Welcome to follow
The Journal of Chinese Sociology
2026年1月19日,The Journal of Chinese Sociology(《中国社会学学刊》)上线文章Digital platforms and the transformation of crime governance(《数字平台与犯罪治理转型》)。
| 作者简介
单勇
南京大学法学院教授、博士生导师
主要研究方向:犯罪学、刑法学、数据法学
Abstract
In response to the crisis of organizational regulation posed by new forms of cybercrime, the imperative to sustain the so-called “miracle of sustained social stability” in the digital age has become central to the transformation of crime governance. Within the analytical framework of state capacity, I argue that platform-based governance offers a pathway for this transformation across technological, organizational, and institutional dimensions. This governance model encompasses both governance via mega-platforms and governance via integrated comprehensive platforms. These two modes of governance are characterized by technical arrangements centered on data control, organizational strategies aimed at social integration, and institutional mechanisms grounded in preventive legal norms. Their development follows a “technology → organization → institution” logic, which constructs a system of digital bureaucracy. The significance of this shift lies not only in addressing the crisis of governance capacity through governance through platforms, but also in aspiring toward governance of platforms, a normative turn that emphasizes principles of good law and governance (liangfa shanzhi) and rationality of value.
Keywords
Digital platforms; Cybercrime; Platform-based governance; Digital bureaucracy system; Realization of the rule of law
The organizational regulation crisis
of new-type cybercrime
A crisis stemming from
post hoc responses
Against the backdrop of China’s “miracle of sustained social stability” and the emergence of a “crime inflection point”, the country’s overall crime landscape has undergone a structural transformation in the digital age. An inverse trend has emerged: while traditional crimes have declined, cybercrimes have spiked, signaling a shift from a pattern of “cities attracting crime” to “the Internet attracting crime”. Traditional crime has increasingly migrated online, and the Internet has evolved from being merely a target or tool of criminal activity to a distinct crime space. According to the Ministry of Public Security, cybercrime now accounts for approximately one-third of all recorded crime in China, with this proportion trending up (Lian 2019). In recent years, the number of new-type cybercrime cases handled by procuratorate organs has grown at an average annual rate of 40%, with a 54% increase reported in 2020 alone (Guo 2021). As Zhuang (2021) noted, “from 2018 to 2020, procuratorate organs prosecuted 43,900, 57,100, and 74,500 suspects for telecom and online fraud, respectively, reflecting an average annual increase of over 30%”. In 2020, the number of fraud cases—primarily telecom-related—surpassed theft cases for the first time, becoming the most prevalent type of crime nationwide. Field investigations conducted by the author further reveal that between January and July 2021, public security organs across China filed a total of 574,000 telecom fraud cases, marking a year-over-year increase of 17.6%, including over 2,500 cases involving financial losses exceeding one million yuan.
The escalating challenges cybercrime pose have prompted both active governance responses and a rich body of theoretical discourse. In practice, the state has introduced several new criminal charges through successive amendments to the Criminal Law, such as the offence of assisting information network criminal activities. These legal provisions have provided a statutory foundation for cybercrime governance and have contributed to the emergence of a post hoc, case-based response model grounded in responsive law, primarily via the criminal justice system. This governance model is characterized by reliance on the criminal law framework, with political and legal institutions leading the response, and event-driven, individual case handling as the dominant mechanism of enforcement. Theoretically, efforts to improve the legal architecture of responsive law have become a focal point in contemporary scholarship. These include the promotion of a proactive criminal law paradigm (Fu 2019), along with analyses of criminal legislation concerning cybercrime (Pi 2018), the emergence of new forms of crime (Liu 2017), and broader discussions on legislative reform. At the same time, critical reflections on the post hoc response model have emerged. Scholars have argued that China’s criminal countermeasures were originally designed with traditional crimes in mind, and their direct application to cybercrime has not adequately accounted for the distinctive features of the digital environment (Yu 2018). Others have noted limitations in judicial control and prosecution efficacy, particularly in the context of telecom fraud (Wang 2019; 2020). These critiques point to a deeper structural issue. In terms of detection, remote, non-contact forms of telecom fraud, now the most prevalent type of fraud, have lower detection rates than traditional, face-to-face fraud or the general average across criminal cases. The reliance on responsive law, epitomized by criminal legislation, allows for the punishment of only a small proportion of detected cases. This approach has proven largely ineffective in addressing the broader spectrum of cybercrime, especially the majority of undetected incidents and the “dark figure” of crimes that remain unknown to the system. The traditional organizational regulation system is grounded in the post hoc response model. Its growing failure in effectively addressing cybercrime has become increasingly evident, triggering a broader crisis in governance capacity. This crisis manifests along two key dimensions.
First, there has been a breakdown of on-site organizational regulations. Historically, this regulatory model has been effective in addressing street-level offences such as theft, relying on territorially bound, hierarchical structures of law enforcement with strong visibility. However, cybercrime, particularly online fraud, presents a different set of challenges. As a remote, non-contact form of crime, it is defined by its online natureand often transcends geographic boundaries. Offenders commonly exploit technological tools to operate across regions and even national borders, targeting diverse sectors such as social media, e-commerce, and finance. These crimes are notoriously difficult to detect, prosecute, and sanction due to obstacles in securing digital evidence, cross-jurisdictional coordination, and international judicial cooperation. High-profile examples such as the collapse of peer-to-peer (P2P) lending platforms illustrate the magnitude of harm: a single case may involve tens of thousands—or even hundreds of thousands—of investors, and result in financial losses amounting to billions of yuan. Such large-scale, digitally enabled crimes exceed the institutional and procedural capabilities of traditional on-site governance systems. Law enforcement responses are frequently delayed, crime prevention remains ineffective, resource costs are high, case processing cycles are lengthy, and the recovery of stolen assets is fraught with complications. Additionally, cases which involve the masses generate heightened weiwen (维稳; stability maintenance) pressure, challenging both judicial systems and political stability. In the digital age, the vast majority of criminal activities now have an online dimension. Even so-called “real space” crimes are increasingly interlinked with digital infrastructures and behaviors. Consequently, effective crime governance must navigate a hybrid terrain, a new world, where the boundaries between physical and virtual spaces are increasingly blurred. Therefore, the imperative is to transcend an exclusively territorial paradigm and initiate a structural transformation of organizational regulation, from reactive, site-specific enforcement toward proactive, digitally embedded online regulation.
Secondly, post hoc organizational regulation has proven increasingly sluggish and ineffective in addressing the complexities of cybercrime. Rooted in responsive law and case-by-case enforcement, this model offers limited preventive capacity. Its slow and reactive nature is ill-suited to the governance of China’s expansive online black industry (wangluo heichan), a term referring to internet-based crimes and the legally ambiguous services that support them, which serves as a fertile ground for the proliferation of new types of crime. These crimes are embedded in a sprawling and interlinked ecosystem that spans multiple stages, including account provision, tool development, trading platforms, technical support, mid-stream criminal execution, and downstream laundering and asset transfer. Estimates suggest that over 1.5 million individuals are involved in China’s online black industry, which generates an annual economic scale of several hundred billion yuan (Chen 2018). Although mid-stream crimes, such as telecom fraud or phishing, are more visible and thus receive more enforcement attention, they represent only a fraction of the larger online black industry. The upstream and downstream segments of this illicit economy are far more elusive and challenging to regulate. Law enforcement agencies face considerable difficulties in identifying offenders’ real identities, tracking the emergence of illegal “threads”, adapting to rapid technological iteration and the concealment tactics offenders employ, and confronting the increasing professionalization of cybercriminal actors. Post hoc organizational regulation, with its narrow temporal and spatial scope, lacks the reach and precision to penetrate this deeply networked and transnational criminal infrastructure. Furthermore, traditional governance frameworks—centered on real-space, territorially bounded institutions and reactive enforcement—are fundamentally misaligned with the demands of governing an industry that transcends physical borders and evolves in real time. As such, the online black industry and post hoc regulation represent not just two governance problems, but two paradigmatically different eras.
Moreover, this challenge reveals a deeper epistemological gap within criminology. For over two centuries, criminological thought has centered on traditional, terrestrial forms of crime. Yet the emergence of cyber-enabled and cyber-native crimes, characterized by the integration of virtual and physical domains, necessitates a reorientation in both theory and practice. The crisis of post hoc regulation in the face of cybercrime signals the urgent need for a comprehensive transformation in crime governance. It calls for the development of pre hoc organizational regulation, a proactive and anticipatory model that can mitigate the limitations of reactive, event-based enforcement by intervening earlier in the cybercrime lifecycle and addressing structural vulnerabilities across the entire criminal ecosystem.
The analytical framework
of state capacity
in responding to the crisis
The core of the crisis in organizational regulation lies in the erosion of the state’s capacity to govern crime. The theory of state capacity underscores the importance of societal dynamics in shaping state governance, emphasizing the state’s ability to penetrate, absorb, and exert control over society. As Migdal (2012) argues, state capacity entails “the ability to penetrate society, regulate social relations, extract resources, and allocate or use those resources in specific ways”—that is, to exercise authority through mechanisms of societal control and resource mobilization. This evolving relationship between the state and society forms the theoretical foundation for understanding the transformation of crime governance. Recent scholarship suggests a shift from a dichotomous view of “state versus society” to one of mutual interaction (Yu and Guan 2014), which has been described as multi-dimensional interplay between a hierarchical state and a networked society (Migdal 2013). This interplay reflects a hybrid dynamic of both “society within the state” and “the state embedded in society” (Li 2021). Traditionally, such interactions were grounded in physical proximity, with the state’s governance capacity assessed by its ability to penetrate, extract from, and manage real-world social structures. However, the digital age has upended this foundation; the physical social world has morphed into a hybrid digital-physical domain, wherein online and offline life are entwined. As a result, the interaction between state and society increasingly occurs through digital platforms, prompting a reconceptualization of crime governance capacity: from offline regulation to the online penetration, extraction, and control of digital society by a hierarchical state apparatus. The critical question that follows is: how is this digital control operationalized?
Improving state capacity
by introducing platforms
The emergence of digital platforms offers a potential response to the challenges posed by the crisis in state capacity. As key nodes of digital interaction, platforms have evolved into the central mediating infrastructure for online exchanges between the state and society. Defined as “digital infrastructures designed to facilitate the organization and interaction among users”, platforms are fundamentally data-driven, governed by algorithmic operations and user-facing interfaces, and shaped through commercial logics with user consent as a legitimizing principle (van Dijck et al. 2018). Their proliferation marks a transformation in social organization, as platforms re-centralize social coordination by enabling dense connectivity and large-scale information aggregation. Within the digital society, platforms now function as public infrastructure, serving simultaneously as communication hubs and organizational channels through which the hierarchical state engages with an increasingly networked population. The reach of platforms has also extended beyond commercial domains and into areas such as social governance and crime control. Acting as gatekeepers of cyberspace (Furman and Coyle 2019), platforms are increasingly tasked with regulating user behavior, particularly by preventing the use of their services for unlawful or illicit activities.
In practice, mega-platforms such as Alibaba and Tencent, often referred to as “super-large platforms”, have taken on central roles in cybercrime prevention and control, supported by expansive application ecosystems. At the same time, state-led efforts to construct “comprehensive governance platforms” (zonghe zhili pingtai; 综治平台) are unfolding across multiple jurisdictions, resulting in benchmark initiatives such as the National Anti-Fraud Big Data Platform. These developments illustrate how both super-large commercial platforms and state-administered governance platforms have become intermediaries through which the state penetrates, extracts from, and asserts control over the digital society. Collectively, they signal the emergence of a new model of “platform-based governance”.
The three levels of
platform-based governance
Platform-based governance extends beyond the mere application of information technologies; it constitutes a reconfiguration of the governance architecture itself, positioning digital platforms as hubs within a new organizational system. It has simultaneously fostered the development of a preventive legal framework, exemplified by emerging normative instruments in cyber law and legislative drafts such as the Anti-Telecom and Online Fraud Law. These shifts reflect organic integration between technical, organizational, and institutional arrangements aimed at the holistic transformation of crime governance in the digital age. While critiques of the post hoc response model have led to proposals for legal reform, such as revising the evidentiary thresholds in criminal adjudication, enhancing preventive mechanisms for victims, and promoting collaborative governance with internet corporations (Wang 2020; Jiang 2020), these strategies often lack systemic coherence. Specifically, they fall short in articulating the institutional foundations, responsible actors, and organizational mechanisms through which these measures are to be operationalized. Consequently, such proposals, though normatively desirable, remain conceptually and practically underdeveloped.
In contrast, platform-based governance offers a structurally grounded response to the crisis in state capacity, embedding its logic within the very fabric of the digital society. This society is understood as comprising three interrelated subsystems: a technical system at the foundational level, an organizational system at the meso-level, and an institutional system at the normative apex. These strata correspond respectively to technical, organizational, and institutional perspectives on governance transformation. As such, the comprehensive shift in crime governance entails not only the innovation of technical tools and methods, but also a reordering of inter-organizational relations among governance actors. At a more fundamental level, it demands the institutionalization of this transformation through normative frameworks that legitimize, stabilize, and regulate the integration of technological and organizational arrangements.
The internal logic of
the three-fold arrangements
Platform-based governance operates across three interconnected levels: technical arrangements, organizational arrangements, and institutional arrangements. The theoretical significance of governance transformation lies in unpacking the internal logic that links these three dimensions. On one level, the development of platform-based governance exemplifies a bottom-up trajectory—what may be described as a construction sequence of “technology → organization → institution”. This progression originates in foundational innovations within digital infrastructures. Yet, as cyberspace is primarily shaped and maintained by commercial internet platforms, effective interaction between the hierarchical state and the digital society cannot rely on technical instruments alone. Instead, it needs accompanying organizational and institutional scaffolding. Zhou (2017: 18) cautions that “the burden and complexity of large-scale state governance cannot be resolved solely through so-called ‘technical governance means’; technical tools alone are insufficient to address the substantive dilemmas of governance. It is the organizational reconstruction of the governance system that remains vital”. Similarly, Fountain (2010: 8) underscores the role of intermediary structures: “organizational and institutional arrangements act as mediating mechanisms in the implementation of technology”.
At the same time, the proliferation of platform-based governance has expanded the state’s data power, mediated through its collaboration with and oversight of digital platforms. This growing concentration of informational authority raises pressing normative concerns regarding the balance of power between the hierarchical state and the rights-bearing digital public. Therefore, any transformation of governance must be resistant the temptation to equate digital efficiency with governance legitimacy. In particular, the model must not devolve into a “digital Leviathan”—a regime of totalizing, panoptic surveillance. Rather, the trajectory must shift from a narrow focus on “efficient governance” to a broader commitment to “good governance”, grounded in accountability, transparency, and rights protection.
Thus, institutional arrangements must not only regulate but also normatively constrain the deployment of technical and organizational mechanisms. From this perspective, governance transformation also entails a countervailing logic— “institution → organization → technology”—in which institutional norms and values guide both structural design and technological implementation. This bidirectional relationship illustrates that institutional regulation is not ancillary, but foundational, to the integrity and legitimacy of platform-based governance in the digital age.
Accordingly, the developmental trajectory of platform-based governance reveals a construction path in which the technical system shapes both the organizational and the institutional structures, giving rise to a mode of “governance through platforms” that prioritizes efficiency and operational rationality. In contrast, the regulatory trajectory of platform-based governance emphasizes the constraining and normative role of institutional arrangements over the technical system.This approach constitutes “governance of platforms”, a model anchored in value rationality and public accountability. These dual dimensions, construction and regulation, and their respective logics, represent two distinct yet interconnected paths within platform-based governance. Together, they have emerged as central to contemporary debates on how to address the crisis of state capacity in the digital era.
Explorations of crime governance
involving platforms
Crime governance
by super-large platforms
“Super-large platforms” refers to dominant commercial entities that provide essential digital infrastructure and core platform services to society. With user bases numbering in the hundreds of millions, these platforms exert even greater control over users’ online behaviors than many law enforcement agencies, engendering a new infrastructure for the digital sphere. Their role in regulating online illegality and criminality is manifested in four key dimensions.
First, super-large platforms actively assist public security authorities in the detection and investigation of online criminal activities, particularly cybercrimes. For instance, Tencent (腾讯) has initiated an intelligent anti-fraud hub under its “Guardian Plan”. Since the onset of the COVID-19 pandemic in 2020, Tencent’s Guardian Security Team has submitted nearly 10,000 pandemic-related fraud leads daily to the National Anti-Fraud Center. Within two months, their collaboration facilitated the arrest of over 4,000 telecom fraud suspects and contributed to the resolution of more than 10,000 cases (Zhang 2020). By tracking suspects’ digital footprints, including social interactions, payment records, travel itineraries, and shopping histories, platforms have extended their influence into the domain of traditional crime control.
Second, these platforms spearhead targeted governance campaigns against online black and grey markets. Serving as the frontline in managing illicit digital industries, platforms such as ByteDance (字节跳动) have undertaken dedicated operations to combat fraudulent activities. In its “Woodpecker 2019” initiative, ByteDance deployed over a thousand algorithmic strategies and risk-control models to suppress traffic-brushing schemes. This campaign led to the deactivation of 2.03 million illicit Douyin accounts, the interception of 91.99 million fraudulent registration attempts, and the blockage of 551 million illegitimate requests to manipulate likes and follower counts (ZOL 2020). Such efforts not only curtail fraudulent activity but also aid in tracing the origins of cybercrime networks.
Third, super-large platforms are responsible for monitoring and reviewing user-generated content deemed illegal, inappropriate, or harmful. Such content not only facilitates criminal activities—such as online gambling—but also frequently serves as a communication channel between offenders and victims. In line with the Regulations on the Governance of the Network Information Content Ecosystem, major platforms have undertaken targeted self-inspection and rectification initiatives. For example, Baidu (百度) has addressed institutional vulnerabilities by introducing formal regulatory mechanisms; Kuaishou (快手) has established a dedicated task force for managing its online ecosystem; and Jinri Toutiao (今日头条) has refined its algorithmic recommendation systems while expanding its AI-driven detection models for pornographic and vulgar imagery. Collectively, these efforts have led to the removal of over 330 million pieces of illicit and harmful content, including material related to pornography, vulgarity, gambling, and fraud, and the sanctioning of more than 3.675 million offending accounts (You 2020). Thus, content moderation has become one of the most routine and institutionalized responsibilities of digital platforms within the broader framework of network and crime governance.
Fourth, market-based mechanisms involving super-large platforms and private technology enterprises are beginning to demonstrate significant potential in the fight against cybercrime. My investigations show that one technology company, supported by a super-large platform, has developed a cloud-based software as a service (SaaS) system that provides foundational technical support for digital investigations. Since 2017, over 1,700 public security agencies have accessed the company’s services—900 of them through paid agreements, while others have benefited from free access. The firm has developed several crime analysis tools, including Yunbu (云捕), Yunmi (云觅), and Fengdong (风洞), which utilize data analytics to identify investigative leads, locate suspects, and disentangle complex criminal networks, while facilitating evidence verification. In 2020 alone, the company’s tools contributed to the apprehension of more than 20,000 fugitives. This is unlike traditional models of police–enterprise collaboration, in which proprietary systems have been embedded within public security intranets. This SaaS model operates independently of law enforcement infrastructure. Thereby, it opens a market-based channel through which law enforcement agencies can engage with cyberspace and access external digital intelligence.
The first mode of engagement involves platforms assisting public security agencies in resolving individual cases. The second focuses on platforms conducting targeted campaigns against systemic risks, such as online black and grey markets, within their ecosystems. The third centers on content moderation, whereby platforms review user-generated information to provide early warnings and intercept illegal activities at preemptive and mid-process stages. These three modes represent mandated responsibilities under network governance laws and regulations—“required actions” that reflect platforms’ legally defined obligations. By contrast, the fourth mode is a voluntary initiative, wherein platforms and associated enterprises proactively innovate new mechanisms of crime governance, primarily through market-based solutions.
Together, these four modes illustrate a shared underlying logic: platforms strategically mobilize their advantages in technology, data access, network effects, and economies of scale to monitor and regulate the illicit online behaviors of users, who, in effect, represent digital proxies of citizens. In doing so, super-large platforms have evolved from mere “technology providers” into active “online supervisors”. The meaning of cooperative governance has shifted accordingly, from offering technical support to public security authorities to directly supervising users’ digital conduct. Within this emerging governance arrangement, the state retains responsibility for legal authorization, daily oversight, and policy direction, while platforms assume operational control in cyber-regulation. This configuration represents a new division of labor between state and corporate actors, redistributes governance authority, reduces the administrative burden on the traditional bureaucratic hierarchy, and fosters the emergence of a networked governance community.
Crime governance
by comprehensive governance platforms
Amid the broader digital transformation of Party and government institutions, local political and legal organs have spearheaded a re-organizational shift in crime governance through the development of comprehensive governance platforms. These platforms fall into two main categories: specialized platforms such as the National Anti-Fraud Big Data Platform, and integrated platforms exemplified by initiatives like Hangzhou’s “City Brain”. The governance actors operating within these platforms include public security authorities, political-legal committees, and grassroots government bodies. Their regulatory scope extends beyond high-level threats such as telecom fraud to encompass more foundational challenges in grassroots governance, including risks originating from police, litigation, and petition sources.
Comprehensive governance platforms serve as digital infrastructures that facilitate information aggregation, multi-source data integration, risk assessment, interdepartmental coordination, and online command in response to diverse governance challenges, including cybercrime. As digital artifacts of China’s evolving governance paradigm, these platforms reflect the state’s commitment to modernizing its governance capacity. They signal a shift in regulatory logic and organizational mechanisms, paving the way for a more intelligent, coordinated model of governance often described as a “platform-type government”. Based on field research in Zhejiang, Jiangsu, and other provinces, this study explores seven representative comprehensive governance platforms I have selected for in-depth case analysis (see Table 1).
Specialized platforms
for cybercrime governance
Case 1 features the “National Anti-Fraud Big Data Platform”, a unified system established by the Ministry of Public Security to coordinate the nationwide response to telecom fraud. The platform has expanded access to diverse information sources, developed advanced crime analysis models, and built coordination mechanisms with nearly 3,000 financial and payment institutions. This integrated infrastructure enables intelligent risk control and targeted interventions across all stages of telecom fraud. Within the first six months of its operation, the platform issued millions of early-warning alerts, quickly becoming the command hub of China’s anti-fraud campaign.
Case 2 highlights the “National Anti-Fraud Center App”, which includes both a public-facing client and a law enforcement terminal, each integrated with the anti-fraud big data platform. Key features, such as real-time fraud alerts, quick reporting mechanisms, chat partner identity verification, and an embedded reporting assistant, enable the app to function as a preventative “firewall” against victimization. From January to July 2021, the app issued 41.47 million early warnings, verified the identities of 7.42 million suspicious individuals, and received 1.73 million public reports.
Case 3 presents the “Wenzhou Anti-Fraud Brain”, a localized model that mobilizes an entire police force and broader society to combat telecom fraud. Built around seven operational scenarios, the platform facilitates coordination efforts across crackdown and prevention, personnel monitoring, loss prevention, and public education. For instance, the Fengdeng (风灯) module monitors city-wide fraud risks; Fengzu (风阻) enables real-time intervention to halt suspicious fund transfers; Fengjing (风警) manages individuals with fraud records or connections to high-risk regions like northern Myanmar. Additional modules support digital investigations (Fengsheng; 风声), inter-agency data sharing (Fengxiang; 风箱), the detection of black-market operations (Fengdong; 风洞), and targeted awareness campaigns for high-risk victims (Fengdi; 风笛).
Case 4 shifts focus to the governance of malicious debt evasion by private enterprises, a growing form of internet-based economic crime that encompasses loan fraud, contract fraud, and false bankruptcy filings. The Yixing Public Security Bureau utilized its platform to aggregate 30 categories, 120 subtypes, and over 12 million data points from multiple regulatory bodies. By applying a risk-prediction model, the platform generated 137 actionable risk alerts, enhancing inter-agency coordination. As a result, the region’s non-performing loan rate declined from 6.3% in 2015 to 1.57% in 2019.
Comprehensive platforms
for social governance
Social governance represents a broader and more integrated approach to crime governance, wherein public security is embedded within the larger project of the “Peaceful China Initiative”. Comprehensive governance platforms plan and execute crime prevention strategies within this wider framework by establishing organizational regulation systems, restructuring inter-agency relationships, and reshaping coordination mechanisms. Case 5 exemplifies the overall platformization of comprehensive governance in Province A. This platform conducts risk assessments across 22 key domains, including network governance, to enable anticipatory control of major threats.
Case 6 features governance innovation in Hangzhou, centered on the City Brain platform. This system integrates public administration into an intelligent governance framework composed of a “central system + functional departments + digital cockpits + application scenarios”. The platform coordinates real-time decision-making and risk prevention across multiple layers of the urban management system.
In Case 7, Jiaxing’s Social Governance Cloud Platform has established a regulatory structure known as “one cloud + five platforms + one hundred systems”. This platform facilitates the emergence of a platform-type government by enabling real-time sensing, data analytics, and precision intervention. A notable component is the Weijiayuan module, which builds digital infrastructure for grassroots governance by creating WeChat groups and mini programs at the grid level. As of June 2021, approximately 2 million citizens had been incorporated into this grid-based system through real-name registration, enabling the online negotiation of social conflicts and the resolution of disputes at their source.
Although these comprehensive platforms do not directly target cybercrime, they serve as foundational infrastructure supporting the operation of specialized crime governance systems. They embody the state’s broader vision of digitally enabled, proactive, and integrated governance.
Three mechanisms of
platform-based governance
Data control as a means
of technical arrangements
Platform-based governance is fundamentally structured around the relationship between platforms and users, and is characterized by large-scale, real-time, and highly precise data control. In this configuration, super-large platforms operate as data controllers, while users function as data subjects. As Feng and Xue (2020) argue, “the data obtained by data controllers is not an ordinary commodity but the life code of data subjects”. This logic, where “users are data”, constructs a “controller–online” dynamic, in which platforms continuously monitor user behavior through closed-loop mechanisms that identify, correlate, intervene in, and extract indicators of potential illegality.
The surveillance technologies super-large platforms employ are embedded in the digital routines of everyday life, rendering the operation of monitoring increasingly imperceptible. As such, platform-based governance has evolved into a form of “invisible” regulation, seamlessly woven into the fabric of users’ online experiences. In parallel, comprehensive governance platforms draw on data resources from the Internet of Things and broader internet infrastructures to collect, perceive, analyze, and respond to cybercrime and social risks in real time. Through data control, these systems promote the “legibility” (Scott 1999) and traceability of governance operations.
Crucially, this data-driven mode of governance does more than incorporate cyberspace into the regulatory domain—it also digitally mirrors, and in some cases, subsumes traditional “on-site” organizational regulation. As “online control” increasingly overrides “on-site control”, crime governance is shifting toward front-end prevention, signaling a fundamental transformation in the underlying logic of organizational regulation. In this context, data control emerges as a defining model of contemporary social governance, reconfiguring the spatial and temporal dimensions of state and platform power.
Social integration
as the goal of
organizational arrangements
The rise of the internet and digital platforms has reshaped the structural relationship between the state and society, diminishing the distance between them. This new governance architecture is anchored in the relational dynamic between platforms and users. The technical infrastructure of data control has facilitated panoramic online surveillance and full-coverage online mobilization, while internally catalyzing the reorganization and recentralization of regulatory systems. These developments have given rise to a new mode of governance and a novel organizational logic, with platforms functioning as hubs.
Super-large platforms have become critical organizational carriers for the state’s exercise of online control. Through regulatory mandates and institutional arrangements, the state delegates key responsibilities for cybercrime prevention to these platforms, enabling them to assume crime-control functions alongside their commercial service provision. This delegated model allows the state to extend its regulatory reach without assuming full operational control, thereby avoiding the potential risks of overt totalitarianism in crime governance. Acting as “super-integrators” that connect hundreds of millions of users, platforms are uniquely positioned to facilitate online mobilization. Unlike traditional street-level mobilization in physical space, platform-based mobilization is networked, transregional, instantaneous, large-scale, and often emotionally engaging. In targeted campaigns against cybercrime, this mobilization can generate a rapid, full-spectrum impact across digital ecosystems. For instance, a major short-video platform hosts tens of thousands of public security accounts that play a pivotal role in victim prevention. Through algorithmic amplification, these platforms assign greater visibility and traffic to public-security-related content, delivering anti-fraud messaging directly to users’ screens.
Comprehensive governance platforms also serve to integrate the actors, functions, and technologies of social governance, linking departments across all administrative levels and operational domains. By streamlining coordination and optimizing procedural flows, these platforms address longstanding challenges of fragmented governance and weak organizational capacity. Case 7 (the Social Governance Cloud Platform in Jiaxing Province) offers a compelling example. The city’s 4,559 general grids have been subdivided into 92,600 micro-grids, each assigned to one of 158,300 micro-grid leaders, primarily composed of Party members and local cadres. These grid structures are digitally mirrored in the Weijiayuan module, an online system that has incorporated over 2 million citizens (as of June 2021) through real-name registration. This structure enables vertical integration from the municipal level to counties (or districts), townships, village communities, grids, micro-grids, and ultimately households, giving rise to a governance model capable of providing seamless and responsive services to residents.
The platform’s relationship with users shifts depending on user identity. When users are governance personnel, the platform functions within a command–execution framework, directing governance tasks and tracking compliance. When users are residents, the platform facilitates digital interaction and negotiation, enabling participatory forms of conflict resolution and service delivery. In this sense, the platform acts as both administrative infrastructure and as a communication medium. Thus, the platform-type government emerging from these comprehensive systems lays a foundational structure for the front-end prevention of cybercrime, by embedding digital governance within the everyday rhythms of social life.
Preventive law
as the basis of
institutional arrangements
Responsive law, as embodied in traditional criminal law, provides the institutional foundation for a post hoc model of crime control. In contrast, platform-based governance targeting cybercrime is increasingly underpinned by a preventative legal framework, anchored in emerging network law norms and regulatory instruments such as the forthcoming Anti-Telecom and Online Fraud Law. Preventive law formalizes technical and organizational mechanisms for front-end risk control and imposes systematic crime-prevention obligations on internet platforms.
First and foremost, preventive law establishes an affirmative duty for platforms to monitor and intervene in users’ potential engagement in illegal or criminal activities online. For instance, Article 21(1) of the Draft for Soliciting Opinions on the Revised Measures for the Administration of Internet Information Services (January 2021) stipulates, “Internet service providers shall adopt technical and other necessary measures to prevent, detect, and stop the use of their services for illegal and criminal activities”. This provision reflects a shift from reactive to proactive enforcement, legally mandating that platforms assume an active role in crime prevention. Similarly, the revised Law on the Protection of Minors, enacted in June 2021, articulates that platforms bear legal responsibility to intervene when users engage in illegal or harmful conduct directed at minors.
Second, preventive law imposes a comprehensive security guarantee obligation on platforms concerning the integrity and safety of the platform ecosystem. This obligation encompasses multiple regulatory domains, including content moderation, algorithmic recommendation governance, personal information protection, data security, and the regulation of online black and grey industries. The Regulations on the Governance of the Network Information Content Ecosystem, enacted in March 2020, codify platforms’ responsibility to prevent the dissemination of illegal content by users. Similarly, the Regulations on the Administration of Algorithmic Recommendations for Internet Information Services, effective from March 2022, provide a legal foundation for platforms to adopt technical countermeasures against illicit content, and further mandates the implementation of anti-fraud mechanisms, particularly those which protect elderly users.
The Personal Information Protection Law, enacted in September 2021, reinforces platforms’ obligation to safeguard user data and prevent cybercrime at its source by addressing the risks of personal information leakage. While these regulatory instruments each articulate components of the security guarantee obligation in a fragmented manner, the Guidelines for Internet Platforms to Fulfill Their Main Responsibilities (Draft for Soliciting Opinions), released in October 2021, establishes a more systematic framework. These guidelines cover a broad range of duties, including: assessing the risk of users disseminating illegal content; establishing and maintaining robust content moderation systems; managing user behavior by identifying and intervening in illegal online activities; monitoring platform content; restricting the sale of prohibited goods; regulating online black and grey markets; and ensuring compliance with network security, data security, personal information protection, and law enforcement cooperation.
Third, preventive law imposes a specialized anti-fraud prevention obligation on platforms through the Anti-Telecom and Online Fraud Law. This law designates internet service providers as “gatekeepers” in the national anti-fraud architecture. Article 5 mandates that platforms establish internal risk control mechanisms and assume clear security responsibilities. Articles 18 to 23 enumerate specific duties for internet service providers, including the implementation of real-name user registration systems, the management of abnormal accounts, and the surveillance of industries associated with fraudulent activity. Articles 27 and 28 provide the legal foundation for platforms to adopt technical countermeasures, while also authorizing public security authorities to develop early-warning and dissuasion systems aimed at protecting potential victims.
In contrast to the formalized institutional arrangements governing super-large platforms, the regulatory framework for comprehensive governance platforms remains nascent, though there has been some progress at the provincial level. For instance, the Regulations on Promoting the Digital Economy of Zhejiang Province, announced in December 2020, and the Regulations on Public Data of Zhejiang Province, implemented on March 1, 2022, provide a foundational legal basis for the construction of intelligent governance infrastructures at the local level.
In summary, “governance through platforms” marks a paradigmatic shift in crime governance, from on-site reactive responses to online, preventative strategies. Through the convergence of technical capabilities, organizational restructuring, and evolving legal frameworks, platform-based governance is forging a new pathway for sustaining the so-called “miracle of stability” in an increasingly digitized society.
The internal logic
behind the rise of
platform-based governance
The rise of platform-based governance is not merely a reactive response to external crime challenges but is also driven by an internal logic of its own. This logic is manifested through the technical, organizational, and institutional arrangements that underpin platform-based governance. At its core, it reflects a governance reform trajectory structured around a triadic progression, “technology → organization → institution”, through which technological developments shape organizational transformations, which in turn are codified into institutional norms.
The technical remodeling
of digital platforms
Digital platforms with massive scale effects have progressively embedded themselves at the core of societal operations, facilitating the re-centralization of cyberspace. As such, individual digital existence has become increasingly dependent on platforms, which now serve as the primary integrators of the digital society, bridging the virtual and physical realms and enabling seamless interaction between online and offline domains. The evolving relationships among the state, platforms, and users have generated novel modes of interaction, giving rise to a platform ecosystem characterized by the properties of an “omnipresent system” (Zhao 2022). Within this configuration, the platform has emerged as a crucial intermediary infrastructure for national governance.
As the light of platform-based governance extends into every corner of society, a new “platform society” is emerging, rooted in platform-mediated relationships and structured around a centralized platform ecosystem. As van Dijck et al. (2018) argue, platforms have penetrated the very core of social life, bypassing traditional administrative systems, altering social and civic behavior, and reshaping the structural foundations of national society. From a technical standpoint, the rise of platforms has enabled a reconfiguration of crime governance, giving rise to a platform-based governance model in which the management of users is the primary mode, and data controls its operational essence.
At the heart of this “platform management of users” is the platform’s dual role as a data repository and a technological toolbox. Data is continuously harvested and aggregated through the sensory and transmission capabilities of integrated software and hardware systems. Platforms serve not only as hubs for data consolidation but also as engines for mining, analyzing, and generating value from data. Within this architecture, platforms embed technological capabilities into their ecosystems, forming a vast data system that facilitates cross-platform integration and the consolidation of digital information.
As data from disparate sources converge, the resulting systematic profiles of criminal subjects provide ideal samples for constructing online risk-control technologies. These technologies, designed to monitor, predict, and intervene in potential criminal behavior, are embedded within the platform’s infrastructure. Consequently, the governance of crime is increasingly reoriented towards platforms as the central intermediaries linking physical and digital domains. Through this transformation, platforms acquire intermediary power: they become critical governance actors tasked with managing user behavior and extending state regulatory reach into cyberspace. Therefore, platform-based governance becomes the operational arm through which the state enacts online surveillance, risk management, and control.
Secondly, the essence of “platform management of users” lies in the reconfiguration of citizenship through digital means, which is essentially an online household registration. Traditionally, identity management was based on the household registration (hukou) and national ID card systems, which served to identify citizens and record their movements within physical space. However, in the digital era, citizens are primarily recognized through their digital identities as platform users. Most individuals are encoded via a unified digital identifier, typically a user account, through which they access and interact with platform services.
Under the logic of “users as data”, platforms employ sophisticated algorithmic infrastructures to continuously monitor, analyze, and categorize user behavior. Through this process, vast repositories of individual user profiles are generated. A new relational paradigm emerges in which users exchange personal information for access to services, while platforms, in turn, accumulate granular, continuous insight into user behavior. This shift has amplified the scope and depth of surveillance, generating new modalities of power, novel techniques for behavioral influence, and an emergent architecture of digital governance.
This online household registration and citizenship system enables platforms to observe, record, profile, score, and classify users with high precision—an efficient yet opaque mechanism of social control characteristic of the digital age. In this sense, cybercrimes are not external to platform operations but are embedded within them: most traditional offenders are also platform users, and conventional crimes now leave behind extensive digital traces within the platform ecosystem. Given that contemporary crime often occurs within or through platforms, the platform has emerged as a “natural” regulator of cybercrime—an actor structurally positioned to detect, intervene in, and manage deviant digital behavior.
Finally, the operationalization of “platform management of users” depends on the application of big data risk control, specifically through the sequence of data collection, behavioral scoring, and algorithmic intervention. As Fan and Li (2021) argue, tech giants’ power operation mode resembles not only a super-sovereign body aggregating data, capital, and technology, but also a complex system saturated with power and invisibility. As platforms increasingly “see through” users, they develop and apply closed-loop mechanisms of control in which digital surveillance is no longer passive but predictive and interventionist by design. The controlled steps are as follows.
Step 1 The initial step in platform-based user governance is the datafication of user activity, which serves as the foundation for digital control. Platforms continuously capture and transform users’ online interaction data. This process reveals what Mayer-Schönberger and Cukier (2013) describe as the platform’s implicit metaphor of “reality mining”, whereby every trace of user behavior is treated as a data resource. Through the analysis of digital imprints, platforms extract behavioral patterns, infer user intent, and establish probabilistic associations between user actions and potential criminal activity. In doing so, they construct a system of panoptic surveillance that is tireless, totalizing, and anticipatory—one that moves from predicting social risks to intervening in them, from risk detection to user discipline.
Step 2 This comprehensive data control is operationalized through a scoring mechanism underpinned by algorithmic decision-making. Risk assessments, user profiling, content moderation, and behavioral predictions all rely on algorithmic scoring models. As Hu (2019) argues, scoring illustrates the emergence of a novel, highly mobile form of power which is embedded in the mundane operation of platforms, yet shapes the users’ lives. Scoring mechanisms are simultaneously the products of datafication and preconditions for precise, targeted intervention.
Step 3 The final stage in platform-based governance involves the automatic detection of user behaviors and the implementation of precision interventions based on algorithmic scoring outcomes. This model of predictive governance allows platforms to pre-empt perceived risks. For example, in the first quarter of 2018, Google removed nearly 10 million user-uploaded videos involving terrorist or hate speech, with over 7 million of these flagged by automated systems such as machine learning algorithms (Bloch-Wehba 2019). Similarly, field investigations reveal that ByteDance employs a hybrid model of artificial intelligence and manual review to intercept and process user violations on the Douyin app, averaging more than one billion interventions per day targeting illicit account registrations, content manipulation, and the dissemination of illegal content.
In an ecosystem where platforms are embedded in everyday life and increasingly interoperable, both individuals and objects become inextricably linked to the platform architecture. Unlike the reactive, post hoc response models of traditional governance, platform-based governance ensures that all behaviors are continuously recorded, archived, and subjected to real-time analysis; each user becomes a legible and classifiable digital subject. This shift enables behavioral predictability and administrative control, thereby facilitating front-end prevention, and in effect, replacing the foundational technical infrastructure of conventional crime governance.
Organizational innovation
in the platform-based state
While platform-based governance is underpinned by digital technologies, its most profound impact lies in the emergence of a new organizational logic. The platform model has amplified the integrative, mobilizing, and controlling capacities of regulatory institutions. Simultaneously, the organizational regulatory system itself is undergoing adaptive transformation in response to the rise of platform society, accelerating its evolution into a “platform-based government”. This evolution reflects a growing structural coupling between the platform state and platform society.
Contrary to earlier accounts that interpreted the state’s embrace of digital platforms as merely a form of incremental innovation using technology to enhance existing administrative functions, recent developments suggest a deeper level of organizational creativity (Song 2020). This creativity entails fundamental reconfigurations in how state authority is organized and exercised. The integration of platform logic into governance infrastructures narrows the distance between state and society. The architecture of crime governance, in particular, has shifted from a singular structure in which “the state governs individuals” to a two-tiered system wherein “the state governs platforms, and platforms govern users”.
First, platform-based governance represents an inevitable organizational strategy for platform-based governments seeking to rationalize crime prevention. While the rise of digital platforms initially followed market logic, their incorporation into crime governance increasingly reflects state intent and marks a critical phase in state-building. Under the ideological framework of “government as a platform” (O’Reilly 2010), the platform-based state’s ambition to achieve “controller presence and online integration” is materializing. Given that society functions as an interconnected whole rather than a fragmented aggregate, and insofar as cyberspace remains structurally entangled with physical space, states that govern the latter will necessarily seek commensurate authority over the former. Although at first glance the deployment of platforms appears to be a functional response by governments to technological innovation, it has gradually evolved into a distinct organizational formation grounded in bureaucratic structures (Ansell and Gash 2018). Platform-based governments employ comprehensive governance platforms to horizontally integrate bureaucratic “lines” (vertical authority) and “blocks” (territorial divisions), thereby enabling panoramic surveillance and coordination in physical space. Simultaneously, through reliance on super-large commercial platforms, they extend their regulatory reach into cyberspace, facilitating the platformization of crime governance.
Secondly, the organizational logic of the platform-based government transcends the traditional binary between “state” and “society”, and gives rise to a two-tiered structure in which the state governs the platform, and the platform governs its users. The state’s governance of platforms manifests as an organizational strategy to incorporate social regulation through digital infrastructures. By integrating technological tools with bureaucratic functions, state authority is extended downward, reaching the grassroots level, the sources of governance, and the expanses of cyberspace. Through the mobilizing capacities of comprehensive governance platforms, the platform-based government enhances its governance at the peripheries, ensuring that governance directives travel through vertical and horizontal bureaucratic channels without fragmentation or distortion. Moreover, by embedding platforms within the socio-cultural fabric and attuning them to public sentiment, the state constructs a governance community in which the platform becomes an organizational conduit between state authority and everyday life. Simultaneously, platforms’ governance of users maintains digital social order via online control mechanisms. Through algorithmic regulation and predictive risk assessments, platforms facilitate more effective cyber governance, enabling front-end interventions that target sources of deviance and black-market online activity. In doing so, platform-based governance offers a strategic response to emerging risks such as novel forms of cybercrime, enhancing the state’s capacity for preventative, high-efficiency crime management.
Finally, the organizational logic of platform-based government compensates for the limitations of purely technical logics, working in tandem with them to enable the expansion of platform-based governance. As Fountain (2010) argues, technology cannot determine its own development process; rather, its implementation is shaped by mediating organizational, political, and social arrangements. While technical logic focuses on the means of control—i.e. how to regulate which objects—it often lacks integration with the agents of governance and the practical modalities of implementation. That is, it does not resolve the fundamental questions of who governs, through what structures, and towards what ends.
Although many technical strategies of governance appear theoretically autonomous, they are frequently abstract and underspecified in organizational terms, making them difficult to operationalize in practice. Organizational logic addresses this gap by framing crime governance as a structured process enacted through the platform-based state. Within this model, governance is conceptualized as a two-tiered system: the state governs the platform, and the platform governs the user. This layered configuration consolidates the elements of governance, such as subjects, methods, and targets, into a coherent regulatory mechanism. In this sense, the evolution of platform-based governance emerges from a dual movement between technical and organizational logics. The platform-based government is not simply a byproduct of digital transformation but a generative actor that embeds technical systems within bureaucratic frameworks, enabling the institutionalization an...
热门跟贴