At the start of the New Year, Jiangxi Education Departments Gaokao Score Inquiry Website (Jiangjiao Online) sparked widespread online debate after reports surfaced that its had been deleted, a move dubbed the "-Delete Runaway" incident. Had this occurred during the Gaokao score verification phase, it would have affected tens of millions of examinees.
In the digital age, data has become a core asset for corporate operations, with its security directly impacting business survival and growth. However, malicious incidents the Jiangjiao Online case employees deleted s and fled have occurred frequently, causing significant impacts on enterprises. This article will analyze from a legal perspective the nature of such actions, corporate rights protection strategies, and key legal considerations, providing comprehensive and actionable legal guidance for businesses and practitioners.
I. Legal definition of "employee deleting the and running away"
The internet slang term "delete s and flee" describes employees who, without proper authorization, maliciously delete corporate data before leaving. These actions—often driven by motives personal grievances or threats to the company for improper gains—target critical business assets including customer information, operational records, financial data, and core R&D achievements. Such sensitive information serves as the backbone of corporate operations and market competitiveness. When maliciously deleted, it can lead to business disruptions and leaks of trade secrets, creating multiple crises for companies.
II. Multi-dimensional legal review of "employees deleting the and running away"
(1) Violation of the rules and regulations of the enterprise
According to the Labor Contract Law of the Peoples Republic of China and the principle of enterprise autonomy management, most enterprises have formulated detailed provisions on data management and protection in labor contracts, employee manuals and other documents. The provisions on "deleting the and running away" are often scattered in the chapters of operation specifications, confidentiality clauses and information security systems.
Unauthorized deletion of corporate data is explicitly defined as a serious disciplinary violation and dereliction of duty. When such actions meet the severity threshold stipulated by regulations, employers may terminate employment contracts in accordance with Article 39 of Chinas Labor Contract Law without paying severance compensation. In the labor contract dispute between Qin and Song Company Limited, the court recognized economic losses incurred by the company based on submitted recordings, the plaintiffs admission of data deletion, and third-party recovery costs, thereby ruling the termination lawful. In the second-instance labor dispute case involving Dai et al., the court upheld the legality of the companys termination by citing employee handbook provisions mandating proper custody of corporate data assets prior to resignation. Similarly, in Chengdu Yan Companys labor dispute with Zhang, the court affirmed the contract terminations legality by considering both company policies and employees self-admitted data deletion in chat records.
For technology enterprises and their core departments such as R&D, operation and maintenance, data security is particularly critical. If an enterprise does not establish a clear data management system, it will lack effective constraints and basis for handling employees deletion behaviors, making it difficult to safeguard its legitimate rights and interests.
(2) Constituting a civil tort
From a civil law perspective, an employees unauthorized deletion of corporate data constitutes an infringement. According to Article 1165 of the Civil Code of the Peoples Republic of China, any person who negligently infringes upon anothers civil rights and causes damage shall bear tort liability. The employees deletion clearly demonstrated subjective fault, resulting in economic losses to the company. Therefore, they are legally obligated to provide compensation.
In the infringement case between Ai Co., Ltd. and Su, the company alleged that Su had programmed to delete log data, rendering its information security reports unusable and seeking compensation of nearly 90,000 yuan. In another case Shenzhen Le Co., Ltd. sued He for infringement, the company claimed that Hes resignation led to image deletion affecting hardware maintenance and R&D, causing a stores delayed opening. The company demanded data restoration and over 50,000 yuan in compensation.
Based on my experience handling such cases, corporate losses typically include both direct costs for data recovery and indirect damages from compromised trade secrets. For example, when a companys salesperson deleted a customer before leaving, the firm spent hundreds of thousands of yuan restoring the data. Simultaneously, losing key clients due to the leak meant the infringing employee would be liable for compensating these losses.
(3) suspected of a criminal offence
1. Crime of Destroying Computer Information Systems: According to Article 286 of the Criminal Law of the Peoples Republic of China, anyone who violates state regulations by deleting, ing, adding, or interfering with computer information system functions, thereby causing the system to malfunction with severe consequences, or by deleting, ing, or adding data and applications stored, processed, or transmitted within the system, resulting in serious consequences, shall be suspected of committing the crime of destroying computer information systems. In practice, employees who maliciously delete critical data causing business system paralysis that meets the statutory standard of severe consequences will be held criminally liable.
In October 2013, a cyber intruder infiltrated the cp.59.cnwebsites servers, deleted original data, and demanded 5,000 yuan, causing Zhengzhou XX Electronic Technology Development Co., Ltd. to suffer direct economic losses of 22,000 yuan. Given his prior criminal record, the perpetrator was convicted of damaging computer information systems and sentenced to two years and six months in prison. After a labor dispute with Shanghai Yunxx Information Technology Co., Ltd., Wu deleted critical files from the companys servers between October and December 2020, resulting in functional impairment of the "ZhuXX" APP. The company subsequently paid 12,000 yuan to restore the data.
2. Crime of Sabotage of Production and Business Operations: Pursuant to Article 276 of the Criminal Law of the Peoples Republic of China, acts involving the destruction of machinery equipment, harm to farming livestock, or other methods that disrupt business operations with malicious intent may constitute this offense. In the digital age data is vital for corporate operations, employee deletion causing severe operational disruptions and significant consequences could also be deemed as this crime.
After being dismissed by a company in Shenzhen in July 2018, Luo logged the companys server twice to delete the systems of Jin and E as revenge, which caused the companys business to be suspended and caused economic losses of 171,000 yuan according to the assessment. The court found him guilty of damaging production and operation and sentenced him to one year and two months in prison.
3. Trade Secret Infringement: Pursuant to Article 9 of Chinas Anti-Unfair Competition Law, any act involving the improper acquisition, disclosure, use, or unauthorized dissemination of a business secret by an entity or individual, or failure to maintain confidentiality obligations regarding such secrets, constitutes trade secret infringement. When employee-deleted data contains corporate trade secrets that meet the statutory requirements for infringement, the responsible party shall not only bear civil liability for compensation but may also face criminal prosecution under Article 219 of Chinas Criminal Law.
Third, the comprehensive legal strategy of enterprise rights protection
(1) Stop infringement in time
When an enterprise discovers unauthorized data deletion by employees, it should immediately activate its emergency response mechanism to promptly halt infringement activities. In accordance with contractual agreements and technical specifications, the company should submit a privilege revocation request to the partner to reset the super administrator account and prevent further data damage. Simultaneously, written disciplinary notices, warning letters, or legal correspondence must be formally issued to the employee. These documents clearly state the illegality of the actions, demand immediate cessation of infringement, and reserve the right to pursue legal liability. Such formal documentation serves both as a deterrent and as evidence to establish accountability.
(2) Comprehensive fixation of infringement evidence
When addressing infringement, enterprises should simultaneously collect evidence through two key approaches. First, utilize backend systems to obtain data deletion records containing timestamps, account identifiers, and file paths. Second, preserve electronic communications such as employee-to-company chats and emails. For instance, a company obtained conclusive evidence of an employees deletion operation through server logs. Additionally, businesses must document economic losses including third-party data recovery invoices, documented overtime costs, and financial reports detailing direct losses from service disruptions – all essential evidence for compensation claims.
(3) the reasonable use of alarm and litigation
After securing evidence, companies should determine appropriate legal actions based on the nature of employee misconduct. If the conduct constitutes a criminal offense, businesses must promptly report to public security authorities, cooperate with investigations, and pursue compensation through criminal incidental civil litigation. For non-criminal cases or independent civil lawsuits, companies may file claims under the Civil Procedure Law of the Peoples Republic of China, seeking tort liability from employees. During litigation, companies should strategically present evidence to strengthen their case and secure court support.
IV. LEGAL INSIGHTS AND COMPLIANCE GUIDANCE
(1) Data rights and interests have been fully protected by law
Article 127 of the Civil Code of the Peoples Republic of China stipulates that laws provide for the protection of data and virtual property in cyberspace, such provisions shall apply, explicitly recognizing data as a new category of legally protected assets. Article 7 of the Data Security Law of the Peoples Republic of China emphasizes that the state safeguards the rights and interests of individuals and organizations concerning data. Employees, based on employment contracts and professional ethics, are obligated to properly safeguard data related to their work.
(2) Enterprises should build a sound data security management system
Enterprises should elevate data security management to a strategic priority. Labor contracts and regulations must clearly define management protocols for data aggregation, backup procedures, and access control permissions, while establishing liability for employee data breaches. Regularly organize data security training sessions to enhance employees legal awareness. Implement robust data retention and backup mechanisms to minimize risks of data loss.
(3) Employees shall abide by professional ethics and resolve disputes according to law
Employees must strictly adhere to professional ethics and labor discipline, fulfill their duty of loyalty to the company, properly safeguard corporate data, and transfer materials in accordance with regulations upon resignation. In case of labor disputes with the company, they should resolve them through legal channels such as negotiation, arbitration, or litigation. Employees must refrain from taking illegal actions deletion to avoid civil compensation or even criminal liability.
"Employees delete the and run away" behavior is of great harm. Enterprises and employees should fully understand the importance of data security, strictly abide by laws and regulations and enterprise systems, and tly maintain a good workplace order and data security environment.
