Filed under authorized-operation
Every brief tagged "authorized-operation".
- § 01 · PUBLIC-DATA
Guangdong Prices the Public-Data Operator Like a Utility: Inside the Province's Authorized-Operation Price-Management Measures
On 12 May 2026 the Guangdong DRC and the Guangdong Administration of Government Services and Data issued the Guangdong Province Public Data Resource Authorized-Operation Price Management Measures — one of the first provincial implementations of the national NDRC/NDA price-formation notice (发改价格〔2025〕65号). The 20-article rule prices the 'public-data operation service fee' (公共数据运营服务费) with a regulated-utility toolkit: government-guided pricing, a maximum permitted revenue equal to operating cost + permitted profit + tax, and a permitted profit rate capped at the prior-year 10-year treasury yield plus no more than 6 percentage points. DCC reads the full text (carried by 数据行者X) against the Guangdong DRC's official interpretation (carried by 砖济咨询) to draw out what overseas counsel needs: this is cost-of-service, rate-of-return regulation imported into the data-element market, with periodic resets every three years, a ±10% annual adjustment band, mandatory cost separation, and a carve-out keeping public-governance and public-welfare data 'conditionally free.'
- § 02 · PUBLIC-DATA
Public Data Under Franchise and Concession Operations: Who Owns It and Can It Be Traded?
Infrastructure and public-utility operators in China — gas networks, urban parking, water systems, and similar franchise/concession (特许经营) businesses — generate data that falls within the statutory definition of 'public data.' That classification creates compliance questions that standard enterprise-data analysis does not answer: does a franchise agreement confer the right to process and sell that data, and under what conditions? Two Shenzhen Data Exchange compliance officers work through the asset-ownership and revenue-attribution routes for establishing data-use authority, flag the asset-transfer risk that attaches to API and dataset licensing, and explain why franchise-generated public data should not be silently assimilated into the authorised-operation (授权运营) model now being piloted across Chinese cities. The operational takeaway: amend legacy concession agreements to address data rights explicitly, and build the data-rights clause into every new franchise contract before signing.
- § 03 · PUBLIC-DATA
Authorized to Operate, Not Authorized to Ignore: Public-Data Operators Still Owe the Full PIPL/DSL Stack
China's public-data authorized-operation regime — established by the January 2025 Implementation Specifications and its companion instruments — does not exempt operators from the personal information and data-security duties that sit underneath it. This brief, drawn from the Shenzhen Data Exchange's DEXC+ compliance column, sets out six specific areas where authorized operators routinely fall short: failure to classify data before operating it, misreading the operator's role in multi-party processing chains, skipping notification obligations, misidentifying the lawful basis for processing, misapplying consent that was gathered for a different purpose, and omitting the separate impact-assessment and annual risk-evaluation obligations under PIPL and the Network Data Security Regulations. The operational takeaway for overseas counsel advising operators or investors: government authorization is the entry ticket to the public-data market, not a waiver of the compliance checklist that governs what happens once inside.
- § 04 · PUBLIC-DATA
Inside the Gate: How Enterprises Can Compliantly Process, Operate, and Trade Public Data Under China's Authorized-Operation Model
China's public-data authorized-operation regime (公共数据授权运营) is the primary route for enterprises to commercialise government-held data. A DEXC+ analysis by Yang Haoran maps the full compliance arc: what qualifies as public data, how it must be processed within a sandboxed platform, and what a data product needs to clear before it can be listed on an exchange. Drawing on the National Data Administration's draft Authorized-Operation Implementation Specifications and Shenzhen Data Exchange's own 3×4 dynamic-compliance framework — covering subject compliance, subject-matter compliance, and circulation compliance across legal, security, integrity, and rights dimensions — the brief gives overseas counsel a structured view of the obligations that attach at each stage of the public-data supply chain, from first authorisation to on-exchange listing.
- § 05 · DERIVATIVE-DATA
Derivative Data Products and Public Data Opening — Legal Challenges and Compliance Points
As China opens public-sector datasets for commercial exploitation, companies building derivative data products (衍生数据产品) face a layered compliance problem: the definition of 'derivative data' in the National Data Administration's 2025 glossary is deliberately high-threshold (substantial transformation, significant value uplift); provincial rules on automated collection, source-labelling, and sensitive-data assessment are inconsistent; and a three-way collision between the open-data rules, third-party platform terms, and the 2025 Anti-Unfair Competition Law amendments has no clean resolution. Wang Yi and Yu Hao (both DEXCO-certified partners at Global Law Office Shenzhen) map the definitional landscape, five categories of operational red lines, and four protective strategies — including the new data-specific provision in the revised Anti-Unfair Competition Law — for practitioners building or advising on derivative-data businesses.
- § 06 · PUBLIC-DATA
Case Study — A Public-Data Operator Hands Personal Data to a Bank. Two Compliance Failures.
A real-case analysis from Wang Qinglan. A state-affiliated auction company holds the public-data operating right for vehicle license-plate auction data. A bank persuades it to hand over the personal data of winning bidders. The bank builds a targeted credit product and pays the auction company RMB 12 million a year in revenue share. Two compliance failures: (1) no individual consent under PIPL; (2) no credit reference business license under the Credit Reference Industry Regulation and Credit Reference Business Measures. Public-data authorized operation does not displace the credit reference licensing regime.