Analysis and Review of the Top Ten Data Rule of Law Cases in China for 2025
Published 21 January 2026
Sarah Xuan
On January 13, 2026, the Institute for Data Rule of Law of the China University of Political Science and Law released the “Top Ten Data Rule of Law Cases in China for 2025”. This release aims to leverage the demonstration effect of typical cases to lead the deep integration of academic research and practical legal work. The ten selected cases centrally demonstrate the rule-shaping functions of China’s judicial organs when addressing frontier issues such as artificial intelligence, data interests, platform governance, and network security. These cases represent not only a profound summary of digital rule of law practices over the past year but also establish a regulatory foundation covering the entire lifecycle of the digital economy, providing stable institutional expectations.
The following is a systematic review and analysis of the basic facts, key points of adjudication, and institutional significance of these ten cases.
(I) AI-Synthesized Voice Infringement Case: Extension of Personality Right Protection to “Identifiable Synthetic Voices”Case Number: Beijing Internet Court (2024) Jing 0491 Min Chu No. 10085
In this case, Li, a well-known figure in the field of education and parenting, discovered that a cultural media company used Li’s public speeches and teaching videos, accompanied by an AI-synthesized voice highly similar to Li’s own, to promote family education books in its online platform store. This created a strong implication of “endorsement/recommendation”. The defendant argued that the videos were published by others, that the defendant was merely a seller, and that the plaintiff, as a public figure, had a duty of tolerance. The court ultimately held that the AI-synthesized voice in question possessed identifiability. As the commissioning party and the actual beneficiary, the defendant failed to fulfill its reasonable duty of review, constituting joint infringement. The court ordered an apology and awarded compensation for economic losses and reasonable expenses for rights protection totaling 120,000 RMB (the judgment was rendered and became effective on July 18, 2025).
Key Points of Adjudication: The court clarified that: first, “voice interests” do not merely protect the natural vocalization itself but may extend to identifiable AI-synthesized voices that point to a specific natural person. Second, in the e-commerce promotion chain, if a merchant possesses the dual status of “commissioning production + actual beneficiary”, they cannot be automatically exempted from liability based on the formal plea of “non-participation in production” even if they did not personally create the content; rather, they should bear a reasonable duty of review commensurate with their level of control and benefits.
Review: The landmark significance of this case lies not only in the “first confirmation of infringement by an AI voice double” but also in its advancement of deepfake governance from “technical identification” to “liability structure”. By focusing on the commercial purpose of promotional videos, the risk of public confusion, and the duty of care of entities within the chain, personality right protection has gained an enforceable foothold. A subject for further discussion is how to refine the intensity of the duty of care and the allocation of the burden of proof for entities at different nodes in more complex marketing ecosystems (such as multi-level distribution, influencer marketing, and automated delivery by advertising platforms) to avoid “liability spillover” inhibiting legitimate innovation while effectively curbing systematic erosion of human dignity by “voice doubles” and “face-swapping”. (II) AI “Image-to-Image” Copyright Infringement Criminal Case: Defining the “Bottom-Line Prohibited Zone” of Generative Technology through Criminal RulesCase Number: Beijing Tongzhou District People’s Court (2025) Jing 0112 Xing Chu No. 558
From March to July 2024, the defendants conspired to utilize AI “image-to-image” technology to reproduce the artistic works of others without permission and produced puzzles for sale, involving an illegal business turnover of over 270,000 RMB. The court found that this constituted the crime of copyright infringement, sentencing the entity to a fine of 100,000 RMB, the principal offender to a term of imprisonment and a fine, and granting the accessories suspended sentences. The adjudication clarified that images generated through simple parameter settings, if substantially similar to the original works and lacking original contributions, constitute infringing reproductions; transforming infringing images into puzzles merely changes the medium of the work and does not produce a new work, thus still constituting infringement.
Key Points of Adjudication: The court clarified the distinction between “generation” and “reproduction”. When so-called “generation” is merely a mechanical output that highly matches the style and expression of the original work, and the actor has not contributed expressive input sufficient to establish originality, its legal nature should still be evaluated within the traditional framework of “reproduction/adaptation”.
Review: Through criminal justice, this case expressed zero tolerance for the “industrialization of piracy under the guise of AI” and responded to common defenses with the rationale that “technical neutrality does not exempt one from liability”. Its normative value serves to remind the industry that compliance does not depend on the advancement of the tools used, but on whether a substantial substitute relationship exists without permission between the output and the subject of the rights. Future adjudication methods will need to handle two types of boundary issues with greater precision: first, the identification and quantification of “similarity” caused by the mixing of multi-source materials during the training and generation process; second, how to exercise the principle of modesty (judicial restraint) at the criminal level when users indeed make creative contributions through prompts, parameter tuning, or post-editing, to avoid over-criminalizing disputes that can be regulated through civil law.
(III) “Transforming Manga Effect” Unfair Competition Case: Direct Protection of AI Model Parameters and Structures as Competitive InterestsCase Number: Beijing Intellectual Property Court (2023) Jing 73 Min Zhong No. 3802
The company Doumou developed the “Transforming Manga” AI effect, and subsequently, the company Yimouke launched a “Girl Manga” effect with highly similar visual results. The plaintiff alleged that the theft of its model parameters and structure constituted unfair competition. Courts of both the first and second instances found the defendant’s actions illegal and ordered them to bear liability for infringement. The court made a comprehensive determination based on dimensions such as the possibility of technical contact, similarity in parameter structure, and the absence of research and development (R&D) evidence, rendering a negative evaluation of “free-riding” behavior involving the theft of model achievements through technical means.
Key Points of Adjudication: The court’s adjudication clarified the path for the “protectability of model achievements”: where traditional categorized intellectual property protection may face adaptation difficulties, the court—utilizing the general provisions and the principle of good faith under the Anti-Unfair Competition Law—positioned model parameters and structures formed through data training and tuning as important competitive resources and interests of operators, thereby achieving protection for innovation investment.
Review: This case serves as a “systemic patch”, filling the gap for model achievements outside the scope of patent, copyright, and trade secret protection. Its advantage lies in flexibility and extensibility, yet it carries the inherent risk of applying general provisions—where a protection scope that is too broad may raise industry entry barriers, while one that is too narrow may fail to cover actual R&D costs. A more desirable direction for the future is to gradually develop a verifiable system of elements within the framework of the Anti-Unfair Competition Law, such as standardizing the evidentiary structure for “access + substantial similarity + lack of legitimate source”, and strengthening procedural safeguards for legitimate reverse engineering and independent R&D defenses, thereby achieving a more stable equilibrium between innovation incentives and freedom of competition.
(IV) Platform Data Operation Rules Case: Shifting Governance from “Data Ownership” to “Rule Violation”Case Number: Shanghai Intellectual Property Court (2024) Hu 73 Min Zhong No. 1466
The operator of the Doumou platform sued the provider of the “Weimouke” software, which offered paid automated scripts supporting operations such as bulk following, commenting, private messaging, and liking. These scripts systematically undermined the platform’s data interaction rules regarding authenticity and non-automation for profit. The court supported the plaintiff’s claims, ordering the defendant to cease infringement, eliminate the impact, and pay 300,000 RMB in compensation. The key to the adjudication was that the platform’s “data operation rules” themselves constitute protected competitive interests; the court did not dwell on the debate over data ownership but directly examined whether the defendant used technical means to undermine rules and infringe upon legal interests.
Key Points of Adjudication: The court’s trial conducted a dual analysis of “rule violation + infringement of legal interests”: as long as a defendant uses automated tools to bypass platform governance mechanisms, disrupts the order of data generation and interaction, and obtains improper benefits therefrom, such actions fall under the regulation of unfair competition.
Review: This case provides a more operable judicial language for platform governance. Rather than debating “to whom the data ultimately belongs”, it is better to examine “who is undermining the trustworthy environment of data generation”. However, rule protection also requires boundaries: platform rules are not inherently legitimate. If the rules themselves exhibit tendencies toward exclusive abuse or unreasonable restrictions on transactions, the judiciary should retain the space for review when protecting “operation rules” to prevent rules from being distorted into tools for excluding competition. How to distinguish “necessary governance for ecosystem maintenance” from “monopolistic acts under the guise of rules” in individual cases will become a key issue for the sustained development of the rule of law in the platform economy. (V) “Traffic Diversion for Live-streaming Sales” Trademark Infringement and Unfair Competition Case: Reshaping Damages Calculation in Algorithmic Traffic ScenariosCase Number: Zhejiang Province Quzhou Intermediate People’s Court (2025) Zhe 08 Min Zhong No. 563
The company Huamou is the owner of a well-known trademark. The defendant used short videos featuring the trademark in question on Douyin to divert traffic and sold products of other brands in a live-streaming room that highly imitated the scene of the right holder’s physical stores. The plaintiff sought 1.1 million RMB in compensation. Both the first and second instance courts found that the actions constituted trademark infringement and unfair competition; applying a three-fold multiplier for punitive damages based on live-streaming commissions, the courts fully supported the claims. The adjudication clarified that clinging to goodwill and creating confusion through multiple dimensions—such as videos, live-streaming room backgrounds, and host scripts—has exceeded the boundaries of fair use. Simultaneously, digitized earnings such as commissions can serve as the basis for calculating damages.
Key Points of Adjudication: On one hand, the court incorporated “confusing traffic diversion” into the concurrent evaluation of trademark infringement and unfair competition. On the other hand, it engaged in judicial innovation by using “available data” as the basis for compensation, applying punitive damages to the live-streaming economy scenario.
Review: This case sends a strong signal for governing “traffic-parasitic infringement”. In an algorithmic distribution environment, confusion may occur not at the checkout page but across the entire chain of “being recommended—clicking in—staying—placing an order”. Therefore, the judiciary must incorporate the “diversion mechanism” into the determination of confusion. Regarding compensation methods, using commissions as a base is practically feasible, but one must remain vigilant against the manipulability of data metrics and the difficulties of platform evidence collection. In the future, improvements in platform assistance for evidence collection, data logging, and evidence preservation mechanisms should be systematically promoted, so that “digitized infringement” can be governed “digitally” in kind.
(VI) Case of Low-Price Resale of Digital Member Accounts: Judicial Confirmation of User Agreement Terms in Digital GovernanceCase Number: Beijing Xicheng District People’s Court (2025) Jing 0102 Min Chu No. 24909
The defendant resold digital member accounts of Company Moumi at low prices through an e-commerce platform, with sales exceeding 70,000 transactions and an amount of over 2.54 million RMB, which was significantly lower than the official pricing. Company Moumi argued that this violated the user agreement, undermined the membership management system, and constituted unfair competition. The court found that the defendant violated the principle of good faith and acted with subjective malice. Considering the scale and degree of fault, the court awarded 310,000 RMB in damages.
Key Points of Adjudication: The highlight of this adjudication lies in confirming that digital membership services belong to protected “network products or services”; affirming the governing validity of non-resale clauses in user agreements; and using “loss of transaction opportunities + destruction of business models” as the rationale for determining damages to address the difficulty of accurately calculating infringement profits.
Review: This case brings the “account underground industry” back from simple contract breach to the governance of market order, which is of practical relevance. Particularly noteworthy is the judicial support for user agreement terms: in a context where platform services rely heavily on rule-based governance, agreements are no longer merely private law arrangements but are important tools for data governance. At the same time, the validity of agreement terms should be subject to a reasonableness review: platforms must not use standard (adhesion) terms to excessively restrict the legitimate rights and interests of users or set unfair transaction conditions. For the judiciary, the key lies in grasping a clear standard: when resale behavior substantially erodes the platform’s membership system, risk control, and service delivery capabilities, and causes large-scale market distortion, it should be regulated.
(VII) Case of Reasonable Utilization of Enterprise Data: Reuse of Public Enterprise Information and Traceability of “Digital Footprints”Case Number: Suzhou Huqiu District People’s Court (2024) Su 0505 Min Chu No. 6273
A technology company collected data on corporate equity, shareholders, and litigation status from public channels, and after processing, displayed it publicly in an APP. Sun argued that the platform’s display of data regarding a deregistered enterprise under Sun’s name constituted infringement and sought compensation. The court held that the data source was lawful, the display was truthful, and it did not involve personal data unsuitable for display or sensitive public interest content; thus, it dismissed the claims.
Key Points of Adjudication: During the trial, the court extracted three principles for platforms displaying enterprise data: public sources, truthful content, and avoidance of sensitive personal information or data unsuitable for disclosure. The adjudication simultaneously emphasized the affirmation of the data processor’s investment, reflecting the interest distribution logic of “he who invests and contributes shall benefit”.
Review: This case is of foundational significance for the marketization of data elements. Enterprise information possesses strong public attributes and transaction security attributes. The market needs to rely on traceable “digital footprints” to reduce information asymmetry; historical information of deregistered enterprises, in particular, cannot be easily erased, otherwise the continuity of the credit system would be weakened. Of course, reasonable utilization is not unlimited: when enterprise information is highly coupled with natural person information (such as for micro and small enterprises or individual industrial and commercial households), platforms should further strengthen de-identification, the principle of minimum necessity, and purpose limitation to prevent “enterprise data reuse” from becoming an indirect channel for personal information risks.
(VIII) Case of Government Information Disclosure Infringing Personal Information: Rigidity of the “De-sensitization Obligation” in Public Law ScenariosCase Number: Xining Railway Transport Court (2025) Qing 8601 Xing Chu No. 114
When disclosing a residential community property service contract to a third party, a Housing and Urban-Rural Development Bureau failed to perform de-sensitization on Zhao’s name, fingerprint, and phone number within the contract. Zhao filed an administrative lawsuit requesting a confirmation that the act was illegal. The court found that the administrative organ failed to fulfill its statutory duties of review and differentiated processing, infringing upon personal information rights and privacy interests, and rendered a judgment confirming the illegality.
Key Points of Adjudication: The adjudication of this case reflects the convergence of multiple laws, comprehensively applying the Civil Code, the Personal Information Protection Law, and regulations related to government information disclosure. It emphasizes that even when an administrative organ is in a “passive disclosure” procedure, it must still follow the principles of legality, legitimacy, and necessity, and fulfill the obligation of de-sensitization.
Review: This case, through administrative litigation, reinforced the bottom line of personal information protection in government affairs disclosure, pushing the “right to know vs. right to privacy” from a conceptual balance toward an operational one. Its institutional insight is that government departments should incorporate personal information review and de-sensitization into the standard process of information disclosure, supported by data classification and grading and technical de-sensitization mechanisms. Furthermore, with the expansion of government data sharing and integrated platforms, personal information risks often arise during “cross-departmental circulation” and “multiple re-disclosures”. Therefore, institutional construction cannot remain at the level of individual departments but should form a full-chain governance rule and responsibility loop for government data.
(IX) Criminal Case of Crawling Government Data for Profit: System Vulnerabilities do not Equate to “Available Authorization”Case Number: Shanghai Xuhui District People’s Court (2025) Hu 0104 Xing Chu No. 668
The defendant developed and operated a website and mini-program, utilizing vulnerabilities in a government service platform to write crawlers to illegally obtain undisclosed vehicle traffic violation information from the system and provided paid inquiry services to users, obtaining illegal gains of over 148,000 RMB. The effective judgment convicted the defendant of the crime of illegally obtaining computer information system data and applied an occupation ban to the defendant.
Key Points of Adjudication: This case clarifies that using “crawlers” to exploit government platform vulnerabilities to illegally scrape undisclosed traffic violation data and provide paid inquiry services constitutes the crime of illegally obtaining computer information system data. The adjudication clarified the legal nature of profit-oriented data scraping and strengthened judicial protection for government data security. Simultaneously, the case drew a compliance red line for market entities regarding data acquisition and use, clarifying the legal boundaries of technical data scraping.
Review: This case sends an extremely clear compliance signal: technical availability does not equate to legal availability, and system vulnerabilities do not constitute implied authorization. For market entities, conducting business around public data must adhere to a compliance path of “having a source of rights, having boundaries, and having audits”, and in particular, must not obtain non-public data by bypassing access controls or breaking through interface restrictions. The application of the occupation ban also reflects a targeted governance approach toward “professionalized data underground industries”, meaning that not only is the completed act punished, but the possibility of re-entering the industry to commit similar acts is also severed.
(X) Public Interest Litigation Case of Illegal Sub-leasing of SMS Code Resources: Filling the Responsibility Gap in the Anti-Fraud Chain through “Source Governance”Case Number: Hangzhou Internet Court (2025) Zhe 0192 Min Chu No. 13573
In multiple cases of “1068” SMS fraud, the legitimate holders of the code resources illegally sub-leased them, which were ultimately controlled by entities without telecommunications qualifications to send 6,525 fraudulent ticketing messages, resulting in 34 victims being defrauded of over 1.1 million RMB. In October 2025, the court ruled that the six defendants constituted joint infringement, held them jointly and severally liable for 500,000 RMB in compensation, and ordered a public apology in national media.
Key Points of Adjudication: This case is the first civil public interest litigation in the country filed for the illegal sub-leasing of “1068” SMS code resources in the context of anti-telecom and online fraud. The judgment emphasized that code resources are state-owned and that operators bear the responsibility of “anti-fraud gatekeepers” and cannot evade risk control obligations through sub-leasing or outsourcing.
Review: The importance of this case lies in its extension of anti-fraud responsibility from “striking the direct fraudsters” to “governing those who fail the infrastructure”. When the telecom fraud industry chain is highly specialized and the fraud end is constantly mutating, criminal prosecution alone often fails to cover upstream business entities that allow risks to persist. The introduction of public interest litigation allows for the centralized relief of damaged public interests and regulates the industry to establish stricter mechanisms for code management, real-name verification, content auditing, and anomaly monitoring. However, the normalized application of public interest litigation also requires clearer standards for the layering of responsibility: different types of operators possess different capabilities for risk identification and control, and liability should be commensurate with their foreseeability and controllability to achieve more precise compliance incentives.
Comment Looking across the top ten cases, it is evident that the judiciary has formed three increasingly clear methodological threads in the digital age: First, the protection of rights is extending from traditional objects to “technically generated identifiable doubles” and “new types of competitive resources”. Whether it is the identifiability standard for AI-synthesized voices or the inclusion of model parameter structures, platform data operation rules, and digital membership services under the protection of the Anti-Unfair Competition Law, it indicates that the judiciary is using an analytical framework of “identification—control—benefit—risk” to transform abstract new technological objects into adjudicable legal interest structures. Second, the allocation of liability increasingly emphasizes chain-based governance and the duty of care. Commissioning parties and beneficiaries in e-commerce promotion bearing a reasonable duty of review, code resource holders bearing “gatekeeper” responsibilities for anti-fraud, and government organs bearing the duty of de-sensitization review for information disclosure—these adjudications collectively point to a trend: whoever is at a key node, possesses control, or can prevent risks must bear governance responsibilities commensurate with their capabilities. Third, relief and sanction mechanisms are beginning to adapt to the digitized economic form. Using live-streaming commissions as a compensation base, identifying damages through “loss of transaction opportunities + destruction of business models”, and responding to professionalized underground industries with occupation bans—these practices all attempt to solve common difficulties in the digital economy: hidden infringement gains, fragmented chains, spillover of damages, and high rates of recidivism. It can be foreseen that future adjudication will continue to evolve around evidence rules (retrieval and preservation of platform data), damage calculation (unification of data revenue metrics), and compliance standards (identification of confusion and misperception in algorithmic scenarios). As data becomes a key factor of production and algorithms become an important allocation mechanism, the task of the rule of law goes beyond “ex-post dispute resolution”; it further lies in providing predictable behavioral boundaries for the market through continuous, stable, and replicable adjudication rules.
The following is a systematic review and analysis of the basic facts, key points of adjudication, and institutional significance of these ten cases.
(I) AI-Synthesized Voice Infringement Case: Extension of Personality Right Protection to “Identifiable Synthetic Voices”Case Number: Beijing Internet Court (2024) Jing 0491 Min Chu No. 10085
In this case, Li, a well-known figure in the field of education and parenting, discovered that a cultural media company used Li’s public speeches and teaching videos, accompanied by an AI-synthesized voice highly similar to Li’s own, to promote family education books in its online platform store. This created a strong implication of “endorsement/recommendation”. The defendant argued that the videos were published by others, that the defendant was merely a seller, and that the plaintiff, as a public figure, had a duty of tolerance. The court ultimately held that the AI-synthesized voice in question possessed identifiability. As the commissioning party and the actual beneficiary, the defendant failed to fulfill its reasonable duty of review, constituting joint infringement. The court ordered an apology and awarded compensation for economic losses and reasonable expenses for rights protection totaling 120,000 RMB (the judgment was rendered and became effective on July 18, 2025).
Key Points of Adjudication: The court clarified that: first, “voice interests” do not merely protect the natural vocalization itself but may extend to identifiable AI-synthesized voices that point to a specific natural person. Second, in the e-commerce promotion chain, if a merchant possesses the dual status of “commissioning production + actual beneficiary”, they cannot be automatically exempted from liability based on the formal plea of “non-participation in production” even if they did not personally create the content; rather, they should bear a reasonable duty of review commensurate with their level of control and benefits.
Review: The landmark significance of this case lies not only in the “first confirmation of infringement by an AI voice double” but also in its advancement of deepfake governance from “technical identification” to “liability structure”. By focusing on the commercial purpose of promotional videos, the risk of public confusion, and the duty of care of entities within the chain, personality right protection has gained an enforceable foothold. A subject for further discussion is how to refine the intensity of the duty of care and the allocation of the burden of proof for entities at different nodes in more complex marketing ecosystems (such as multi-level distribution, influencer marketing, and automated delivery by advertising platforms) to avoid “liability spillover” inhibiting legitimate innovation while effectively curbing systematic erosion of human dignity by “voice doubles” and “face-swapping”. (II) AI “Image-to-Image” Copyright Infringement Criminal Case: Defining the “Bottom-Line Prohibited Zone” of Generative Technology through Criminal RulesCase Number: Beijing Tongzhou District People’s Court (2025) Jing 0112 Xing Chu No. 558
From March to July 2024, the defendants conspired to utilize AI “image-to-image” technology to reproduce the artistic works of others without permission and produced puzzles for sale, involving an illegal business turnover of over 270,000 RMB. The court found that this constituted the crime of copyright infringement, sentencing the entity to a fine of 100,000 RMB, the principal offender to a term of imprisonment and a fine, and granting the accessories suspended sentences. The adjudication clarified that images generated through simple parameter settings, if substantially similar to the original works and lacking original contributions, constitute infringing reproductions; transforming infringing images into puzzles merely changes the medium of the work and does not produce a new work, thus still constituting infringement.
Key Points of Adjudication: The court clarified the distinction between “generation” and “reproduction”. When so-called “generation” is merely a mechanical output that highly matches the style and expression of the original work, and the actor has not contributed expressive input sufficient to establish originality, its legal nature should still be evaluated within the traditional framework of “reproduction/adaptation”.
Review: Through criminal justice, this case expressed zero tolerance for the “industrialization of piracy under the guise of AI” and responded to common defenses with the rationale that “technical neutrality does not exempt one from liability”. Its normative value serves to remind the industry that compliance does not depend on the advancement of the tools used, but on whether a substantial substitute relationship exists without permission between the output and the subject of the rights. Future adjudication methods will need to handle two types of boundary issues with greater precision: first, the identification and quantification of “similarity” caused by the mixing of multi-source materials during the training and generation process; second, how to exercise the principle of modesty (judicial restraint) at the criminal level when users indeed make creative contributions through prompts, parameter tuning, or post-editing, to avoid over-criminalizing disputes that can be regulated through civil law.
(III) “Transforming Manga Effect” Unfair Competition Case: Direct Protection of AI Model Parameters and Structures as Competitive InterestsCase Number: Beijing Intellectual Property Court (2023) Jing 73 Min Zhong No. 3802
The company Doumou developed the “Transforming Manga” AI effect, and subsequently, the company Yimouke launched a “Girl Manga” effect with highly similar visual results. The plaintiff alleged that the theft of its model parameters and structure constituted unfair competition. Courts of both the first and second instances found the defendant’s actions illegal and ordered them to bear liability for infringement. The court made a comprehensive determination based on dimensions such as the possibility of technical contact, similarity in parameter structure, and the absence of research and development (R&D) evidence, rendering a negative evaluation of “free-riding” behavior involving the theft of model achievements through technical means.
Key Points of Adjudication: The court’s adjudication clarified the path for the “protectability of model achievements”: where traditional categorized intellectual property protection may face adaptation difficulties, the court—utilizing the general provisions and the principle of good faith under the Anti-Unfair Competition Law—positioned model parameters and structures formed through data training and tuning as important competitive resources and interests of operators, thereby achieving protection for innovation investment.
Review: This case serves as a “systemic patch”, filling the gap for model achievements outside the scope of patent, copyright, and trade secret protection. Its advantage lies in flexibility and extensibility, yet it carries the inherent risk of applying general provisions—where a protection scope that is too broad may raise industry entry barriers, while one that is too narrow may fail to cover actual R&D costs. A more desirable direction for the future is to gradually develop a verifiable system of elements within the framework of the Anti-Unfair Competition Law, such as standardizing the evidentiary structure for “access + substantial similarity + lack of legitimate source”, and strengthening procedural safeguards for legitimate reverse engineering and independent R&D defenses, thereby achieving a more stable equilibrium between innovation incentives and freedom of competition.
(IV) Platform Data Operation Rules Case: Shifting Governance from “Data Ownership” to “Rule Violation”Case Number: Shanghai Intellectual Property Court (2024) Hu 73 Min Zhong No. 1466
The operator of the Doumou platform sued the provider of the “Weimouke” software, which offered paid automated scripts supporting operations such as bulk following, commenting, private messaging, and liking. These scripts systematically undermined the platform’s data interaction rules regarding authenticity and non-automation for profit. The court supported the plaintiff’s claims, ordering the defendant to cease infringement, eliminate the impact, and pay 300,000 RMB in compensation. The key to the adjudication was that the platform’s “data operation rules” themselves constitute protected competitive interests; the court did not dwell on the debate over data ownership but directly examined whether the defendant used technical means to undermine rules and infringe upon legal interests.
Key Points of Adjudication: The court’s trial conducted a dual analysis of “rule violation + infringement of legal interests”: as long as a defendant uses automated tools to bypass platform governance mechanisms, disrupts the order of data generation and interaction, and obtains improper benefits therefrom, such actions fall under the regulation of unfair competition.
Review: This case provides a more operable judicial language for platform governance. Rather than debating “to whom the data ultimately belongs”, it is better to examine “who is undermining the trustworthy environment of data generation”. However, rule protection also requires boundaries: platform rules are not inherently legitimate. If the rules themselves exhibit tendencies toward exclusive abuse or unreasonable restrictions on transactions, the judiciary should retain the space for review when protecting “operation rules” to prevent rules from being distorted into tools for excluding competition. How to distinguish “necessary governance for ecosystem maintenance” from “monopolistic acts under the guise of rules” in individual cases will become a key issue for the sustained development of the rule of law in the platform economy. (V) “Traffic Diversion for Live-streaming Sales” Trademark Infringement and Unfair Competition Case: Reshaping Damages Calculation in Algorithmic Traffic ScenariosCase Number: Zhejiang Province Quzhou Intermediate People’s Court (2025) Zhe 08 Min Zhong No. 563
The company Huamou is the owner of a well-known trademark. The defendant used short videos featuring the trademark in question on Douyin to divert traffic and sold products of other brands in a live-streaming room that highly imitated the scene of the right holder’s physical stores. The plaintiff sought 1.1 million RMB in compensation. Both the first and second instance courts found that the actions constituted trademark infringement and unfair competition; applying a three-fold multiplier for punitive damages based on live-streaming commissions, the courts fully supported the claims. The adjudication clarified that clinging to goodwill and creating confusion through multiple dimensions—such as videos, live-streaming room backgrounds, and host scripts—has exceeded the boundaries of fair use. Simultaneously, digitized earnings such as commissions can serve as the basis for calculating damages.
Key Points of Adjudication: On one hand, the court incorporated “confusing traffic diversion” into the concurrent evaluation of trademark infringement and unfair competition. On the other hand, it engaged in judicial innovation by using “available data” as the basis for compensation, applying punitive damages to the live-streaming economy scenario.
Review: This case sends a strong signal for governing “traffic-parasitic infringement”. In an algorithmic distribution environment, confusion may occur not at the checkout page but across the entire chain of “being recommended—clicking in—staying—placing an order”. Therefore, the judiciary must incorporate the “diversion mechanism” into the determination of confusion. Regarding compensation methods, using commissions as a base is practically feasible, but one must remain vigilant against the manipulability of data metrics and the difficulties of platform evidence collection. In the future, improvements in platform assistance for evidence collection, data logging, and evidence preservation mechanisms should be systematically promoted, so that “digitized infringement” can be governed “digitally” in kind.
(VI) Case of Low-Price Resale of Digital Member Accounts: Judicial Confirmation of User Agreement Terms in Digital GovernanceCase Number: Beijing Xicheng District People’s Court (2025) Jing 0102 Min Chu No. 24909
The defendant resold digital member accounts of Company Moumi at low prices through an e-commerce platform, with sales exceeding 70,000 transactions and an amount of over 2.54 million RMB, which was significantly lower than the official pricing. Company Moumi argued that this violated the user agreement, undermined the membership management system, and constituted unfair competition. The court found that the defendant violated the principle of good faith and acted with subjective malice. Considering the scale and degree of fault, the court awarded 310,000 RMB in damages.
Key Points of Adjudication: The highlight of this adjudication lies in confirming that digital membership services belong to protected “network products or services”; affirming the governing validity of non-resale clauses in user agreements; and using “loss of transaction opportunities + destruction of business models” as the rationale for determining damages to address the difficulty of accurately calculating infringement profits.
Review: This case brings the “account underground industry” back from simple contract breach to the governance of market order, which is of practical relevance. Particularly noteworthy is the judicial support for user agreement terms: in a context where platform services rely heavily on rule-based governance, agreements are no longer merely private law arrangements but are important tools for data governance. At the same time, the validity of agreement terms should be subject to a reasonableness review: platforms must not use standard (adhesion) terms to excessively restrict the legitimate rights and interests of users or set unfair transaction conditions. For the judiciary, the key lies in grasping a clear standard: when resale behavior substantially erodes the platform’s membership system, risk control, and service delivery capabilities, and causes large-scale market distortion, it should be regulated.
(VII) Case of Reasonable Utilization of Enterprise Data: Reuse of Public Enterprise Information and Traceability of “Digital Footprints”Case Number: Suzhou Huqiu District People’s Court (2024) Su 0505 Min Chu No. 6273
A technology company collected data on corporate equity, shareholders, and litigation status from public channels, and after processing, displayed it publicly in an APP. Sun argued that the platform’s display of data regarding a deregistered enterprise under Sun’s name constituted infringement and sought compensation. The court held that the data source was lawful, the display was truthful, and it did not involve personal data unsuitable for display or sensitive public interest content; thus, it dismissed the claims.
Key Points of Adjudication: During the trial, the court extracted three principles for platforms displaying enterprise data: public sources, truthful content, and avoidance of sensitive personal information or data unsuitable for disclosure. The adjudication simultaneously emphasized the affirmation of the data processor’s investment, reflecting the interest distribution logic of “he who invests and contributes shall benefit”.
Review: This case is of foundational significance for the marketization of data elements. Enterprise information possesses strong public attributes and transaction security attributes. The market needs to rely on traceable “digital footprints” to reduce information asymmetry; historical information of deregistered enterprises, in particular, cannot be easily erased, otherwise the continuity of the credit system would be weakened. Of course, reasonable utilization is not unlimited: when enterprise information is highly coupled with natural person information (such as for micro and small enterprises or individual industrial and commercial households), platforms should further strengthen de-identification, the principle of minimum necessity, and purpose limitation to prevent “enterprise data reuse” from becoming an indirect channel for personal information risks.
(VIII) Case of Government Information Disclosure Infringing Personal Information: Rigidity of the “De-sensitization Obligation” in Public Law ScenariosCase Number: Xining Railway Transport Court (2025) Qing 8601 Xing Chu No. 114
When disclosing a residential community property service contract to a third party, a Housing and Urban-Rural Development Bureau failed to perform de-sensitization on Zhao’s name, fingerprint, and phone number within the contract. Zhao filed an administrative lawsuit requesting a confirmation that the act was illegal. The court found that the administrative organ failed to fulfill its statutory duties of review and differentiated processing, infringing upon personal information rights and privacy interests, and rendered a judgment confirming the illegality.
Key Points of Adjudication: The adjudication of this case reflects the convergence of multiple laws, comprehensively applying the Civil Code, the Personal Information Protection Law, and regulations related to government information disclosure. It emphasizes that even when an administrative organ is in a “passive disclosure” procedure, it must still follow the principles of legality, legitimacy, and necessity, and fulfill the obligation of de-sensitization.
Review: This case, through administrative litigation, reinforced the bottom line of personal information protection in government affairs disclosure, pushing the “right to know vs. right to privacy” from a conceptual balance toward an operational one. Its institutional insight is that government departments should incorporate personal information review and de-sensitization into the standard process of information disclosure, supported by data classification and grading and technical de-sensitization mechanisms. Furthermore, with the expansion of government data sharing and integrated platforms, personal information risks often arise during “cross-departmental circulation” and “multiple re-disclosures”. Therefore, institutional construction cannot remain at the level of individual departments but should form a full-chain governance rule and responsibility loop for government data.
(IX) Criminal Case of Crawling Government Data for Profit: System Vulnerabilities do not Equate to “Available Authorization”Case Number: Shanghai Xuhui District People’s Court (2025) Hu 0104 Xing Chu No. 668
The defendant developed and operated a website and mini-program, utilizing vulnerabilities in a government service platform to write crawlers to illegally obtain undisclosed vehicle traffic violation information from the system and provided paid inquiry services to users, obtaining illegal gains of over 148,000 RMB. The effective judgment convicted the defendant of the crime of illegally obtaining computer information system data and applied an occupation ban to the defendant.
Key Points of Adjudication: This case clarifies that using “crawlers” to exploit government platform vulnerabilities to illegally scrape undisclosed traffic violation data and provide paid inquiry services constitutes the crime of illegally obtaining computer information system data. The adjudication clarified the legal nature of profit-oriented data scraping and strengthened judicial protection for government data security. Simultaneously, the case drew a compliance red line for market entities regarding data acquisition and use, clarifying the legal boundaries of technical data scraping.
Review: This case sends an extremely clear compliance signal: technical availability does not equate to legal availability, and system vulnerabilities do not constitute implied authorization. For market entities, conducting business around public data must adhere to a compliance path of “having a source of rights, having boundaries, and having audits”, and in particular, must not obtain non-public data by bypassing access controls or breaking through interface restrictions. The application of the occupation ban also reflects a targeted governance approach toward “professionalized data underground industries”, meaning that not only is the completed act punished, but the possibility of re-entering the industry to commit similar acts is also severed.
(X) Public Interest Litigation Case of Illegal Sub-leasing of SMS Code Resources: Filling the Responsibility Gap in the Anti-Fraud Chain through “Source Governance”Case Number: Hangzhou Internet Court (2025) Zhe 0192 Min Chu No. 13573
In multiple cases of “1068” SMS fraud, the legitimate holders of the code resources illegally sub-leased them, which were ultimately controlled by entities without telecommunications qualifications to send 6,525 fraudulent ticketing messages, resulting in 34 victims being defrauded of over 1.1 million RMB. In October 2025, the court ruled that the six defendants constituted joint infringement, held them jointly and severally liable for 500,000 RMB in compensation, and ordered a public apology in national media.
Key Points of Adjudication: This case is the first civil public interest litigation in the country filed for the illegal sub-leasing of “1068” SMS code resources in the context of anti-telecom and online fraud. The judgment emphasized that code resources are state-owned and that operators bear the responsibility of “anti-fraud gatekeepers” and cannot evade risk control obligations through sub-leasing or outsourcing.
Review: The importance of this case lies in its extension of anti-fraud responsibility from “striking the direct fraudsters” to “governing those who fail the infrastructure”. When the telecom fraud industry chain is highly specialized and the fraud end is constantly mutating, criminal prosecution alone often fails to cover upstream business entities that allow risks to persist. The introduction of public interest litigation allows for the centralized relief of damaged public interests and regulates the industry to establish stricter mechanisms for code management, real-name verification, content auditing, and anomaly monitoring. However, the normalized application of public interest litigation also requires clearer standards for the layering of responsibility: different types of operators possess different capabilities for risk identification and control, and liability should be commensurate with their foreseeability and controllability to achieve more precise compliance incentives.
Comment Looking across the top ten cases, it is evident that the judiciary has formed three increasingly clear methodological threads in the digital age: First, the protection of rights is extending from traditional objects to “technically generated identifiable doubles” and “new types of competitive resources”. Whether it is the identifiability standard for AI-synthesized voices or the inclusion of model parameter structures, platform data operation rules, and digital membership services under the protection of the Anti-Unfair Competition Law, it indicates that the judiciary is using an analytical framework of “identification—control—benefit—risk” to transform abstract new technological objects into adjudicable legal interest structures. Second, the allocation of liability increasingly emphasizes chain-based governance and the duty of care. Commissioning parties and beneficiaries in e-commerce promotion bearing a reasonable duty of review, code resource holders bearing “gatekeeper” responsibilities for anti-fraud, and government organs bearing the duty of de-sensitization review for information disclosure—these adjudications collectively point to a trend: whoever is at a key node, possesses control, or can prevent risks must bear governance responsibilities commensurate with their capabilities. Third, relief and sanction mechanisms are beginning to adapt to the digitized economic form. Using live-streaming commissions as a compensation base, identifying damages through “loss of transaction opportunities + destruction of business models”, and responding to professionalized underground industries with occupation bans—these practices all attempt to solve common difficulties in the digital economy: hidden infringement gains, fragmented chains, spillover of damages, and high rates of recidivism. It can be foreseen that future adjudication will continue to evolve around evidence rules (retrieval and preservation of platform data), damage calculation (unification of data revenue metrics), and compliance standards (identification of confusion and misperception in algorithmic scenarios). As data becomes a key factor of production and algorithms become an important allocation mechanism, the task of the rule of law goes beyond “ex-post dispute resolution”; it further lies in providing predictable behavioral boundaries for the market through continuous, stable, and replicable adjudication rules.