---
title: "Public Data Under Franchise and Concession Operations: Who Owns It and Can It Be Traded?"
author: "DCC Editorial"
published: 2026-05-27T03:00:00.000Z
url: https://datacompliancechina.com/posts/public-data-under-franchise-concession/
description: "Infrastructure and public-utility operators in China — gas networks, urban parking, water systems, and similar franchise/concession (特许经营) businesses — generate data that falls within the statutory definition of 'public data.' That classification creates compliance questions that standard enterprise-data analysis does not answer: does a franchise agreement confer the right to process and sell that data, and under what conditions? Two Shenzhen Data Exchange compliance officers work through the asset-ownership and revenue-attribution routes for establishing data-use authority, flag the asset-transfer risk that attaches to API and dataset licensing, and explain why franchise-generated public data should not be silently assimilated into the authorised-operation (授权运营) model now being piloted across Chinese cities. The operational takeaway: amend legacy concession agreements to address data rights explicitly, and build the data-rights clause into every new franchise contract before signing."
tags: ["public-data", "franchise-concession", "authorized-operation", "data-economy", "data-property-rights", "infrastructure", "public-utilities", "data-trading-compliance"]
laws_cited: ["public-data-authorized-operation-specifications", "data-foundation-system-opinions"]
domains: ["data-economy"]
account: "shenzhen-data-exchange"
original_title: "DEXC+专栏丨特许经营业务下的公共数据，能用?怎么用?"
original_author: "胡婧卓; 陈一芊"
original_publication: "深圳数据交易所 DEXC+ 专栏 WeChat Official Account"
original_url: "https://mp.weixin.qq.com/s/K1zqNbOyao8cXhEIVGTn-Q"
source_language: "zh"
---
> *Editor's Note — DCC.*
>
> This brief summarises 《DEXC+专栏丨特许经营业务下的公共数据，能用?怎么用?》
> by Hu Jingzhuo (胡婧卓) and Chen Yiqian (陈一芊), both Transaction Review
> Supervisors in the Compliance Department of the Shenzhen Data Exchange.
> The piece sits squarely in the practical zone DCC tracks from this source:
> it addresses a compliance gap that practitioners encounter daily but that
> most legal guidance has not caught up with — what happens when the data
> a company holds is *public data* because the company holds a government
> franchise, rather than because it is a public authority. The authors draw
> on the 2024 Infrastructure and Public Utility Franchise/Concession
> Management Measures (《基础设施和公用事业特许经营管理办法（2024）》,
> hereinafter "the Management Measures"), the Guangdong provincial public-data
> management rules, and the Futian District authorised-operation pilot to
> work through two analytical paths for establishing data-use authority.

> The core tension the brief resolves is institutional: franchise-generated
> public data is *not* freely available to the concession holder just because
> the holder operates the relevant infrastructure. The legal basis for
> processing and commercialising it must be traced through the concession
> agreement itself — or, where the agreement is silent (as most legacy
> agreements are), through the asset-ownership and revenue provisions of the
> Management Measures. Overseas counsel advising clients in China's
> infrastructure, energy, transport, or urban-services sectors should read
> this as a practitioner's checklist, not a theoretical overview.

## What counts as a franchise or concession operation, and why does it matter for data?

The 2024 Management Measures define a franchise/concession operation
(特许经营, literally "specially-permitted business operation") as an
arrangement in which a government selects a Chinese or foreign legal entity
through open competitive process, records the parties' rights, obligations,
and risk allocation in an agreement, and grants that entity the right to
invest in, build, and operate designated infrastructure or public utilities
for a defined period in exchange for revenue from those operations.

The data-compliance significance of that definition is immediate. Where a
concession holder operates infrastructure or public utilities and provides
public products or public services under such an agreement, the data
generated in that process meets the statutory definition of *public data*
(公共数据) under the Shenzhen Special Economic Zone Data Regulations:
data produced or processed by public management and service bodies in the
course of performing their public management duties or providing public
services. The concession holder is, in regulatory terms, acting in a
quasi-governmental capacity when it delivers those services — which means
the data produced along the way carries a public-data classification, with
all the restrictions and procedural requirements that entails.

The authors give practical examples to anchor the question: can a gas
utility (energy franchise) process consumer usage data to build a
district-level household consumption dataset or a corporate creditworthiness
product based on commercial gas-consumption patterns? Can an urban on-street
parking franchise process its parking records to produce a vehicle-flow
dataset covering a particular district? These are not hypothetical. They
are the routine project types that compliance teams at data exchanges
encounter when concession holders approach the market to monetise their
operational data.

## Two analytical routes when the concession agreement is silent on data

In practice, the authors note, most existing franchise agreements contain no
explicit data-ownership or data-use provisions. The regulatory instruments
that mandated those agreements were not drafted with data monetisation in
mind. That silence does not mean the concession holder has free rein — it
means the analysis must proceed through the Management Measures themselves.
The authors identify two routes.

**Route 1 — Asset ownership.** The Management Measures require concession
agreements to specify the ownership of assets during the operating period
and the handover mechanics when the concession expires. Where an agreement
provides that project assets during the concession period belong to the
concession holder, that asset-ownership provision can serve as the basis for
claiming rights over data resources generated by those assets.

The asset route, however, comes with a significant internal constraint: the
same agreements commonly include asset-transfer restriction clauses, under
which the concession holder cannot transfer assets used in the project
without the implementing authority's consent. The authors argue that
licensing or selling a data product derived from the concession's operational
data — whether delivered via API or as a packaged dataset — may constitute
a transfer of data-asset rights (specifically, a transfer of use or
ownership rights in the data). If that characterisation is accepted by
applying an analogy to the asset-transfer concept in the State-Owned Assets
Law (《企业国有资产法》), the concession holder may need the implementing
authority's prior approval before proceeding with any data-product licensing
or sales. The prudent approach, the authors state, is to obtain that
approval rather than assume it is not required.

**Route 2 — Revenue attribution.** The Management Measures also provide
that, subject to agreement otherwise, efficiency gains, cost reductions, and
innovations generated by the concession holder during the operating period
belong to the concession holder. The authors read this provision as
supporting the concession holder's entitlement to revenue derived from
operating the public data produced during the concession — again, absent a
contrary agreement provision.

Taken together, the two routes provide a workable analytical structure, but
neither offers a clean, uncontested path to commercialisation. Both are
subject to what the specific agreement says, to local regulatory overlays,
and — on the asset route — to the latent asset-transfer problem.

## The compliance checklist for third-party assessors

The authors set out a three-stage compliance checklist directed at legal
advisers conducting data-product compliance assessments for concession
holders. It maps onto the standard transaction-review workflow at a data
exchange.

**Subject-entity compliance.** Verify that the concession holder obtained
its concession rights through the legally required open competitive process.
A concession awarded irregularly — outside the competitive mechanism
mandated by the Management Measures — cannot supply a valid legal basis for
downstream data use.

**Subject-matter compliance.** Review the concession agreement carefully for
(a) any explicit data-ownership or data-use provisions (if they exist, they
govern); (b) any asset-transfer restrictions that could apply to data-product
licensing; and (c) any applicable local rules on the development and use of
the specific category of public data involved. The local regulatory layer is
material: different provinces and cities have adopted varying rules on how
public data generated within their jurisdictions may be used, and the
concession holder's geographic scope determines which overlay applies.

**Circulation compliance.** Address how the expiry of the concession period
affects the data product. Most infrastructure PPP-style concessions run for
around forty years. When the concession expires and assets revert to the
government, do constraints on asset disposal also constrain continued trading
in data products derived from those assets? The authors flag this as a point
that requires explicit analysis and should not be left to implication.

## Franchise-generated public data is not the same as authorised-operation public data

A significant portion of the source article addresses what the authors treat
as a conceptual misclassification risk: the tendency to treat franchise-
generated public data as already falling within the authorised-operation
(公共数据授权运营) framework that has been the subject of extensive piloting
across Chinese cities in recent years.

The [public-data authorized-operation specifications](/laws/public-data-authorized-operation-specifications/)
and related local instruments establish a structured mechanism through which
public-data holding bodies — government departments and their equivalents —
can authorise designated operators to process and commercialise public data
on their behalf. Major models include Beijing's sector-by-sector dispersed
authorisation zones and Shanghai's centralised model under the Shanghai Data
Group.

One view, the authors acknowledge, holds that the authorised-operation
framework should be read broadly: any entity that has already obtained
government permission to operate infrastructure and provide public services
should be regarded as having implicitly received authorisation to process and
commercialise the public data generated in that operation. On this reading,
franchise-generated data falls within the authorised-operation regime without
any further formality.

The authors reject that view and argue for a narrow reading. Their reasoning
is structural: the authorised-operation mechanism is designed precisely
around the requirement that the government select an operating entity through
open competition following defined research and feasibility steps. Collapsing
franchise operations into the authorised-operation category would allow
concession holders to bypass both the competitive selection process and the
pre-authorisation groundwork that the instruments are intended to require.
The two regimes have different legal bases, different authorisation
mechanisms, and should not be treated as equivalent.

The practical consequence of the authors' position: a franchise holder
that wants to commercialise its public data through an authorised-operation
route needs to engage the relevant public-data governing body and obtain a
formal authorisation, rather than assuming that its concession agreement
already carries that permission.

## Local regulatory overlays and the aggregation requirement

The authors draw attention to a further complication that practitioners
frequently overlook. Several local governments — notably in Guangdong
province — have enacted rules that require public data generated within
the jurisdiction to be collected and consolidated into designated government
platforms or data repositories (归集要求). Where such a requirement applies,
the concession holder's ability to operate a data-product business directly
may be constrained, because the data must flow through the designated
consolidation infrastructure first.

Practitioners advising concession holders on data-product development should
therefore check two things: whether the relevant locality has adopted a
public-data aggregation requirement, and if so, whether that requirement
affects the commercial model the client is proposing. A data-product business
premised on direct API licensing or direct dataset sales may need to be
restructured if the underlying data is required to pass through a government
consolidation node.

## The forward-looking fix: amend existing agreements, and build the clause into new ones

The authors close with explicit operational guidance directed at the
concession holders themselves. Their recommendation is twofold.

For existing concession agreements, they advise supplemental agreement
(补充协议) as the mechanism: the concession holder and the implementing
authority should negotiate and execute an amendment that explicitly addresses
data-ownership, data-use rights, and any consent or approval requirements
for data-product development and commercialisation. This is the
straightforward path to removing the ambiguity that the asset-silence of
most legacy agreements creates.

For future concession projects, they advise that data-rights provisions —
including data ownership during the operating period, permitted data-use
modalities, any applicable asset-transfer restrictions in the data context,
and revenue-attribution rules for data-product sales — should be treated as
standard agreement content from the outset, alongside the project-asset,
infrastructure, and handover provisions that the Management Measures already
require.

## Why overseas counsel should care

- **Infrastructure-sector clients face a compliance gap that standard data-law analysis misses.** Any client holding a Chinese franchise or concession agreement in energy, transport, parking, water, or similar sectors may be sitting on data assets it is treating as ordinary enterprise data when that data is legally public data — subject to a different compliance framework and different commercialisation conditions.
- **The asset-transfer risk in concession agreements is live and largely unpriced.** Licensing data via API or selling datasets derived from concession-generated data could constitute an asset transfer requiring prior approval from the implementing authority under the agreement. Most legal reviews of data-product transactions do not look inside the concession agreement for this constraint.
- **The authorised-operation framework, as it is evolving across Chinese cities, does not automatically cover franchise operations.** Clients seeking to commercialise public data through the authorised-operation route need a formal authorisation from the relevant public-data governing body — the concession agreement is not a substitute.
- **Local aggregation requirements vary and may block direct commercialisation.** The viability of a data-product business depends in part on whether the locality requires the underlying public data to be routed through a government consolidation platform, which may change the available commercialisation models significantly.

## DCC sources

- Original: 胡婧卓; 陈一芊 (Hu Jingzhuo; Chen Yiqian), 《DEXC+专栏丨特许经营业务下的公共数据，能用?怎么用?》, 深圳数据交易所 DEXC+ 专栏 WeChat Official Account ([source](https://mp.weixin.qq.com/s/K1zqNbOyao8cXhEIVGTn-Q)).
- [Public-data authorized-operation specifications](/laws/public-data-authorized-operation-specifications/)
- [Data foundation system opinions](/laws/data-foundation-system-opinions/)
- 《基础设施和公用事业特许经营管理办法（2024）》(2024 Infrastructure and Public Utility Franchise/Concession Management Measures)
- 《广东省公共数据管理办法》(Guangdong Province Public Data Management Measures)
- 《福田区公共数据授权运营暂行管理办法》(Futian District Provisional Public Data Authorised-Operation Management Measures)

> This is an editorial summary, not a translation. Analysis, emphasis, and
> operational extrapolation are DCC's. The original authors write in a
> personal capacity and the piece does not represent the official position of
> the Shenzhen Data Exchange. **Not legal advice.**