Click above|Follow us
Domestic law enforcement has intensified recently. The Ministry of Industry and Information Technology (MIIT) and communications administrations in Beijing, Jiangsu, Sichuan-Chongqing, Liaoning, Anhui and other regions have announced lists of rights-infringing APPs. The Shanghai Cyberspace Administration released results of a special campaign against unauthorized photography (including candid and street photography) that violates citizens' portrait rights, privacy and personal information rights. The Chongqing Cyberspace Administration published typical cases of special campaigns and lawfully punished illegal generative artificial intelligence (AI) service activities. In the domestic judicial field, trial information of multiple cases has been disclosed. On personal information protection, the Beijing No. 4 Intermediate People's Court announced trial status and typical cases, covering sensitive personal information separate consent and rights exercise by data subjects. The Beijing Internet Court released a case on data sharing among associated APPs, focusing on the legal basis for such sharing. For AI governance, the Shanghai Jinshan District People's Court ruled the platform had fulfilled obligations like reasonable notification and did not infringe copyright in a LoRA model-related case. The Shanghai Higher People's Court issued an AI prompt copyright case, holding the involved prompts do not constitute works. Additionally, Shanghai completed China’s first filing of foreign-funded large model products. Overseas, the EU’s "package" reform of digital legislation has drawn attention. Germany’s Munich Regional Court ruled OpenAI’s use of lyrics to train ChatGPT constitutes copyright infringement.
HOTSPOT
HOTSPOT
Beijing Internet Court Releases Case: Affiliated Enterprises Liable for Joint Liability When Affiliated Apps Share User Data Without Valid Consent
On November 5, 2025, the Beijing Internet Court released a concluded infringement case involving data sharing among affiliated apps. The court held that the cross-platform data sharing by two affiliated defendant enterprises constitutes "joint processing of personal information" as stipulated in the Personal Information Protection Law: For the processing of general personal information such as nicknames, avatars, dynamics, and fan lists, no valid user consent was obtained because the processing subjects, types of information, and methods were not fully informed. For the processing of sensitive/private information such as real-name authentication and private messages, no separate user consent was obtained.
Accordingly, the court determined that the two defendants infringed upon personal information rights and privacy, ordering them to bear joint and several liability, offer an apology, and compensate for damages. This case clarifies that even when jointly processing user data under a "unified service platform system," enterprises must fulfill the obligation of full disclosure and obtain separate user consent for the processing of sensitive personal information; otherwise, they will be held liable for infringement in accordance with the law.
Source: Beijing Internet Court
Platform Not Liable for Infringement When Fulfilling Reasonable Obligations: Shanghai Rules on LoRA Model Infringement Case
According to the official WeChat account of the Shanghai Higher People's Court, on November 3, 2025, the Shanghai Jinshan District People's Court rendered a first-instance judgment in Shanghai's first copyright infringement case involving large AI models. In this case, the defendant AI model platform provided basic model services while allowing users to upload materials for self-training and publishing models, as well as enabling other users to utilize these self-trained models. When the training materials and self-trained models uploaded by a co-defendant user infringed copyrights, the court ruled that the platform did not constitute infringement because it had fulfilled the obligations of "taking necessary measures" and "forwarding notifications."
This case reflects that current generative AI service providers have significantly improved the standardization of measures such as notifications and complaint/reporting channels, as well as their ability to handle user infringement. Generative AI service providers should ensure the adoption and continuous optimization of all compliance measures required by the Interim Measures for the Administration of Generative Artificial Intelligence Services, actively deploy intellectual property review and filtering mechanisms, establish effective internal processes to promptly respond to and handle complaints and reports, and reduce infringement risks.
For more information, please click here.
Source: Shanghai Higher People's Court
German Court Rules OpenAI Infringes Copyright by Using Lyrics to Train ChatGPT
According to public information from the Munich I Regional Court, on November 11, 2025, the 42nd Civil Senate of the Munich I Regional Court, after review, dismissed the plaintiff’s claim for "general personality rights" but substantially supported all other claims. The court held that OpenAI’s unauthorized use of copyrighted lyrics to train the ChatGPT model—with the model capable of outputting the lyrics via simple prompts—constitutes copyright infringement, ordering OpenAI to bear compensation liability.
This is the first time a German court has addressed the conflict between AI training and copyright protection in judicial practice, drawing clear compliance red lines for German GEN AI operators regarding training data sources and output content governance. Through systematic analysis, the court provided a clear judicial interpretation of "memory" behavior in model training, the subject and legal nature of model output content, and the application of text and data mining (TDM) exception clauses. The first-instance judgment is not yet legally binding, and OpenAI has stated it "will take next steps"—future developments remain to be seen.
For more information, please click here.
Source: Bavarian Ministry of Justice
https://www.justiz.bayern.de/gerichte-und-behoerden/landgericht/muenchen-1/presse/2025/11.php
NEWSLETTER
NEWSLETTER
(Click on the source or copy the corresponding link to view the details)
LEGISLATION
National Health Commission (NHC) released the Implementation Opinions on Promoting and Regulating the Application and Development of "Artificial Intelligence + Healthcare"
Source: National Health Commission (NHC)
https://www.gov.cn/zhengce/202511/content_7047015.htm#:~:text=%E3%80%8A%E5%AE%9E%E6%96%BD%E6%84%8F%E8%A7%81%E3%80%8B%E4%BB%A5%E4%B9%A0,%E7%9A%84%E5%81%A5%E5%BA%B7%E6%9C%8D%E5%8A%A1%E9%9C%80%E6%B1%82%E3%80%82
National Development and Reform Commission (NDRC) and other departments issued the Implementation Plan on Promoting the Opening and Interconnection of Logistics Data to Effectively Reduce the Overall Social Logistics Costs
Source: National Development and Reform Commission (NDRC)
https://www.ndrc.gov.cn/xxgk/zcfb/tz/202511/t20251110_1401472.html
General Office of the State Council released the Implementation Opinions on Accelerating the Cultivation and Opening of Scenarios to Promote the Large-Scale Application of New Scenarios
Source: National Data Administration (NDA)
https://www.nda.gov.cn/sjj/swdt/xwfb/1107/20251107204605243708889_pc.html
Jinan Municipal Government released the Interim Measures for the Administration of Road Testing and Demonstration Application of Intelligent Connected Vehicles in Jinan New and Old Kinetic Energy Conversion Pilot Zone (Draft for Comments), which intends to put forward clear requirements for road test data. The "15th Five-Year Plan" has been reviewed and approved to further advance the construction of Digital China
Source: Website of Jinan New and Old Kinetic Energy Conversion Pilot Zone
http://jnxxq.jinan.gov.cn/art/2025/10/27/art_122932_5605.html
INDUSTRY TRENDS
Cyberspace Administration of China (CAC) issued an announcement on the filing information of the 14th batch of deep synthesis service algorithms
Source: Cyberspace Administration of China (CAC)
Cyberspace Administration of China (CAC) released exposed cases of the special campaign to rectify online chaos in the automotive industry
Source: Cyberspace Administration of China (CAC)
https://www.cac.gov.cn/2025-11/12/c_1764671183973298.htm
Cyberspace Administration of China (CAC) issued an announcement on the filed information of generative artificial intelligence services (September-October 2025)
Source: Cyberspace Administration of China (CAC)
https://www.cac.gov.cn/2025-11/11/c_1764585284364412.htm
Ministry of Industry and Information Technology (MIIT) announced the list of APPs (SDKs) that infringe on users' rights and interests (the 7th batch in 2025, the 52nd batch in total)
Source: Ministry of Industry and Information Technology (MIIT)
Ministry of Industry and Information Technology (MIIT) and National Financial Regulatory Administration organized the second batch of pilot work on cybersecurity insurance services
Source: Ministry of Industry and Information Technology (MIIT)
Two foreign-funded large models in Shanghai (the first batch in China) passed the national filing
Source: Shanghai Municipal Commission of Economy and Informatization
Beijing No. 4 Intermediate People's Court announced the trial status and typical cases of personal information protection cases
Source: Beijing No. 4 Intermediate People's Court
Beijing Internet Court released a case: Associated APPs shared user data without obtaining valid consent, and the associated enterprises shall bear joint liability
Source: Beijing Internet Court
Shanghai Higher People's Court released a copyright infringement case involving AI prompts, in which the involved prompts did not constitute a work
Source: Shanghai Higher People's Court
Shanghai Communications Administration announced the removal of 27 APPs (SDKs) that infringe on users' rights and interests, most of which belong to the express logistics industry
Source: Shanghai Communications Administration
Shanghai Jinshan District People's Court made a first-instance judgment on the copyright infringement case involving the LoRA model, holding that the platform had fulfilled its obligations such as reasonable notification and did not constitute infringement
Source: Shanghai Higher People's Court
Shandong Provincial Public Security Bureau's Cyber Security Division released a case: An employee maliciously deleted the company's data before resignation, which is suspected of violating laws and committing a crime
Source: Cyber Security Bureau of the Ministry of Public Security
Shanghai Cyberspace Administration released the results of a special campaign to crack down on unauthorized photography (including candid photography and street photography) that infringes on citizens' portrait rights, privacy rights, and personal information rights
Source: Shanghai Cyberspace Administration
Shanghai Communications Administration issued a notice on APPs (SDKs) that infringe on users' rights and interests (the 9th batch in 2025)
Source: Shanghai Communications Administration
Beijing Municipal Public Security Bureau's Cyber Security Division released a case: A relevant entity was penalized for failing to publish vulnerability information of online products in accordance with regulations
Source: Cyber Security Bureau of the Ministry of Public Security
Beijing Communications Administration issued a notice on problematic mobile internet applications (the 10th issue in 2025)
Source: Beijing Communications Administration
Jiangsu Communications Administration issued a notice on APPs that infringe on users' rights and interests (the 8th batch in 2025)
Source: Jiangsu Communications Administration
Sichuan and Chongqing released a notice on the list of APPs that infringe on users' rights and interests (the 10th issue in 2025)
Source: Sichuan Communications Administration
Liaoning Communications Administration issued a notice on the removal of 2 APPs that infringe on users' rights and interests (the 1st batch in 2025)
Source: Liaoning Communications Administration
Anhui Communications Administration issued a notice on APPs that infringe on users' rights and interests (the 7th batch in 2025)
Source: Anhui Communications Administration
Chongqing Cyberspace Administration released typical cases of the "Qinglang Bayu" special campaign and lawfully investigated and dealt with acts of engaging in generative artificial intelligence services in violation of regulations
Source: Chongqing Cyberspace Administration
Bijie Cyberspace Administration of Guizhou Province penalized an operator of a WeChat mini-program
Source: Bijie Cyberspace Administration
OVERSEAS
EU:
European Parliament Publishes Study on the Interaction Between the AI Act and the European Digital Legislative Framework
Source: European Parliament
https://www.europarl.europa.eu/RegData/etudes/STUD/2025/778575/ECTI_STU(2025)778575_EN.pdf#:~:text=This%20report%2C%20commissioned%20by%20the%20European%20Parliament%E2%80%99s%20Committee,the%20AI%20Act%20and%20these%20surrounding%20legislative%20instruments
European Commission Launches First Round of Drafting Work on Code of Practice for Transparency of AI-Generated Content
Source: European Commission (EC)
https://digital-strategy.ec.europa.eu/en/policies/code-practice-ai-generated-content
European Commission Proposes Regulation on the Security of Critical Infrastructure to Gradually Phase Out Huawei and ZTE Technologies from 5G Networks
Source: European Technology Magazine
https://www.techzine.eu/news/privacy-compliance/136243/brussels-wants-to-ban-huawei-and-zte-from-telecom-networks/
Europe Investigates China’s Yutong Electric Vehicles: Remote Access to Vehicle Data and Emergency Stop Control
Source: Ruter
https://ruter.no/en/ruter-with-extensive-security-testing-of-electric-buses?sessionid=-1970435487#44fddb8e3328
NOYB Issues Open Letter Expressing Opinions on the "Omnibus" Reform of EU Digital Legislation
Source: NOYB
https://noyb.eu/en/open-letter-digital-omnibus-brings-deregulation-not-simplification
CJEU Rules That Direct Marketing Emails Can Directly Apply the Exception Under the ePrivacy Directive Without Needing a Lawful Basis Under GDPR
Source: Court of Justice of the European Union (CJEU)
https://curia.europa.eu/juris/document/document_print.jsf?mode=lst&pageIndex=0&docid=306136&part=1&doclang=FR&text=&dir=&occ=first&cid=3513562
EDPS Publishes Guidelines on Risk Prevention and Control of AI Systems
Source: European Data Protection Supervisor (EDPS)
https://www.edps.europa.eu/data-protection/our-work/publications/guidelines/2025-11-11-guidance-risk-management-artificial-intelligence-systems_en
EU: EDPB Publishes Opinion on Adequacy Decision for Brazil
Source: European Data Protection Board (EDPB)
https://www.edpb.europa.eu/news/news/2025/draft-adequacy-decision-brazil-edpb-adopts-opinion_en
United States (US):
EPIC Publishes Five-Year Observation on Privacy Enforcement by State Attorneys General
Source: Electronic Privacy Information Center (EPIC)
https://epic.org/epics-insights-from-a-five-year-retrospective-on-state-attorneys-general-privacy-enforcement-and-tools-for-the-work-ahead/#:~:text=The%20report%20covered%20a%20five-year%20span%20from%20January,and%20settlements%2C%20as%20well%20as%20letters%20and%20investigations
Center for Digital Democracy (CDD) Urges FTC to Ban Meta from Using AI Chatbot Data for Advertising Campaigns
Source: Center for Digital Democracy (CDD)
https://democraticmedia.org/publishings/ftc-group-letter-call-for-ftc-oversight-investigation-and-suspension-of-meta-s-ai-chatbot-advertising-practice
California Attorney General Decides to Penalize Sling TV for Violating CPPA, Involving Failure to Provide Convenient Opt-out and Inadequate Protection of Children's Privacy
Source: California Attorney General
https://oag.ca.gov/news/press-releases/attorney-general-bonta-secures-530000-settlement-sling-tv-first-enforcement#:~:text=OAKLAND%20%E2%80%94%20California%20Attorney%20General%20Rob%20Bonta%20today,failing%20to%20provide%20sufficient%20privacy%20protections%20for%20children
Google Reaches $1.375 Billion Privacy Settlement with Texas Attorney General
Source: Texas Attorney General
https://www.texasattorneygeneral.gov/news/releases/attorney-general-ken-paxton-finalizes-historic-settlement-google-and-secures-1375-billion-big-tech
Amazon Sues Perplexity for Unauthorized Use of Agent to Access Customer Data
Source: Court Listener
https://www.courtlistener.com/docket/71874820/amazoncom-services-llc-v-perplexity-ai-inc/
New York Attorney General Encourages Consumers to Report Undisclosed Algorithmic Pricing
Source: New York Attorney General
https://ag.ny.gov/press-release/2025/attorney-general-james-warns-new-yorkers-about-algorithmic-pricing-new-law-takes#:~:text=NEW%20YORK%20%E2%80%93%20New%20York%20Attorney%20General%20Letitia,companies%20using%20algorithmic%20pricing%20without%20properly%20disclosing%20it
EPIC Publishes White Paper "Privacy Risks in Government Data Mining"
Source: Electronic Privacy Information Center (EPIC)
https://epic.org/data-mining-whitepaper/#:~:text=On%20November%206%2C%202025%2C%20EPIC%20published%20the%20white,some%20of%20the%20problems%20with%20government%20data%20mining
GUARD Act (Get Users' Age Right with AI Detection Act) Introduced to the Senate
Source: United States Congress
https://www.congress.gov/bill/119th-congress/senate-bill/3062/text/is
A judge in the Southern District of New York issued an order requiring OpenAI to disclose 20 million conversation records
Source: OpenAI
https://openai.com/index/fighting-nyt-user-privacy-invasion/
California CPPA Renamed CalPrivacy, Launching New Consumer Privacy Tools
Source: Zoonop
https://zoonop.com/articles/california-privacy-protection-agency-rebrands-to-calprivacy-launches-new-consumer-privacy-tools
New York's Algorithmic Pricing Disclosure Law Takes Effect
Source: Jones Day
https://www.jonesday.com/en/insights/2025/11/new-yorks-novel-algorithmic-pricing-disclosure-law-takes-effect
Texas Sues a Children’s Game Platform Operator for Deceptive Practices and Endangering Children’s Safety
Source: Texas Attorney General (AG)
https://www.texasattorneygeneral.gov/news/releases/attorney-general-ken-paxton-sues-roblox-putting-pixel-pedophiles-and-profits-over-safety-texas
UK:
ICO Consults Public on "Draft Data Protection Enforcement Guidelines"
Source: Information Commissioner's Office (ICO)
https://ico.org.uk/about-the-ico/ico-and-stakeholder-consultations/2025/10/ico-consultation-on-data-protection-enforcement-procedural-guidance/
UK Court Rules That AI Models Do Not Constitute Infringing Copies, but Outputting Watermarked Images Constitutes Trademark Infringement
Source: High Court of Justice of England and Wales
https://www.law.berkeley.edu/wp-content/uploads/2025/11/Getty-Images-v-Stability-AI.pdf
"Cyber Security and Resilience Act" Introduced to Parliament
Source: UK Parliament
https://bills.parliament.uk/bills/4035
International:
United States and Thailand Sign Framework Agreement on Reciprocal Trade to Ensure Free Cross-Border Data Transfer for Commercial Activities
Source: The White House
https://ustr.gov/about/policy-offices/press-office/fact-sheets/2025/october/fact-sheet-united-states-and-thailand-reach-framework-agreement-reciprocal-trade#:~:text=The%20United%20States%20and%20the%20Kingdom%20of%20Thailand,market%20while%20bolstering%20U.S.%20national%20and%20economic%20security
APEC Leaders Jointly Release Artificial Intelligence Initiative
Source: APEC
https://www.apec.org/meeting-papers/leaders-declarations/2025/2025-apec-leaders--gyeongju-declaration/apec-artificial-intelligence-(ai)-initiative-(2026-2030)
Netherlands: AP Conducts Law Enforcement on Cookie Violations Against 200 Enterprises
Source: AP
https://www.autoriteitpersoonsgegevens.nl/actueel/ap-driekwart-websites-past-misleidende-cookiebanner-aan-na-waarschuwing-onderzoek-gestart-naar-weigeraars?sessionid=-1974381589
Hong Kong, China: PCPD Reminds That LinkedIn Will Use User Data for Generative AI Training
Source: Privacy Commissioner for Personal Data (PCPD), Hong Kong
https://www.pcpd.org.hk/english/news_events/media_statements/press_20251030.html#:~:text=The%20Privacy%20Commissioner%20for%20Personal%20Data%2C%20Ms%20Ada,to%20decide%20whether%20to%20consent%20to%20such%20use
Ecuador: Superintendency of Personal Data Protection (SPDP) Issues the General Norms on the Large - Scale Processing of Personal Data
Source: SPDP
https://spdp.gob.ec/resolucion291025/
New Zealand: Biometric Processing Privacy Code Takes Effect
Source: Office of the Privacy Commissioner, New Zealand
https://www.privacy.org.nz/privacy-principles/codes-of-practice/biometric-processing-privacy-code/
Hungary: Passes First Domestic AI Legislation Implementing the AI Act
Source: Daily News Hungary
https://dailynewshungary.com/hungary-pass-artificial-intelligence-law/Australia: OAIC Releases 2024-2025 Annual Privacy Regulatory Report
Source: Office of the Australian Information Commissioner (OAIC)
https://www.oaic.gov.au/about-the-OAIC/our-corporate-information/oaic-annual-reports/annual-report-2024-25?sessionid=1472923070
India: Ministry of Electronics and Information Technology Releases AI Governance Guidelines
Source: India AI
https://indiaai.s3.ap-south-1.amazonaws.com/docs/guidelines-governance.pdf
Latvia: DVI Issues Guidelines on How to Enable Users to Easily Withdraw Consent to Cookies
Source: Data State Inspectorate (DVI)
https://www.dvi.gov.lv/lv/jaunums/dviskaidro-ka-nodrosinat-lietotajiem-iespeju-viegli-atsaukt-piekrisanu-sikdatnem
France:
CNIL Launches Investigation on the Role of DPOs in AI Governance
Source: Commission Nationale de l'Informatique et des Libertés (CNIL)
https://www.cnil.fr/fr/dpo-a-lheure-de-lia-lancement-enquete-2025
Paris Prosecutor’s Office Launches Investigations into Chinese Platforms Including Shein, Temu, and AliExpress
Source: Visual Times
https://www.visiontimes.com/2025/11/05/france-launches-probe-into-chinese-e-commerce-giants-over-allegations-of-child-exploitation.html
Ireland: DPC Issues Statement on AI Training Involved in LinkedIn
Source: Data Protection Commission (DPC)
https://www.dataprotection.ie/en/news-media/latest-news/dpc-statement-linkedin-ai-training
Germany: Munich Regional Court Rules That OpenAI's Use of Lyrics to Train ChatGPT Constitutes Copyright Infringement
Source: Bavarian Ministry of Justice
https://www.justiz.bayern.de/gerichte-und-behoerden/landgericht/muenchen-1/presse/2025/11.php
South Korea: Publicly Consults on Draft Enforcement Decree of the "Artificial Intelligence Act"
Source: Ministry of Justice, South Korea
https://www.moleg.go.kr/lawinfo/makingInfo.mo?lawSeq=84360&lawCd=0&&lawType=TYPE5&mid=a10104010000
Canada: OPC Submits Consultation on Updating AI Strategy to ISED
Source: Office of the Privacy Commissioner of Canada (OPC)
https://www.priv.gc.ca/en/opc-actions-and-decisions/submissions-to-consultations/sub_ised_20251031/
Note
本文由Gen AI翻译,仅供参考。
Translated by Gen AI service. For reference only.
本期编辑:吴佳蔚 陈煜烺 林婉琪 陈瑞庭 张丽