Data is a core productive factor of the online platform economy and data resources underpin the core competitiveness and competitive advantages of many enterprises. Platform data resource competition usually involves protection of user personal information, data security, inter-platform data disputes, and legal use of data resources.
In this article, the author analyses data competition compliance involved in the development of the platform economy based on several cases.
Personal information protection
Partner
Jincheng Tongda & Neal
Platforms should process personal information pursuant to the basic principles of legality, legitimacy and necessity – not to be done excessively. In principle, they should obtain user consent, disclose the rules, purpose, method and scope of processing information, and should not violate laws, administrative regulations or agreements between both parties.
In Ling Moumou v Douyin (2020), the platform collected personal information such as user’s geographic location and social relationships without the user’s consent when scanning QR codes to order food at a hot pot restaurant. The collection of plaintiff’s personal information was ruled neither legal, legitimate nor necessary – and thus constituted infringement.
In weather app Moji’s IPO, the China Securities Regulatory Commission (CSRC) queried its collection, use and processing of data, and data compliance eventually became a major reason why the IPO was rejected.
In addition, criminal cases involving protection of personal information have also emerged frequently in recent years, with lawbreakers sentenced for using the dark web to sell personal information, or providing technology and data services for illegal loans.
Evidently, a platform’s processing of personal information should comply with legal provisions, lest it materially affect its business development. Enterprises may also be unable to use data resources due to the illegality of data source. Moreover, they cannot claim protection for “rights and interests” by using such data, and may even bear criminal responsibility.
Data security
When processing data, platforms should abide by laws and regulations, respect social and business ethics, be honest and trustworthy, and duly perform data security protection obligations. Platforms should establish and improve data security management systems, take technical and other necessary steps to ensure data security, and conduct data security risk assessments on a regular basis.
The listing reviews of Ucloud Information Technology, Das Security and MRTech all attracted the attention of regulators due to data security issues. Notably in MRTech’s ChiNext listing, the CSRC closely queried compliance issues involving almost its entire lifecycle of data protection, demonstrating the importance of data security compliance to platforms, especially when it comes to cross-border data transactions.
Additionally, in the case of social e-commerce platform juketool’s group control system, the court held that although it did not have exclusive right to use data involved, it did have legal obligation to ensure security of the platform data and thus had the right to file a claim on such basis. Its claim for anti-unfair competition was eventually upheld by the court.
So it is clear that platform data security is not only a legal obligation of enterprises and focus of administrative law enforcement and supervision, but can also become the basis for enterprises’ claims relating to competition.
Inter-platform data disputes
Disputes over data competition between platforms have occurred frequently at home and abroad in recent years, with many cases worthy of study – such as hiQ Labs v LinkedIn and the competition and anti-monopoly dispute between public monitoring network Yingji and Weibo.
Since “right to data portability” was added in article 45 of the Personal Information Protection Law, the protection and competition over data resources on Chinese platforms face greater challenges.
China’s judicial authorities consider three main factors in data disputes between platforms – data ownership, source legality and legitimacy of collection – and judge comprehensively on the trinity of interests between platform operators, consumers and the social public. The success rate of data capture litigation disputes is relatively high, with average support rate for damages at about 97%, and average
awarded damages about RMB9.7 million (USD1.4 million) per case, according to a judicial big data report on the Anti-Unfair Competition Law published by the author on this year’s World Intellectual Property Day.
Since there are still uncertainties in trial experience and standards of such cases, if platforms wish to have exclusive rights to data, it is recommended they set out explicit clauses in their user agreements, and pay attention to their construction of data anti-monopoly compliance systems.
To the author’s knowledge, there have been only two domestic data anti-monopoly cases – Wei Yuanma v WeChat, which lost its case due to erroneous definition of the relevant market, and Yingji system v Weibo, which is still under trial.
Use of data resources
With the development of new internet technologies, new issues have emerged regarding the re-use of data resources, such as big data-enabled price discrimination, algorithm recommendation, plug-ins and pop-up windows. The technology itself is neutral but its use, which should be legal and compliant, is not.
At present, domestic supervision at different levels has negated big data-enabled price discrimination, and also required that algorithm recommendation should respect users’ right to know and choose.
Regarding re-use of data via plug-ins, pop-up windows and other technical means, current opinion is to encourage free competition and allow development of new products based on existing platforms.
For example, in Taobao v B5M, the court held that the price comparison plug-in installed on Taobao did not constitute unfair competition when certain conditions were met – but also emphasised that it should: not substantially substitute the platform products; respect users’ right to know and choose; comply with the principles of business ethics and good faith; have substantial non-infringing purposes; and be beneficial to improvement of the general welfare of consumers and society.
Li Yu is a partner at Jincheng Tongda & Neal. She can be contacted on +86 10 5706 8560 or by email at liyu@jtn.com
