DCC
Data Compliance China
Search · ⌘K
DCC · DATA COMPLIANCE CHINA China data law, for overseas counsel.
Back
§ 035 · ANONYMIZATION

Reviving a Zombie Provision — Xu Ke's Concentric-Circle Reconstruction of the Anonymization Regime

Xu Ke (UIBE) calls PIPL Article 4's anonymization carve-out a 'zombie provision' (僵尸法条) — on the books, never used, and one of the biggest blockages in the data-element market. His diagnosis: the zombie state is caused not by the text but by three unaddressed worries (processors fear the standard is unattainable or value-destroying; regulators fear anonymization becomes an evasion tool; users fear it's a hollow promise). His cure is a concentric-circle architecture that maps three risk types (systemic / operational / residual) onto three layers of anonymity (presumptive / determined / trust). This is the most complete academic blueprint yet for making the anonymization clause operational — and it pairs directly with TRIMPS's risk-based, recipient-relative reading.

DCC Editorial SOURCE · ZH .MD ↓

Editor’s Note — DCC.

If TRIMPS’s brief is the standards-body’s read on where the anonymization bar sits, Xu Ke’s piece is the academic blueprint for rebuilding the regime from the ground up. His framing is unusually vivid for a law-journal article: PIPL Article 4’s anonymization carve-out is a “zombie provision” (僵尸法条) — formally alive, functionally dead, and one of the single biggest blockages to the data-element market China is trying to build. The piece (in 《财经法学》2024) diagnoses why the provision is dead and proposes a concentric-circle architecture to revive it. DCC reads it alongside the TRIMPS brief: same problem, complementary solutions. Overseas counsel get, between the two, the most complete picture available of where China’s anonymization regime is heading.

The zombie diagnosis

PIPL Article 4 excludes anonymized information from the definition of personal information — inheriting the carve-out from CSL Article 42’s proviso. The intent was to encourage data circulation and reuse: anonymize, and the data exits the PIPL regime. Yet since PIPL took effect, the provision has “almost never functioned” — a clause with “the form of law but no signs of life.” Xu Ke’s term: 僵尸法条, zombie provision.

Why dead? Xu Ke’s diagnosis is that the problem isn’t in the “skin” (the text) but in the “heart” — three worries that paralyze the parties:

  • Processors fear two opposite things at once: that their anonymization won’t meet the legal standard (so the data stays in PIPL scope and the effort is wasted), and that a standard set high enough to be safe will strip the data of all reuse value.
  • Regulators fear anonymization becomes a tool processors use to evade oversight — declare “anonymized,” exit the regime, escape enforcement.
  • Users fear anonymization is a hollow promise — a label processors attach without real irreversibility.

And the disease is in the “marrow” too: the three worries stem from a deeper dualism — between anonymization-as-technology and anonymization-as-law, between process and result, between the scenario-specificity and the uniformity of anonymization. The same anonymization looks like different things to each party: to the processor, a thicket of techniques and thresholds; to the user, opaque jargon; to the regulator, abstract rules and eventually-exposed risk.

Xu Ke’s critique of existing theory (“relative anonymization,” “dynamic anonymization,” “functional anonymization,” “subjective anonymization,” “data-relationship anonymization”): all correctly recognize that no anonymization can guarantee zero re-identification — but none provides a clear, operable behavioral standard. “Relative anonymization” says reduce risk to an “acceptable level” — but what level, set by whom? The theories have explanatory power but no power to cure.

The fix: three risks, three layers, one concentric circle

Xu Ke’s reconstruction starts from the premise that absolute anonymization is a fool’s errand (“carving the boat to find the sword”), and that information protection follows a Goldilocks principle: too-strict anonymization destroys so much information value that the exercise becomes self-defeating. So the regime must accept limited processor obligations and limited state oversight — and the hard question is where the limit sits.

His answer: type the re-identification risk by (consequence × probability) into three tiers, and match each to a governance mechanism and a layer of anonymity.

Center — Systemic risk → Presumptive anonymity (推定匿名)

Systemic risk (系统风险): the risk that anonymization fails wholesale, exposing personal information to large-scale misuse. Diffuse, affects many — so it needs ex-ante preventive governance: objective, admission-style “red-flag” rules applied uniformly.

The mechanism: design-based regulation (经由设计的规制) — embed the anonymization standard into the system architecture, code, and technical defaults, so anonymization is a built-in property rather than an after-the-fact judgment. The anonymization design is shaped jointly by enterprises, government, and industry bodies, and recognized through a bottom-up accreditation mechanism.

The legal effect: presumptive anonymity. Once an anonymization design is (directly or indirectly) state-recognized, data processed through it is presumed anonymized. This is a burden-of-proof reversal — the processor need only show it used a qualified anonymization design to get the anonymized result confirmed, dramatically easing the processor’s worry. It’s a rebuttable factual presumption: others can challenge with new evidence, but the burden shifts to the challenger.

Middle — Operational risk → Determined anonymity (判定匿名)

Operational risk (操作风险): the risk that specific failures — vulnerabilities in the anonymization measures, internal-process defects, personnel error or misconduct — cause improper use. Localized, scenario-specific. Needs ex-post responsive governance: case-by-case adjudication after a harm, guiding enforcement and judicial bodies to handle each fairly.

The mechanism: where evidence shows the anonymization didn’t actually achieve anonymity, the presumption is rebutted — but the rebuttal must be determined by an administrative agency or court under PIPL. Xu Ke calls this determined anonymity: the regulator retains final say over whether an anonymization design is lawful, which dissolves the regulator’s “anonymization trap” worry (the fear that recognizing a scheme forecloses later enforcement). It doesn’t — the presumption is always rebuttable by official determination.

Edge — Residual risk → Trust anonymity (信任匿名)

Residual risk (剩余风险): the irreducible risk from leftover identifiability, unforeseeable data sources, and technical advances. Xu Ke’s striking example: in 2018 the US Census Bureau found that its 2010 published statistics could be used to reconstruct the sex, age, race, ethnicity, and fine-grained location of 46% (under certain conditions 71%) of the US population. Residual risk is real and permanent.

The implication: processors must not “release and forget” (release and forget) anonymized data. They must keep performing compliance obligations — transparency mechanisms that protect users’ right to know, and continuous re-identification-risk monitoring. Regulators backstop with strong “public enforcement” to compensate for the weakness of private remedies under residual risk. Xu Ke calls this user-oriented layer trust anonymity.

The three reinterpretations of the statutory text

Beyond the architecture, Xu Ke offers legal reinterpretations of PIPL Article 73’s anonymization elements — “cannot identify,” “cannot be restored,” and “process”:

  • “Cannot identify” — read against a reasonable-means standard (specific person, reasonably likely methods), not an absolute “no one on earth by any method.” This aligns with the subject-relativity reading TRIMPS develops.
  • “Cannot be restored” — read as high irreversibility under reasonable cost, not literal impossibility (the “difficult to restore” gloss the draft Guide adopts).
  • “Process” — read as an ongoing, monitored process, not a one-time terminal act.

The two compliance reforms he proposes flow from this:

  • From “anonymization consent” to “anonymization notice” (从”匿名化同意”到”匿名化知情”) — the legal basis for anonymizing isn’t a fresh consent but a transparency/notice obligation, since anonymization is processing in service of the original purpose’s safe termination.
  • From “prohibit re-identification” to “reuse PIIA” (从”禁止再识别”到”再利用的个人信息保护影响评估”) — rather than a flat ban on re-identification, require a PI Impact Assessment before reusing anonymized data, calibrated to the residual risk.

What this tells overseas compliance teams

  • Read Xu Ke and TRIMPS together as the converging Chinese position. The academic blueprint (Xu Ke) and the standards-body read (TRIMPS) point the same direction: anonymization is risk-based, not absolute; process-based, not one-time; and increasingly recipient-aware. The compliance posture both imply — documented risk thresholds, continuous monitoring, no “release and forget” — is the one to build to now.

  • “Design-based” anonymization is the forward-looking compliance architecture. Xu Ke’s presumptive-anonymity layer rewards processors that bake anonymization into system design and (eventually) get the design accredited. Multinationals should architect anonymization as a built-in pipeline property with documented technique selection and threshold-setting — not a manual, case-by-case scrub. When an accreditation mechanism materializes, design-based processors will get the burden-shifting benefit.

  • “Release and forget” is the specific anti-pattern to eliminate. Both Xu Ke (residual risk) and TRIMPS (continuous assessment) reject it. If your China operations anonymize data and then treat it as permanently out-of-scope with no further monitoring, that posture is squarely in the crosshairs of where the regime is heading. Institute recurring re-identification-risk review.

  • The presumption-and-rebuttal structure tells you what evidence to keep. Under Xu Ke’s framework, the processor’s protection is the documented qualified anonymization design; the regulator’s power is the official rebuttal determination. Translation: your defensible position depends on contemporaneous documentation of the anonymization design, technique selection, threshold rationale, and monitoring. That documentation is the asset.

  • Watch the PI Anonymization Guide — it’s where this lands. The 2024-2025 academic and standards work (Xu Ke’s piece, the draft Guide, the TRIMPS analysis) is converging on the final anonymization standard. When the Guide finalizes, expect it to encode risk-based irreversibility, continuous assessment, and possibly the design-recognition mechanism. Pre-position methodology and documentation accordingly.

The deeper point: Xu Ke is trying to make the anonymization clause do work — to turn a dead provision into the operational gateway that lets data flow out of PIPL scope safely. That is precisely the gateway overseas counsel most want to use (anonymize → exit PIPL → reuse / transfer freely). The lesson is that the gateway is real but conditional: it requires a defensible, documented, continuously-monitored, design-based anonymization posture — not a label.

许可, 复活僵尸法条:个人信息匿名化制度的再造 (Reviving a Zombie Provision: Reconstructing the Personal Information Anonymization System), 《财经法学》Issue 4, 2024, pp. 160-177; reposted via 数字经济与社会 WeChat Official Account. Original article (Chinese).

Not legal advice. The above is DCC’s structured summary of Xu Ke’s analysis, with framing for overseas counsel; the zombie-provision diagnosis, the three-risk / three-layer concentric-circle architecture, and the statutory reinterpretations are Xu Ke’s.

FILED UNDER

— Not legal advice.

§ SUBSCRIBE

The Monday brief.

One short email every Monday. New briefs on Chinese data-compliance rules from the previous week, with the source law cited.

Opt-in only. Unsubscribe anytime by replying "unsubscribe" to any issue.