held about 1.84 million records. Defendant Yang held about 130,000. Under the threshold rule, all three are “especially serious.” The court sentenced Zou to four years, Huang to three years, and Yang to two and a half years — radically different culpability but only modestly different sentences. The fines were identical for Huang and Yang. The threshold rule, used mechanically, flattens cases that should be differentiated.

Hong’s positive proposal here is more interesting than the diagnosis. He argues that “serious circumstances” should be assessed through a multi-dimensional impact framework, anchored on the actual harm to the affected individuals’ lawful interests, not on raw counts. The dimensions:

  • Type of personal information — sensitive vs. ordinary, and within sensitive, the particular type (biometric, health, financial, communication content).
  • Purpose and intended use — particularly whether the information was used or intended to be used to commit further crimes.
  • Method — whether the acquisition was organized, large-scale, by force or fraud.
  • Consequences — actual harm to the data subjects: identity theft, harassment, financial loss, threat to safety.
  • Subject’s consent and authorization — whether and how the data subject’s consent was obtained or exceeded.

The framework Hong proposes is essentially the Personal Information Protection Impact Assessment (PIPIA) framework that the administrative regime already uses — drawn from GB/T 35273, GB/T 39335, GDPR DPIA, and ISO/IEC 29134. The argument is that Chinese criminal courts already have a mature multi-factor analytical apparatus available — they just have not been using it.

The Mozhi case — a workshop on both elements

Hong devotes the final section of the paper to the Mozhi (魔蝎) case — the 2019 prosecution that practitioners regard as the canonical big-data personal-information prosecution of the PIPL transition period.

Mozhi Technology operated a crawler service plugged into mobile lending apps. Loan applicants entered their credentials (social-security account, housing-fund account, etc.) and authorized Mozhi to log in on their behalf and scrape their public-services records, which the lender then used for credit decisions. The user’s Data Collection Service Agreement with Mozhi promised that credentials would not be stored. In fact, Mozhi did store more than 21 million sets of plaintext credentials on its cloud servers — and used a subset of them (in particular, email credentials) to log in to user accounts again, without the user’s renewed authorization.

The court found Mozhi guilty of “infringing on citizens’ personal information,” circumstances especially serious.

Hong’s case analysis pulls out two careful distinctions.

First, on “violating relevant State provisions”: the court correctly held that the initial crawling was not the unlawful act. The user gave Mozhi the credentials and authorized the scrape; the act of using user-supplied credentials to access a third-party platform’s user-facing interface is not an “intrusion” within the meaning of the unauthorized-computer-system-access crime. Whatever competing claim the platforms might have under unfair-competition law, this is not “illegal acquisition” under Article 253-1.

What Mozhi did do unlawfully was retain and re-use the credentials past the agreed scope. The court treated this as “obtaining by other illegal means” — folding it into the same statutory category as theft. Hong is uneasy with this. Obtaining and retaining-after-lawful-obtaining are linguistically and conceptually different acts. The Judicial Interpretation defines “obtain by other illegal means” as “obtaining citizens’ personal information in violation of relevant State provisions through purchase, receipt, exchange, etc., or in the course of performing duties or providing services.” Retaining beyond the agreed scope is more naturally a processing violation under PIPL — handle outside the scope of consent — not an acquisition violation. Forcing it into “obtaining” risks distorting the statute.

Second, on “especially serious circumstances”: the court held the threshold met by reference to the volume of records retained (21 million+) and the illegal gain (~30 million yuan). Hong’s critique is that the analysis is incomplete. The court did not specify how many of the 21 million credentials were actually re-used — only that a “portion” (email accounts) were. It did not analyze the actual harm to individual data subjects. It did not separately weigh that Mozhi’s initial acquisition was lawful, that its commercial purpose was not in itself unlawful, and that the data-leak risk from cleartext storage, while real, is not the same as actual leakage. A multi-dimensional impact analysis would likely have produced a different conclusion at the “especially serious” boundary — and in any event would have produced a more reasoned one.

Hong’s verdict on Mozhi: the court’s overall instinct was sound (administrative tools alone would not have been sufficient for the scale), but the legal reasoning at both elements is doctrinally weak. As a precedent, it leaves the boundary ambiguous in ways the principle of legality is meant to prevent.

Why this matters for overseas compliance

The criminal side of China’s personal-information regime is less visible to overseas teams than PIPL administrative enforcement, but the practical takeaways are direct.

  • Criminal liability is a real second track, not a theoretical one. PIPL fines and criminal exposure are not alternatives — they coexist. Conviction can attach to employees, directors, and managers personally, not just to the entity. For foreign multinationals, the criminal track is also the channel through which Chinese authorities can act against locally employed foreign nationals.
  • “Violating relevant State provisions” is not just PIPL. Courts have used unrelated departmental and even local regulations as the predicate. The implication for compliance teams is that auditing personal information practices against PIPL alone may not be a complete picture of criminal exposure — there are sectoral regulations with personal-information-adjacent provisions that have been used in criminal cases.
  • Quantitative thresholds dominate, but they are not the only test. Where a compliance issue involves tens of thousands of records or more, the case is going to clear the headline threshold easily. The contestable terrain is the qualitative side — actual harm, intent, method — and that is where the defense theory lives.
  • The boundary between “legal acquisition + unlawful processing” and “illegal acquisition” is being contested. Mozhi-style fact patterns — legal initial collection followed by processing in excess of authorization — are common in modern data-services arrangements. Hong’s reading is that those should be processing violations, not acquisition crimes. Whether courts adopt that view will shape exposure for an entire class of cases.
  • A multi-dimensional PIPIA-style analysis is your strongest defense. Hong’s argument that “serious circumstances” should be judged through a substantive impact framework — closer to PIPIA than to a counting rule — gives defense teams a doctrinal anchor. Building such an analysis into compliance documentation, in advance, is a practical way to prepare for the case where you ever need it.

Behind all five takeaways is Hong’s larger point. The administrative regime under PIPL has matured. The criminal regime has not kept pace. Until the Judicial Interpretation is updated to reflect PIPL’s substantive boundaries and the big-data era’s quantitative realities, courts will continue to write the doctrine case by case — which means compliance teams in China are operating under a criminal liability rule that is not yet stable.

— Hong Yanqing, 《个人信息保护法》背景下侵犯公民个人信息行为的罪与非罪认定标准分析 (Analysis of the Standards for Distinguishing Criminal from Non-Criminal Infringement of Citizens’ Personal Information Under PIPL), originally published in Data Jurisprudence (《数据法学》), Vol. 4, 2023; republished on 网安寻路人 WeChat Official Account, April 22, 2026. Original article.

Not legal advice.

FILED UNDER

— Not legal advice.

§ SUBSCRIBE

The Monday brief.

One short email every Monday. New briefs on Chinese data-compliance rules from the previous week, with the source law cited.

Opt-in only. Unsubscribe anytime by replying "unsubscribe" to any issue.