CopyrightAnti-Unfair Competition Law

Final Judgment Rendered in miHoYo v. Candou.com: Game "Leaks" Ruled as Unfair Competition (Part I)

米哈游诉蚕豆网终审落锤:游戏“偷跑”被认定为不正当竞争(上)

January 6, 2026
6 views

Summary

This article analyzes the final judgment of MiHoYo's lawsuit against the website "Candou" regarding leaked information and its landmark significance for the gaming industry. The court ruled that "Candou's" unauthorized publication of extensive undisclosed Genshin Impact content constituted both copyright infringement and unfair competition, awarding 330,000 RMB in damages. The pivotal breakthrough of this case is the clarification that even if a distributor is not the original source of a leak, using "insider leaks" to disrupt commercial operation plans remains illegal. The article further categorizes four typical types of leakers: internal employees, outsourced service providers, closed-beta players, and technical data miners. Legal liabilities for these parties span labor law violations, breach of contract, tort, and even criminal charges. This case signals that game leak disputes have formally entered a comprehensive judicial framework, which broadens the scope of protected objects (such as dynamic visuals) and warns that distributors are no longer in a "safe zone."

In March this year, the final judgment was rendered in the case of miHoYo suing the game information website "Candou.com" over information leakage. In the two years leading up to the lawsuit, Candou.com and its affiliated self-media matrix accounts published nearly 100 posts featuring confidential game content from Genshin Impact, covering a total of 16 game versions. The Beijing Intellectual Property Court delivered the final judgment, upholding the first-instance ruling. The court determined that the conduct of Candou.com’s operator constituted both copyright infringement and unfair competition, ordering them to pay 330,000 RMB in damages for economic losses. This marks the nation’s first effective judgment to determine that the dissemination of confidential game content constitutes infringement under Article 2 of the Anti-Unfair Competition Law, representing a significant landmark case.

PART 1

Case Review and Focus of Dispute

In the litigation, miHoYo asserted that between 2021 and 2023, "Candou.com" and its affiliated self-media accounts continuously published unreleased content related to Genshin Impact. This content encompassed core information such as character attributes (numerical values), event schedules, and skill mechanics. The key characteristics of the infringement included:(1)Large Scale of Content: Nearly 100 infringing posts were involved.(2)Extended Time Span: The leaks spanned across 16 game versions.(3)Obvious Non-public Sources: The content was clearly obtained through non-official channels.(4)Traffic-Driven Packaging: The content was packaged using sensationalist labels such as "Insider Leaks" (Neigui) and "First-look Exclusives" to drive user traffic.

During the trial, the Court focused on two primary issues:

1. Whether the content involved qualifies for protection under Copyright Law?

miHoYo submitted comparative evidence, including character illustrations, skill descriptions, and UI assets, to prove that the content possessed originality and certainty. The Court ultimately confirmed that the text, artwork, and screen captures involved constitute "works" or elements of works protected by law.

2. Whether a disseminator should bear liability for unfair competition if they are not the original source of the leak?

The Court specifically noted: The act of dissemination, by using methods such as "leaks" and "insider info," attaches itself to the plaintiff’s commercial influence (free-riding) and disrupts unreleased operational arrangements. Such behavior possesses clear illegitimacy. Therefore, even if the defendant was not the original source of the leak, they must still bear legal liability for the act of dissemination itself.

The most profound significance of this case for the industry lies in the following: For the first time, the "dissemination of confidential game content" has been explicitly recognized as an act that can independently constitute unfair competition, effectively removing the requirement to prove that the act of leaking itself was executed by the defendant.

PART 2

Typical Structure of Subjects in Game Leaks:Internal Employees, Outsourced Partners, Beta Testers, and Technical Implementers

Based on public cases in the industry in recent years, subjects involved in leaks can be categorized into four types. Each category differs in terms of burden of proof, legal structure, and judicial determination.

I. Internal Employees

As the group with the most direct access to core development content, internal employees pose the highest risk of leakage. For example, in the Wuthering Waves leak case publicly reported by Kuro Games, an internal employee leaked unreleased character skills and weapon images to platforms, which subsequently spread across social media. Due to the specific identity of these subjects, their liability manifests in several forms:

  1. 1.Labor Law Perspective: Breach of confidentiality obligations and violation of internal corporate policies.

  2. 2.Civil Tort Perspective: Infringement through the disclosure of confidential content causing economic losses to the enterprise.

  3. 3.Criminal Perspective: In severe cases, such actions may trigger criminal liability.

  4. Internal leaks are characterized by high content integrity, high destructiveness, and rapid dissemination, making them the primary risk focal point for game companies.

II. Outsourced Service Providers

Game R&D involves extensive production of art, sound effects, and storylines, often leading companies to outsource non-core or auxiliary work. However, if outsourced personnel unauthorizedly display unreleased character models, illustrations, or weapon settings during their contract or after resignation, it leads to premature exposure. A typical example is the leakage incident involving an outsourced contractor for Mr Love: Queen's Choice, where the individual uploaded unreleased illustrations and models online while claiming project involvement. The complexity of such disputes lies in:

  1. 1.Multiple Links: Contact personnel are often decentralized across various stages.

  2. 2.Burden of Proof: The game enterprise must simultaneously prove the partnership with the provider, the source of materials, and the fulfillment of confidentiality clauses.

  3. 3.Contractual Basis: Since the subjects are not employees, the chain of liability must be established through the service contract. Courts typically assess breach of contract or infringement based on contractual stipulations, access permissions, and authorized scope of use.

III. Beta Testers and KOLs (Key Opinion Leaders)

To improve game quality and market traction, companies often invite influencers or players to participate in Closed Beta Tests (CBT). In practice, some invitees fail to comply with Non-Disclosure Agreements (NDAs), capturing and distributing gameplay footage or mechanics via screenshots and screen recordings. In the judgment (2024) Hu 0115 Min Chu No. 38294, the Shanghai Pudong New Area People's Court ruled that continuous dynamic images (sequential frames) constitute original objects of protection. This means:

  1. Non-asset-based content (e.g., recorded gameplay) can also be the subject of infringement.

  2. The dual liability path of "Contractual Obligation + Copyright Infringement" for beta testers is further clarified. This case is landmark as it represents the first time the judiciary has included "continuous dynamic images" under independent legal protection.

IV. Technical Data Miners (Unpackers)

Beyond active human disclosure, some technical personnel use decompilation and unpacking (reverse engineering) to bypass security mechanisms and extract unreleased skins, maps, or event information. This is known in the industry as "Data Mining." Although some players claim "interest-based research," the essence is unauthorized illegal acquisition and dissemination. This often sabotages official warm-up and marketing plans and, in severe cases, triggers massive claims for damages. For instance, the case where a defendant (Guo) repeatedly unpacked and published test package content for Honkai: Star Rail shows that technical leakers have specific traits:

  1. 1、Concealed Infringement: Their methods are technically stealthy.

  2. 2、High Integrity: The extracted content is extremely complete.

  3. 3、Severe Disruption: They significantly sabotage version release schedules.

  4. 4、Circumvention of Technical Measures: Their actions are more likely to trigger severe liabilities related to bypassing technological protection measures (TPMs).

  5. These subjects, by bypassing security to leak test packages, constitute the most harmful group in the game leakage chain.

PART 3

Breakthrough in the "Candou.com" Ruling

Dissemination Alone Constitutes Infringement

The core value of this case lies in the following principle: Even if the disseminator is not the original source of the leak, the mere act of spreading confidential content can trigger comprehensive infringement liability. The court established this reasonableness determination from three perspectives:

  1. 1、Objective Disruption of Operational Cadence: The dissemination disrupted the game’s normal operational rhythm. "Premature leaks" cause player expectations to form ahead of schedule, preventing the official team from executing planned marketing and version-based operations.

  2. 2、Parasitic and Exploitative Nature of Dissemination: The defendant utilized expressions such as "Exclusive" and "Insider Leaks" to attract attention through confidential content, thereby securing advertising revenue. This behavior is characterized by commercial free-riding.

  3. 3、High Commercial Sensitivity of the Content: The premature spread of unreleased content constitutes a substantial interference with the right holder’s commercial interests.

Based on these findings, the court confirmed that the disseminator committed both copyright infringement and unfair competition, and was liable for compensatory damages.


The "Candou.com" case officially integrates game leakage disputes into a formal judicial determination system:

  • 1、Broader Identification of Protected Objects: Artwork, text, and continuous dynamic images within a game are all eligible for legal protection.

  • 2、Expansion of Liable Subjects: Disseminators of leaked game content are no longer in a "safe harbor"; the scope of liability has widened significantly.

  • 3、Increased Judicial Focus on "Disruption of Commercial Rhythm": The judiciary now places higher importance on the malicious disruption of business cycles. Consequently, game companies will become more proactive in seeking litigation-based remedies rather than relying solely on internal measures.

As product lifecycles shorten and content operation cadences accelerate, leakage disputes will increasingly enter judicial proceedings rather than remaining confined to internal management or platform-based take-down notices. In the next part, we will discuss how game enterprises should conduct rights protection and enforcement following a leak.

中文原文

今年3月,米哈游诉游戏资讯网站“蚕豆网”泄密案迎来终审判决。在被诉前的两年内,“蚕豆网”及其关联自媒体矩阵账号发布近百条《原神》涉密游戏内容,共涉及16个游戏版本。北京知识产权法院作出终审判决,维持一审结果,认定“蚕豆网”运营方的行为既构成著作权侵权,也构成不正当竞争,并判令其赔偿经济损失33万元。这是全国首例以《反不正当竞争法》第二条认定传播涉密游戏内容行为构成侵权的生效判决,具有里程碑意义。

PART 1

案情回顾及争议焦点

米哈游在诉讼中主张,自2021年至2023年期间,“蚕豆网”及关联自媒体账号持续发布与《原神》相关的未公开版本内容,内容涵盖角色数值、活动安排、技能机制等核心信息。其特点包括:(1)涉案内容规模大(近百条);(2)涉及版本跨度长(16个版本);(3)内容明显非公开渠道获得;(4)以“内鬼”“首发爆料”进行流量化包装。

而法院在审理中重点关注两个问题:

1.涉案内容能否构成著作权保护对象?

米哈游提交了角色立绘、技能文案、界面素材等对比证据,证明涉案内容具有独创性与确定性。法院最终确认:文本、美术、画面截图等内容均可构成作品或作品元素。

2.传播者虽非泄密源头,是否仍应承担不正当竞争责任?

法院特别指出:传播行为通过使用“爆料”“内鬼”等方式攀附原告商业影响力,破坏未经公开的运营安排,具备明显的不正当性。因此,即便被告并非泄密源头,仍需对传播行为本身承担法律责任。

该案对行业最重要的意义在于:

“传播涉密游戏内容”首次被明确认定为可独立构成不正当竞争行为,而无需证明泄密行为本身由被告实施。

(图片来源:米哈游法务部)

PART 2

游戏泄密主体的典型结构:

内部、外包、测试玩家与技术实施者
从近年来行业出现的公开案例来看,泄密主体大致可分为四类,而每一类在诉讼中的举证难点、法律结构、结果认定均存在差异。

(一)公司内部员工

游戏公司内部员工是最有机会接触核心开发内容的群体,也是泄密风险最高的环节。如库洛公司公开通报《鸣潮》泄密事件中,内部员工将未发布角色技能、武器图像泄露至平台并扩散至社交媒体。该类泄密因主体身份特殊,其责任形式包括:

1.劳动法层面:违背保密义务、违反内部制度;

2.民事侵权层面:泄露涉密内容给游戏企业造成经济损失;

3.情形严重时甚至可能触及刑事责任。

内部泄密的特点在于资料完整度极高、破坏性强、传播链条快速,是游戏公司最需要关注的泄密风险点。

(二)外包服务商

游戏研发涉及大量美术、音效、剧情等内容的制作,部分企业会将非核心或辅助性工作交给外包团队完成。然而,倘若外包员工在履约或离职后,将尚未公开的角色建模、插画、武器设定等资料擅自对外展示,就可能导致信息提前曝光。典型如《恋与深空》外包人员泄密事件。外包人员擅自将未公开立绘、模型上传网络并声称参与项目制作。此类纠纷的复杂性在于:

1.环节多,接触人员较为分散;

2.游戏企业需同时证明与外包服务商的合作关系、其资料来源、保密条款的履行情况;

3.外包人员“身份非员工”,责任链需通过合同认定。

法院往往从合同约定、访问权限、使用范围等角度综合判断是否构成违约或侵权。

(三)内测玩家与KOL

为了提升游戏质量和市场热度,游戏公司可能会邀请网络红人或普通玩家参与内测。但现实中,个别受邀体验者未能遵守保密约定,通过截图、录屏等方式将试玩画面或玩法机制发布到网络,迅速在社交平台扩散。在(2024)沪0115民初38294号判决中,上海浦东新区法院认定连续动态画面属于具有独创性的保护对象,这使得:

1.非素材内容也可构成侵权对象;

2.内测玩家的“契约义务 + 著作权侵权”双重责任路径进一步明确;

这是司法领域首次将“连续动态画面”纳入独立保护范围,具有代表性意义。

(四)技术解包者

除人为的主动泄露外,还有一些技术人员会通过反编译、解包等手段绕过安全机制,提取未上线的皮肤、地图或活动信息。这类行为在行业中被称作“数据挖掘”。虽然部分玩家打着“兴趣研究”的旗号,但其实质是未经授权的非法获取与传播,往往造成官方预热与宣传计划被提前瓦解,严重时还会引发巨额索赔。如郭某某多次解包并发布《崩坏:星穹铁道》测试包内容的事件显示,技术型泄密主体具有以下特点:1、侵权方式隐蔽;2、内容完整度极高;3、对版本安排破坏性严重;4、更易触及“技术措施绕过”等更严重的责任。

此类主体绕过安全措施,获取测试包体泄密,是游戏泄密链条中危害最大的群体。

PART 3

“蚕豆网案”裁判的突破:

传播行为本身即可构成侵权

该案的核心价值在于:即便传播者不是泄密源头,只要扩散涉密内容,也可能承担全面侵权责任。法院从三个角度形成合理性判断:

1.传播行为客观上扰乱了游戏的正常运营节奏:提前爆料造成玩家预期提前形成,使官方无法正常进行宣传、版本运营。

2.传播行为具有攀附性与利用性:使用“独家”“内鬼”等表述,以涉密内容吸引关注,获取广告收益。

3.涉密内容本身具有高度商业敏感性:未公开内容的提前扩散构成对权利人商业利益的实质性干扰。

基于此,法院确认传播者构成著作权侵权+不正当竞争,并承担赔偿责任。

“蚕豆网”案件使游戏泄密纠纷正式进入“司法认定体系”:首先,权利客体的认定更加宽泛,游戏中的美术、文本、动态画面均可能受到保护;其次,泄密责任主体范围扩大,游戏泄密传播者不再处在“安全地带”;最后,司法实践中对恶意破坏商业节奏破坏的重视程度提升,游戏公司也将将更积极采取诉讼方式应对泄密。

随着游戏行业产品周期缩短、内容运营节奏加快,未来泄密纠纷将更频繁进入司法程序,而不仅仅停留在内部管理或平台投诉层面。下篇我们将探讨游戏泄密之后,游戏企业应当如何进行维权。

分享文章

相关文章

General

【Weekly Gaming Law】Lawyers Comment on miHoYo’s Anti-Fraud Actions; Infringing “Reskinned” Game Ordered to Pay RMB 5 Million

【每周游戏法】律师评米哈游反舞弊;侵权游卡被判赔500万

This weekly update examines three recent legal developments in the gaming industry: miHoYo’s anti-fraud enforcement and supplier blacklist measures; a “reskin” infringement case involving a Three Kingdoms-themed card game resulting in a RMB 5 million damages award based on unfair competition; and Roblox’s launch of AI-powered interactive content generation tools. The article outlines the legal considerations arising from supply chain compliance, the boundary between public domain materials and protectable game design, and the intellectual property and compliance implications of AI-generated interactive content within UGC platforms.

0 views
General

How to Build Official Game Payment Systems in a Compliant Manner (Part II): Overseas

游戏官方支付如何合规搭建(二)海外篇

Against the backdrop of a global economic slowdown and evolving regulatory scrutiny over major app distribution platforms, an increasing number of overseas-oriented game companies are exploring the establishment of official website top-up platforms to reduce reliance on channel commissions. Building on the prior discussion of platform policies regarding payment redirection and third-party payment access, this article reviews practical cases of official website payment models adopted by several game companies, including their login mechanisms, purchasable content, regional availability, and qualification disclosures. Based on these practices, it outlines compliance considerations that overseas game companies should focus on when constructing official website payment systems, particularly in relation to account management, price display, promotional methods, and refund policy design across different jurisdictions.

5 views
General

EU’s DMA Enforcement Push: Apple and Epic Games Reach Temporary Truce

欧盟DMA强监管,苹果与Epic Games暂时握手言和

Since 2020, Apple and Epic Games have been locked in a global antitrust dispute over App Store policies. While Epic lost its U.S. lawsuit, it continued its resistance through noncompliance, resulting in a developer account ban. However, the dynamics shifted with the EU Digital Markets Act (DMA) coming into force on March 6, 2024. Epic reported that Apple, under pressure from the European Commission, agreed to reinstate its developer account in the EU. The DMA’s provisions, especially Article 5(3) and Article 6(4), require gatekeepers like Apple to allow third-party app stores and payment systems on iOS. Apple’s attempt to ban Epic amid DMA implementation triggered regulatory attention, leading to rapid Commission intervention. This incident not only highlights the DMA’s enforcement teeth but also signals a broader shift in platform governance within the EU. For global developers and digital exporters, especially those dependent on app store distribution, DMA compliance represents a strategic inflection point. Non-compliance risks include fines of up to 10–20% of global turnover, exemplified by the €1.84 billion fine Apple recently faced. As more third-party app stores (e.g., Mobivention, MacPaw) emerge, the EU’s digital market is poised for structural transformation.

4 views