Academic Papers

CHENG Xiao: On Enterprise Data Rights Theory

2024-03-27

Abstract: The interests that enterprises enjoy from the production and processing of their data should be legally protected. The current civil legal system in China, including the property law, contract law, intellectual property law, and anti-unfair competition law, only provides partial protection for enterprise data. Enterprise data rights are neither ownership or intellectual property rights, nor producer rights or usufruct rights, but a new type of property rights. In China, it should be established that enterprises have an independent and new type of property rights over their data, namely enterprise data rights. The enterprise data rights should be determined through a single path, without distinguishing between data, data resources, and data products or the production and circulation of data. In Chinese law, it should be directly recognized that enterprises have a single, complete data property right in respect of the data it produces and collects. The problem with the differentiated approach is that it artificially complicates the equity status on enterprise data, leads to lacking operability. Whether it is to distinguish between different subjects such as data sources and data processors or data producers and data users, or to establish rights according to the production and circulation of data, it is not meaningful; the practice of distinguishing between different objects to establish rights is also inappropriate. The legal effectiveness of enterprise data rights lies not in whether to grant exclusivity but in determining the extent of exclusivity. In other words, the key is to determine the degree of restriction on the exclusivity of enterprise data rights.The rights enjoyed by enterprises over their data have exclusivity, but this exclusivity is subject to the rights of other participants in the data, namely personal information rights and data source rights. The most appropriate judgment criterion should balance protecting enterprises' legitimate interests in their data and facilitating fair and reasonable circulation and utilization of data. The core of confirming the legal effectiveness of enterprise data rights lies in harmonizing enterprise data rights with personal information rights and data source rights. Legislative empowerment of enterprises with more comprehensive and content-rich rights to their data results in stronger exclusivity of enterprise data rights and more restrictions on non-rights holders. Conversely, weaker exclusivity of enterprise data rights imposes fewer restrictions on non-rights holders. Determining data rights for enterprises must not solely consider enterprise interests but also strive to reconcile the interests of all stakeholders involved in data production. The enterprise data rights include both active and passive rights: the former refers to enterprises' lawful rights to possess, use, profit from, and dispose of data they produce and process, while the latter refers to the right to exclude infringement or interference when enterprise data rights are violated, including stopping infringement and removing obstacles. As a property right with certain dominance and exclusivity, when enterprise data rights are infringed upon or there is a risk of infringement, the rights holder also has the right to exercise absolute claims such as cessation of infringement, elimination of obstruction, and elimination of danger. Given the intangibility and non-competitive nature of data, future legislation can develop specific and absolute rights claims tailored to data, such as the right to deletion granted to personal information rights subjects under the Personal Information Protection Law.

Keyword: data property rights; enterprise data rights; personal data; data source rights; Twenty Data Measures