[author]Zhang Tao
[content]
*Author Zhang Tao
Abstract: Public data authorization operation is a new model for the state to fulfill the task of public data openness, and has formed a triangular relationship composed of the state (mainly administrative agencies), market entities performing tasks, and the general public. It belongs to the guarantee administrative legal relationship and is difficult to fully apply the state's responsibility under the payment state model. In order to properly respond to the risks of privatization of public property, data monopoly, and data leakage that may exist in the operation of public data authorization, the state should bear the guarantee responsibility and ensure the realization of data access rights. This is the core essence of guaranteeing the state in the digital age. According to the theory of responsibility hierarchy, the national guarantee responsibility for authorized operation of public data can be classified into preparatory responsibility, regulatory responsibility, and takeover responsibility. In order to achieve the national guarantee responsibility in public data authorization operations, the following three regulatory directions can be established: first, the protection of individual rights, mainly reflected in the guarantee of personal information and privacy protection in public data authorization operations; The second is the promotion of fair competition, mainly reflected in the guarantee of fair access, universal supply, and reasonable fees in the operation of public data authorization; The third is the maintenance of public interests, mainly reflected in the continuous supply of public data, the guarantee of supply quality and supply security.
1. Introduction
Data has become the lifeline of economic and social development, serving as the foundation for many new products and services, helping to improve the productivity and resource efficiency of economic sectors, and making public policy formulation and public services more comprehensive. Public data has a large volume, high value, and wide scope, and is an important component of the national data element system. Therefore, open sharing of public data has become a key breakthrough in the development of the digital economy, the construction of digital governments, and the allocation of data elements. In order to further achieve effective supply of public data, authorized operation of public data has gradually become the main channel for public data openness. In December 2022, the "Opinions of the Central Committee of the Communist Party of China and the State Council on Building a Data Infrastructure System to Better Play the Role of Data Elements" clearly proposed to "promote the implementation of a public data authorization mechanism", and put forward more specific policy requirements for the operation of public data authorization. At the local level, provinces and cities such as Beijing, Shanghai, Guangdong, and Chengdu have taken the lead in exploring and practicing public data authorization operations, and have formed practical types such as "government procurement model", "franchise model", and "state-owned capital operation model".
According to existing theories and practical experience, authorized operation of public data mainly refers to the behavior of the public data regulatory department authorizing specific market entities to develop and utilize public data in accordance with procedures and laws, and providing public data products and services to society. From this, it can be seen that "authorized operation" is actually the promotion and application of public-private cooperation in public data openness, that is, the government uses market and social forces to fulfill public tasks. Although authorized operation of public data can to some extent alleviate the dilemma faced by government data openness, where publicly available data is often useless and useful data is often risky, it also raises common concerns such as data monopoly, data leakage, and unfair distribution of benefits. Therefore, the fundamental issue that urgently needs to be addressed in building a public data authorization and operation system is: why does the participation of market-oriented entities in the opening of public data with national task attributes require national responsibility? What responsibilities should the country bear?
In theory, there are obvious shortcomings in research on the above-mentioned issues. The research results of the legal community on the authorization and operation of public data mainly focus on the following aspects: firstly, exploring the institutional connotation and legal attributes of the authorization and operation of public data; The second is to conduct research on the practical status and operational mechanisms of public data authorization operations. In view of this, this article focuses on the issue of state responsibility in the operation of public data authorization. From the perspective of the guarantee state theory in administrative law, it attempts to explore the state guarantee responsibility in the operation of public data authorization to make up for the shortcomings of existing research. Therefore, this article first elaborates on the logical premise of the national guarantee responsibility for authorized operation of public data; On this basis, explore the legitimacy and content of the national guarantee responsibility for authorized operation of public data in China; Finally, the regulation direction of national guarantee liability for public data authorization operation is proposed.
2. Why does the operation of public data authorization require national responsibility
In a broad sense, national responsibility refers to the responsibilities and scope of tasks that a country should undertake in order to achieve social policy goals and implement national concepts. This article mainly adopts a broad sense of national responsibility, which involves the obligation of the state to open public data on the one hand, and the exercise of state power in the open public data on the other hand. The reason why public data authorization operation requires national responsibility is mainly due to the following reasons: firstly, from the perspective of the state, public data openness has become a national task in the digital age, just as government information disclosure is a national task in the information age; Secondly, from an individual perspective, the authorization and operation of public data involves the realization of data access rights, just as government information disclosure is related to the protection of the right to know; Finally, from a practical perspective, authorized operation of public data may trigger a series of negative effects that require state intervention.
2.1 Public data openness is a national task
Many constitutional and administrative legal norms and theories are based on the fundamental concept of "national tasks". National tasks usually have characteristics such as political, legal, historical, and open nature, which means that the determination and evaluation of national tasks need to consider multiple factors. It is generally believed that when determining whether a public task or public affairs belong to a "national task", the following analysis can be used to determine: first, purpose analysis, that is, the state clarifies and updates its purpose and value of existence and development based on the constitution and other legal norms, as well as social and historical development needs. The second is demand analysis, which means that the country identifies and evaluates the social needs and problems that it must or can meet based on social reality and expectations, as well as historical experience and inspiration. The third is selection analysis, which means that the country selects or adjusts specific actions and measures based on legal possibilities and political feasibility, as well as resource conditions and expected effects. From the perspective of the theory and practice of public data openness, it can be identified as a national task in the digital age through purpose analysis, demand analysis, and selection analysis.
Firstly, analyze the purpose of public data openness. Although there is no provision for public data openness in the Chinese Constitution, some important national policy documents and legal norms involve public data openness, and public data openness itself also contains important economic, social, and political values. Research has shown that public data openness has economic value (such as innovating business models, improving productivity and quality of goods and services, etc.), social value (such as improving public quality of life, overall welfare level, etc.), and political value (such as strengthening accountability, enhancing transparency, etc.). Therefore, this means that public data openness has become an important way for countries to achieve modernization of governance capabilities, promote economic and social development, provide social welfare, and other purposes and values.
Secondly, demand analysis for public data openness. Essentially, the original intention of public data openness is to meet the public's demand for data. If the public's demand for public data is not high, the government may not actively open up data. Since data has become a new type of production factor, the cultivation of data factor markets has become a systematic project involving the operation of the entire economy and society. The public sector, as the main producer and holder of data, possesses a large amount of data resources. Public data openness can fully leverage the role of these data resources, provide rich data elements for the data element market, and meet market demand. From this, it can be seen that the marketization of data elements has become a new problem faced by China's socialist market economy, and public data openness is the fundamental system to meet the effective supply of data elements.
Thirdly, the selection analysis of public data openness. In fact, since the use of information and communication technology in public administration, public data has been generated. Why has "openness" only become the main theme of public data governance in the past 20 years? The main reasons for this are as follows: firstly, the emergence of new data analysis methods. Traditional data analysis methods usually only extract basic statistical information from the data, making it difficult to discover the underlying patterns and correlations behind the data. With the advent of the big data era, new analytical methods such as machine learning and data mining have emerged, enabling people to discover hidden patterns or trends from massive datasets. Secondly, the public's trust in public data management has decreased. Although the public sector is the most important data producer and holder, it has not maximized the value of data resources, resulting in many data resources being idle and unable to be used to improve the efficiency and quality of public governance and services. This has led to a decrease in public trust in public data management, and it is hoped that public data can be open to the public for use. In this context, "openness" has become the mainstream of public data governance policies and practices in various countries (regions), and also conforms to the broader "openness" movement initiatives.
2.2 Data access rights as emerging rights
In the information age, the establishment of the government information disclosure system not only has many functional driving factors, but also has a deep foundation of rights, which is to protect the right to know of citizens. Although public data openness and government information disclosure have different historical backgrounds, in most cases, they are based on similar driving factors, that is, providing the public with information held by the public sector more widely, although there are differences in methods and focuses between the two. Research has shown that countries (regions) exhibit different preferences and priorities in policy discourse regarding public data openness. For example, the public data openness policy in the United States mainly focuses on transparency and democratic control; Denmark's policies focus on innovation and economic growth; The UK's policy focuses on public sector efficiency and providing better public services.
Overall, the public data openness system has not yet established a clear "rights foundation". In this regard, some scholars believe that vague institutional logic may widen the technological divide, exacerbate the imbalance of data resource openness, lead to the tilt of data resources towards more vocal individuals, form data oligarchs and data monopolies, and also exacerbate government inertia and arbitrariness. In this context, some scholars believe that the "right to fair use" should be regarded as the basis for the right to open public data, in order to regulate the entire process of opening and utilizing public data to the outside world, and emphasize the fairness of qualification access and substantive utilization dimensions. The above viewpoint has enlightening significance for expanding the theoretical foundation of public data openness system, but there are still shortcomings because the premise of "utilization" is to access and obtain data, so "fair utilization right" has not completely solved the problem of "openness" of the most fundamental source of public data openness.
In fact, the determination of the right basis for public data openness is closely related to the broader debate on data ownership. In the digital age, the potential value and diversity of data have sparked a heated discussion about whether new "data ownership" (or intellectual property) is needed to provide additional incentives for investment in creating data collection and facilitating data transactions. At present, the driving force behind data collection investment mainly comes from actual control over the dataset, namely technical control. These controls include excluding the possibility of third-party use of the dataset. However, this possibility is not related to any ownership of the data. Therefore, in the context of the data economy, people gradually realize the core value of data for economic innovation capability and competitiveness. Due to the non competitive nature of data usage, we should not overly focus on ownership of data, but rather pay more attention to its widespread availability. By achieving openness, sharing, and linking of data, the potential of data can be fully utilized, thereby bringing more benefits to the economy and society.
In this context, "data access right" as an alternative solution has gradually received theoretical and practical attention. The so-called data access right refers to "granting enterprises and consumers who have interests in data access the right to access and use data under certain conditions, that is, making the actual controller of data legally obligated to allow others to access data.". In comparative law, the EU's Data Law provides comprehensive legislation on "data access rights", which not only creates the right to access data for users and third parties, but more importantly, clearly defines the obligations of data holders to ensure the realization of this right, including the obligation to default to data accessibility, the obligation to provide data to users, and the obligation to provide data to third parties. It also stipulates that data holders should provide data in a fair, reasonable, and non discriminatory manner and in a transparent manner. In theory, some scholars advocate that data access rights should be regarded as the cornerstone of the new information order, while others believe that data access rights should be regarded as the fundamental right model for data circulation and fair utilization. Some scholars also believe that from the perspective of basic rights, there are no insurmountable obstacles to establishing data access rights in law, especially when accessing non personal data. Legislators have greater room for judgment and can pursue legal goals by establishing corresponding rights or obligations to ensure fair distribution of data value chains.
In order to provide a more solid and clear normative foundation for the public data openness system, and promote the legalization and systematization of this system practice, this article believes that "data access rights" should be the right foundation of the public data openness system. This right corresponds to the obligation of the public sector to open public data, thus constructing a relationship structure in the legal system of public data where rights and obligations correspond and rights and powers are bound. Drawing inspiration from Alon Harel's rights certification model, data access rights can be proven as the basis for public data openness from two aspects: firstly, from an internal perspective, data access rights are the foundation for constructing individual digital identities and opposing data rights. In the digital age, the digitalization of individual self presentation may bring identity crisis, and obtaining and exchanging data becomes the key to constructing individual digital identity. In addition, the integration of data power and traditional administrative power has exacerbated the imbalance between individuals and the public sector, and data access rights have become the basis for individuals to resist data power. Secondly, from an external perspective, the implementation of data access rights will become an important part of the data social contract and a key breakthrough in solving the "data gap". In the digital age, it is necessary to establish a new rule - the data social contract, which will ensure that the reasonable use and reuse of data can create value for the economy and society, while ensuring fair distribution of the value created.
2.3 The negative effects of public data authorization operation
From a functionalist perspective, public data authorization operations have many positive effects, such as alleviating the pressure on public data management departments, providing high-quality and efficient data products and services, and stimulating the potential of the market to utilize and develop public data. However, at the same time, public data authorization operations have also generated some negative effects, and these negative effects span across two groups of relationships: public data authorities and authorized operation units, authorized operation units and individuals and organizations.
Firstly, there is a risk of privatization of public property. The so-called privatization of public property mainly refers to the transfer of resources, property, or rights that originally belonged to the public domain to individuals or a few people through improper means or methods, damaging the interests of the country or society. For example, the privatization of public property in the fields of construction, natural resources, and cultural heritage in China not only violates the principles of public interest, but also brings many risks and hazards to society. At present, the operation of public data authorization is still in practical exploration, and various institutional rules have not been established. Government dereliction of duty, driven by private interests, and imperfect legal supervision may all lead to the problem of "privatization of public property" in the operation of public data authorization. This may not only lead to the waste and unreasonable allocation of public data resources, but also cause "data inequality", undermine social trust and public spirit.
Secondly, there is a risk of improper charging. From a long-term development perspective, charging for authorized operation of public data is reasonable and can compensate for the cost of maintaining public data resources. However, due to the lack of unified rules and standards for the pricing of public data resources, the lack of scientific principles and methods for the distribution of benefits from public data, and the lack of a sound system and mechanism for the supervision of public data fees, it may lead to the risk of improper fees for authorized operations of public data. On the one hand, public data regulatory authorities or authorized operating agencies may price public data too high or too low, leading to an imbalance between supply and demand of public data, affecting market competition and efficiency; On the other hand, the public data regulatory authorities lack effective supervision and constraints on the charging behavior of public data, which may lead to authorized operating agencies abusing their advantageous position and imposing discriminatory or monopolistic charges on data users.
Thirdly, there is a risk of data monopoly. In the era of big data, data owners often have a huge competitive advantage, so data monopoly has become an important issue of widespread concern in various countries. In China, the Anti-Monopoly Commission of the State Council issued the "Anti-Monopoly Guidelines in the Field of Platform Economy" (National Anti-Monopoly Commission [2021] No. 1) in 2021, in which the term "data" appeared as many as 18 times. As for the operation of public data authorization, if public data is authorized to a few enterprises or institutions, they can centrally control the data in related fields and may form a data monopoly through the following methods: first, data accumulation advantage. Some enterprises or organizations may form a data monopoly position by accumulating and holding a large amount of public data for a long time, limiting the access of other participants and controlling the market; The second is to set up data barriers. Data monopolists may set data barriers through technical, legal, or economic means, making it difficult for other companies to access or use public data.
Fourthly, data security risks. In recent years, the widespread occurrence of large-scale data breaches has attracted social attention. Data security issues are not only related to personal interests and public interests, but also to national security interests. Therefore, the principle of safety and controllability is considered a fundamental principle that must be established for public data authorization operations. From past data security incidents, the data security risks that public data authorization operations may face mainly include the following forms: first, the risk of data loss of control, which mainly refers to the risk that public data regulatory authorities or public data operation institutions fail to effectively control the flow and scope of data in the process of public data acquisition, use, transmission, and provision, resulting in public data exceeding the authorized scope or being obtained or used in unauthorized ways. The second is the risk of data leakage, which mainly refers to the risk of malicious attacks or accidental leakage of data caused by the failure of public data regulatory authorities, authorized public data operation agencies, and public data users to take necessary technical measures and management mechanisms in the process of public data acquisition, use, transmission, and provision.
In summary, public data openness has become a national task in the digital age, and the authorization and operation of public data have changed the binary relationship structure in traditional public data openness. The public sector is no longer the direct obligation subject of data access rights. In addition, the authorized operation of public data may also cause many negative effects, so the state needs to intervene and assume corresponding responsibilities to ensure the security, controllability, and fair distribution of the data value chain.
3. What type of national responsibility is required for the authorization and operation of public data
In public law theory, the fulfillment of state tasks is closely related to the issue of responsibility sharing. Responsibility sharing mainly solves the problem of how to allocate and undertake public functions and tasks among different state organs and between the state and society in modern countries. German scholar Eberhard Schmidt A ß mann once pointed out that "all spectra of public law tasks involve responsibility and determine the type and scope of responsibility that the state bears when performing tasks together with the private sector. Here, responsibility is an epistemological concept that links practical operations, new protection needs, existing task norms, and organizational regulations.". This means that the positioning of national responsibility varies, and corresponding legal arrangements will also vary. As far as the operation of public data authorization is concerned, what type of responsibility should the state bear in the operation of public data authorization? It is necessary to examine whether the responsibility form under the current institutional model is suitable, and make corresponding institutional choices and arrangements based on learning from beneficial experiences at home and abroad.
3.1 Inappropriate Performance of Responsibility under the Payment Country Model
French public law scholar Di Ji once pointed out that the foundation of modern public law is public service. "A rule of government activity is the obligation to organize and govern public services in a way that avoids any chaos," and the government correspondingly has a certain social function that must be achieved. In theory, public data openness is often seen as a new type of public service, which is closely related to the public nature of public data. Although there are currently no national laws or administrative regulations that provide provisions for the connotation and extension of public data, theory and practice usually understand the public nature of public data from two aspects: firstly, the subjects of public data collection and generation are state agencies, business units, and organizations with the functions of managing public affairs and services; Secondly, public data refers to the data collected and generated by the aforementioned entities in the process of fulfilling their functions in public affairs management and public services. Therefore, the goal of public data openness is to minimize the barriers for various business and social entities to access public data, share the dividends of public data openness, and create an inclusive and inclusive ecosystem for the open utilization of public data. For a long time, government leadership has been the basic model of China's economic and social development, with administrative power almost permeating every corner of social life, and administrative agencies being the only management center. In this context, the type of national responsibility under the payment country model has become the primary choice for determining the type of national responsibility for authorized operation of public data.
In the theory of the state, the development of the paying state is the national image supported and represented by the social state principle, which requires modern paying state tasks to achieve goals such as improving economic and social welfare, balancing power inequality, and achieving fair and effective social contracts. According to the theory of responsibility allocation, in the model of the paying state, the state mainly bears the responsibility of "fulfilling the responsibility", that is, the state assumes the responsibility of fulfilling specific tasks through its affiliated organs or entities controlled by it. The manifestation of fulfilling responsibilities is the typical steps and sequence designed by the state according to specific personnel, technology, and organizational requirements when fulfilling tasks. Based on this, it can be divided into different tasks such as execution, planning, and supervision. In terms of public data openness, the state fulfilling responsibilities under the payment state model means that the public data regulatory authorities should start from multiple aspects such as organization, personnel, technology, etc., efficiently and high-quality develop and utilize public data, optimize the data value creation chain of collection, storage, processing, supply, and consumption, and meet the public's demand for public data and its products and services. This is also roughly in line with China's past practice of public data openness.
However, as the authorized operation of public data gradually becomes the main channel for public data openness, there is a mismatch problem in the national responsibility under the payment country model. Firstly, in terms of concepts and principles, the authorized operation model poses challenges to the state's ability to fulfill its responsibilities. In the payment state model, when the state assumes responsibility, the administrative rule of law mainly focuses on the exercise of administrative power, ensuring administrative legitimacy and rights protection through the public law principle centered on the principle of lawful administration. In the authorized operation of public data, market-oriented entities replace the public sector in fulfilling the task of public data openness. Their behavior does not have the attribute of exercising administrative power, nor is it different from the state's administrative execution and regulation methods. Therefore, market-oriented entities cannot be required to strictly abide by public law principles such as lawful administration and procedural justice. This means that the concepts and principles derived from the state's responsibility cannot be fully applied. As pointed out by German scholar Friedrich Schoch, the principles and rules established based on the structure of the state only apply to the state and only constrain actions that can be attributed to the state. Secondly, in terms of behavior and accountability, the authorized operation model poses challenges for the state to fulfill its responsibilities. In the payment state model, the main carrier for the state to fulfill its responsibility is "administrative actions", which emphasizes "result orientation" and mainly relies on judicial review to ensure the accountability of administrative actions. In the operation of public data authorization, various forms of behavior are relatively flexible and difficult to accurately cover in existing formal behaviors. Moreover, due to the intervention of market-oriented entities, the central position of judicial review in accountability has been shaken.
3.2 The legitimacy of guaranteed liability under the guarantee state model
How can we avoid the "gap" in the national responsibility requirements for public data authorization operation, since it is difficult for the country to fulfill its responsibilities under the payment country model to fit in with the public data authorization operation model? In the theory of public law, scholars have rethought the types of responsibilities that the state should undertake in different public tasks when facing the interactive relationships between the state, individuals, markets, and society driven by the wave of public-private cooperation. They have proposed the concept of "Gewährleistungsstaat" and defined it as "a state that adheres to its ultimate responsibility for the public interest and abandons the obligation to perform tasks on its own (directly).". Under the guarantee state model, the state guarantee responsibility established around the administrative legal relationship of guarantee has become the main type of state responsibility.
In order to present the role that the administrative subject should play in fulfilling public tasks with private power, guaranteed administration has emerged. Its positioning is to concretize the state's guarantee responsibility and shape it with an appropriate legal framework. It is generally believed that compared to intervening in or providing administrative assistance, the legal relationship of guarantee administration has the following characteristics: firstly, in the political administrative system, that is, in the framework of the client contractor combination, the control and embedding of the administrative department have changed, which means that the administrative department has to play the role of a contractor (sometimes also a client) and perform corresponding negotiation, supervision, and control tasks, which do not exist in the traditional hierarchical bureaucratic system. Secondly, due to changes in the legalization foundation and attitude towards administration, other resource allocation mechanisms, and more profound information control, administrative departments have begun to take on the responsibility of "enterprise administration" or management. Finally, from a social perspective, the understanding of state control in society is based on the concept of cooperation, which means that the participation of non-state actors is not only a means to achieve goals such as efficient production, but also a necessary condition for improving control capabilities.
As for the operation of public data authorization, since it is difficult to fully place it in the payment administration, does it mean that it can be directly included in the guarantee administration category? In this regard, legal relationship analysis can be used to determine whether it conforms to the characteristics of guarantee administration. When the state fulfills its public tasks on its own, its legal relationship is a binary relationship between the state and citizens, while the guarantee administrative legal relationship forms a triangular relationship composed of the state (mainly administrative agencies), the private sector performing the tasks, and the general public.
Firstly, the relationship between the state and the private sector responsible for carrying out tasks. In the guarantee state model, the state entrusts the fulfillment of state tasks to the private sector and supervises them as a "guarantor" to ensure that the private sector provides payments that meet the standards of general public needs. On this basis, a supervisory relationship with public law attributes has been formed between the state and the private sector performing tasks. In the operation of public data authorization, the relationship between the state and the private sector performing tasks is mainly reflected in the relationship between the public data authority and the public data authorization operation unit. From a practical perspective, the authorization and operation of public data is not a single act, but a process that includes stages such as information dissemination, application submission, qualification review, and agreement signing. Therefore, the supervisory role of the public data regulatory department has characteristics of power, dynamism, and process.
Secondly, the relationship between the private sector performing tasks and the general public. In the guarantee state model, public tasks are fulfilled by the private sector, while the general public who enjoy relevant benefits or services are in a "consumer" position. At this time, the legal relationship formed by the two is mainly reflected in the private law contract relationship. In this private law contractual relationship, the general public can obtain the necessary services by purchasing goods or paying related fees. In the practice of public data authorization operation, the public data authorization operation unit is actually responsible for public data management, directly providing data products and services to the general public, and its relationship with the general public is mainly reflected in private law contractual relationships.
Thirdly, the relationship between the state and the general public. Under the guarantee state model, public tasks are actually performed by the private sector. At this time, does the state have an obligation to pay the general public when performing public tasks on its own under the state model? According to the so-called "principle of maintaining national tasks", public tasks can be participated in or fulfilled by the private sector, and the responsibility of the state for the original tasks and the nature of public tasks remain unchanged. In this case, the relationship between the state and the general public is mainly reflected in the secondary protective legal relationship, with the state in the position of "guarantor". As far as public data authorization operation is concerned, its essence is that the public data authority entrusts the task of public data opening to the public data authorization operation unit, but it does not mean that the public data authority completely withdraws. For the general public, the public data authority still needs to bear routine responsibilities such as supervision and management in the authorized operation of public data, and a secondary protective legal relationship has been formed between the public data authority and the general public.
3.3 The content of guarantee liability in public data authorization operation
The content of state guarantee liability is related to the theory of liability hierarchy. It is generally believed that state guarantee responsibility can be further divided into levels of responsibility such as preparatory responsibility, supervisory responsibility, regulatory responsibility, takeover responsibility, and buffer responsibility. Based on this, combined with the actual situation of public data authorization operations, the national guarantee responsibility in public data authorization operations can be divided into the following levels of responsibility.
Firstly, the preparation responsibility in the operation of public data authorization. Under the guarantee state model, the state's preparatory responsibility mainly includes appropriate legal provisions for resolving social disputes, principles and rules of conduct, and conflict resolution mechanisms and procedures available for selection and use. In order to maintain scientific compatibility and make it practical and easy to manage, the "guarantee state" model must be transformed into existing legal structures and filled with precise legal content, so it is necessary to establish it in applicable laws. As for the authorization and operation of public data, the main responsibility of the state is to formulate and improve legal norms related to the authorization and operation of public data. In terms of legislative purposes and principles, it is possible to consider adding "protecting the rights of citizens, legal persons, and other organizations to access and use public data fairly", establishing a basis for the right to open public data, which can promote the active participation of diverse social entities, and at the same time constrain the government's profit driven impulse and improper authorization under the concept of "data finance".
In terms of specific rules, special provisions should be made for the authorization and operation of public data: firstly, the connotation, extension, and legal status of public data should be established. Public data should meet the dual standards of subject element publicness and content element publicness, and cannot be excessively expanded. On this basis, public data can be classified through the directory list system, so that the public and stakeholders can understand the scope of authorized operation of public data. The second is to construct differentiated public data authorization operation methods and conditions. Public data is not a highly homogeneous single type of data, but a data resource pool with a specific degree of publicness, including government data, public non-profit entity data, public profit entity data, and other different types. Therefore, it is necessary to set up authorization operation methods and conditions based on the characteristics of various types of public data, and avoid using a "packaged" authorization operation for all public data. The third is to clarify the regulatory mechanism and accountability for authorized operation of public data. The regulatory mechanism should include qualification review of authorized operating units, monitoring and evaluation of data usage, and punishment for illegal activities.
Secondly, regulatory responsibilities in the operation of public data authorization. In the guarantee state model, the state no longer personally fulfills public tasks, but rather the private sector contributes to the fulfillment of tasks with different intensities. The task between the state and the private sector is completed within the scope of cooperation, which includes the private sector in the framework of national regulation and maintains the autonomy of the private sector within the boundaries defined by the state. Therefore, regulation has become the core element of guarantee administration, and regulatory responsibility has become an important level of guarantee responsibility. Under the guarantee state model, regulatory responsibility, as a professional and dynamic type of responsibility, mainly includes regulatory licensing, regulatory pricing, regulatory quality, regulatory competition, and other aspects. In terms of public data authorization operation, the regulatory responsibility of the state is a complex and multidimensional institutional arrangement, requiring the state to take professional and dynamic regulatory measures in access control, price (fee) control, quality control, revenue control, and other aspects of public data authorization operation, in order to achieve effective market supervision and reasonable utilization of public data resources.
Thirdly, the responsibility for takeover in the operation of public data authorization. In the guarantee state model, once it is found that the relevant private sector is unable to properly complete public tasks in the expected manner, the state must have a withdrawal and takeover plan to ensure the continuous performance of public tasks. Therefore, taking over responsibility is the final barrier for a country to fulfill its obligation to ensure results. Only when dangerous situations or significant inadequate care occur in a specific field, will the administrative agency provide or entrust other entities to provide relevant payments in a "replacement" manner. In terms of public data authorization and operation, the state's takeover responsibility is also an important part of the state's guarantee responsibility. When there is management chaos, low efficiency, or significant data security risks in the operation of public data authorization, it may seriously threaten multiple interests such as personal information privacy, trade secret protection, and national security. In order to maintain data order and ensure the security and legality of public data utilization, the state has the obligation to intervene and take necessary takeover measures. Of course, takeover actions should follow the principles of the rule of law, ensure procedural justice, and avoid unnecessary interference with the normal operation of the data market.
In summary, it is difficult for the state to fulfill its responsibilities under the payment country model to adapt to the development of public data authorization operations. On the contrary, the authorized operation of public data is in line with the administrative legal relationship of guarantee. Therefore, the national guarantee responsibility formed around guarantee administration should be regarded as the type of national responsibility for authorized operation of public data. "When administration - usually committed to promoting public welfare within the space provided by law - entrusts public tasks to private individuals, it creates a guarantee responsibility."
4. The Regulation of State Guarantee Responsibility in Public Data Authorization Operations
Under the guarantee country model, the national guarantee responsibility in the operation of public data authorization has rich levels of responsibility. However, how to further clarify and implement the regulatory direction of national guarantee responsibility? It is generally believed that the basic framework of guarantee administrative law mainly includes the following contents: first, tools to ensure the quality and results of private services; The second is to provide a procedure for the public sector to select suitable private partners; The third is to protect the rights of third parties; The fourth is to provide guidance and control measures and so on. Taking this as a reference, this article believes that the regulatory direction of the national guarantee responsibility for public data authorization operation can be determined from the following three dimensions: first, the protection of individual rights, mainly reflected in the guarantee of personal information and privacy protection; The second is the promotion of fair competition, mainly reflected in the guarantee of fair access, universal supply, and reasonable fees in the operation of public data authorization; The third is the maintenance of public interests, mainly reflected in the continuous supply of public data, the guarantee of supply quality and supply security.
4.1 Protection of individual rights
The guarantee responsibility of the state should first focus on the basic rights requirements. The huge advantage of being based on basic rights is that it can better establish the state's action areas. In the operation of public data authorization, the guarantee of individual rights protection by the state is mainly reflected in the guarantee of personal information and privacy protection. The main reason for emphasizing the guarantee responsibility of the state for personal information and privacy protection is that public data usually contains a large amount of personal information. Once abused, leaked or improperly used, it may have a wide range of adverse effects on personal rights and public interests, reducing the public's trust and acceptance of authorized operation of public data.
In order to fulfill the guarantee responsibility of China's public data authorization operation for personal information and privacy protection, the following measures can be considered: firstly, establish and improve the personal information protection mechanism in public data authorization operation. The public data regulatory authority shall require authorized operating units to establish a technical and management system for personal information protection. In terms of technical system, the application of privacy computing, identity authentication, access control, security auditing, process tracing and other technical means should be strengthened to prevent illegal acquisition and abuse of personal information, and achieve the full process of public data operation to be recorded, audited, and traceable; In terms of management system, an organizational structure for personal information protection should be established, such as the Chief Personal Information Protection Officer, clarifying the responsibilities and authorities of personal information protection, and strengthening the training and supervision of internal employees to enhance their awareness and ability in personal information protection. The second is to strengthen the supervision and monitoring of personal information protection in public data authorization operations. The public data regulatory department shall establish a monitoring and evaluation mechanism for personal information protection, regularly evaluate and monitor the personal information protection situation of authorized operating institutions, and timely discover and solve personal information protection problems.
4.2 Promotion of fair competition
In the Administrative Law on Guarantee, competition is endowed with instrumental functions, and market-based competition is used as a tool to achieve public interests. Guarantee countries not only need to respond to market competition, but also hope to establish competition for the market. The guarantee country is not limited to regulating the market, but allocates market opportunities under scarce conditions, which requires a fair and just distribution procedure. In terms of public data authorization operations, fair access, universal supply, and reasonable fees are key to promoting fair competition.
Firstly, the guarantee for fair admission of the applying unit. In guarantee administration, whether private individuals can meet the prescribed payment standards for fulfilling public tasks largely depends on the qualifications of the selected private actors, namely their professional ability, reliability, and performance ability. Therefore, designing a comprehensive and usable partner selection procedure has become a structural element of guarantee administrative law. In the authorized operation of public data, public data itself has important economic value, so the operation opportunities of public data will have great attraction to market entities. In this case, the state acts as a regulatory purchaser related to public welfare services, allocating scarce resources in the form of market opportunities. Therefore, the state must first ensure a neutral, reasonable, and competition oriented allocation standard supported by procedural law, avoiding the principle of "first come, first served" and soft standards. The subjective rights of "applicants" also require the state to comply with procedural obligations.
Secondly, the guarantee for the popularization and supply of public data. A core element of public data openness is "universal participation", which means that everyone can use, reuse, and disseminate data. "Universal participation" is reflected in the operation of public data authorization as the "universal supply" of public data, which means that the general public obtains the required public data at an acceptable cost throughout society. In order to achieve the goal of popularizing public data supply and prevent private sectors from selectively providing public data and related products and services, the state should take corresponding measures to ensure the popularization and supply of public data according to different application scenarios: on the one hand, for public governance and public interest related application scenarios, conditional free supply should be adopted, and for industrial development related application scenarios, conditional paid supply can be adopted; On the other hand, the authorized operation of public data should also properly address the problem of "data inequality" in the development of the digital economy. Authorized operation units should provide equal opportunities for data access, lower the threshold for small and medium-sized enterprises to access public data, and the country should take corresponding measures to improve the data utilization capacity of small and medium-sized enterprises.
Thirdly, the guarantee of reasonable fees for public data. Since the rise of the government data openness movement globally, the issue of fees has always been a concern. In order to prevent the problem of "unreasonable fees" in the authorization and operation of public data, the country can take the following measures: first, guide the operating units to establish the correct concept of public data management. As a public resource, the value of public data is not only reflected in the data itself, but also in its contribution to social and economic development. Public data authorization operations should aim to promote social progress and economic development, rather than simply pursuing maximum economic benefits. The second is to strengthen the supervision of pricing mechanisms for public data and related products and services. Government departments can adopt government guided pricing or self pricing filing mechanisms to supervise the pricing and charging behavior of authorized operating units.
4.3 Maintenance of Public Interest
In the Administrative Law on Guaranty, the core essence of guarantee responsibility is for the state to ensure the ultimate realization of public interests by private forces as a guarantor. In the digital age, public data supply has become the key to digital infrastructure and digital survival care. On the one hand, digital infrastructure is all kinds of infrastructure providing support and services for the digital society, including the Internet, cloud computing, the Internet of Things, etc., while public data supply provides important data support for digital infrastructure; On the other hand, digital survival care is a variety of services and guarantees provided by the digital society to individuals, including e-government, online education, and remote healthcare. The implementation of these services and guarantees cannot be separated from the supply of public data. Therefore, the authorization and operation of public data is related to the realization of public interests, and the country must take corresponding measures to avoid causing harm to public interests.
Firstly, the guarantee of continuous supply of public data. From early government data openness to entering a new stage of public data authorization and operation, China's public data resource governance has been facing problems of insufficient resource integration and low circulation efficiency, seriously affecting the sustained supply of public data. In order to ensure the uninterrupted supply of public data, the country can take the following measures: first, unify the standards and specifications of public data. Only a unified public data standard specification can achieve interoperability and consistency of public data between different systems, departments, and fields. The second is to establish and improve a public data circulation mechanism. In order to break the "data silos", in addition to unifying the standards and specifications of public data, it is also necessary to establish a unified data sharing platform and mechanism to promote data sharing among departments. The third is to increase incentives and support for public data supply. The state should fully leverage the guiding role of fiscal funds, increase investment in public data supply, improve performance evaluation mechanisms, and encourage public departments at all levels to actively collect and share public data.
Secondly, the guarantee of the quality of public data supply. The quality of public data supply involves multiple aspects such as accuracy, completeness, and timeliness of data, and requires the government to take measures from institutional design, technical support, and other aspects. Firstly, strengthen the management and evaluation mechanism of public data quality. The state should strengthen quality control over the collection, processing, storage, and transmission of public data, and encourage third-party institutions and intermediary service organizations to conduct quality evaluations of public data. The second is to improve the mechanism for reporting and handling complaints about public data quality. The general public is the main user and beneficiary of public data, and they have a direct perception and demand for the quality of public data. The country can establish online platforms for the public to query and provide feedback on data quality issues. The third is to punish behaviors that violate laws and regulations and damage the quality of public data. The state shall hold accountable for intentional provision of false data, tampering with data, or misuse of data in accordance with the law.
Thirdly, the guarantee of public data supply security. The application scope of public data is extensive, involving various aspects of people's lives, health, education, environment, etc. The public has legitimate and reasonable expectations for the secure supply of public data. In order to ensure the security of public data supply, the state can take the following measures: firstly, through qualification review, contract governance and other mechanisms, require authorized operating institutions to establish a public data security management mechanism. The public data regulatory authorities should strengthen the review of the organizational structure, personnel quality, technical equipment, and security management system of authorized operating units. They can also require authorized operating units to establish a public data security management mechanism through "contract governance". The second is to encourage authorized operating agencies to fulfill their public data security responsibilities through mechanisms such as evaluation, monitoring, and information disclosure. The public data regulatory authority shall regularly conduct security assessments on the storage, transmission, processing and other aspects of public data, and may also require authorized operating institutions to conduct self-assessment or third-party evaluation of data security management and disclose to the public data regulatory authority through regular or special reports.
5. Conclusion
Public data openness is an important way for countries to achieve modernization of governance capabilities, protect individual rights, promote economic and social development, and provide social welfare in the digital society. It is in line with the purpose analysis, demand analysis, and choice analysis of national tasks and should become a national task in the digital age. The authorized operation of public data essentially refers to the state entrusting the task of opening public data to market-oriented entities for actual implementation, which is a specific manifestation of public-private cooperation in the fulfillment of national tasks. In this regard, it is difficult to solve the risk and responsibility sharing in the operation of public data authorization under the theory of the state of payment, and there is an mismatch problem. On the contrary, the authorized operation of public data conforms to the characteristics of the guarantee administrative legal relationship under the guarantee state theory, and the state should bear the guarantee responsibility to ensure the ultimate realization of public interests.
The original text was published in the second issue of Tsinghua Law Journal in 2024. Thanks for the authorized reprint of "Tsinghua Law" on WeChat official account.