China is one of the most dynamic markets in the AI-related sector, driven by rapid technological advancements and significant investments. Moreover, China was one of the first countries to start imposing regulations on AI technologies and services. Compared with the European Union’s risk-based regulatory approach on AI services, as reflected by the AI Act, China’s AI regulations are primarily focused on national security, social stability, algorithmic transparency and contents censorship, with stringent measures on data privacy and cybersecurity enforced by agencies such as the Cyberspace Administration of China (CAC). Currently, China’s regulatory framework for offering AI services is characterized by a robust and evolving set of regulations and guidelines, addressing various aspects such as data privacy, cybersecurity, the prevention of bias and discrimination in AI algorithms and the monitoring and control of the AI-generated contents.

1►

General Cybersecurity and Data Security Requirements

When offering AI services in China, especially through the internet or other information infrastructures, the legal requirements laid down by the Cybersecurity Law (网络安全法), Data Security Law (数据安全法) and Personal Information Protection Law (个人信息保护法) will apply.

Under China's Cybersecurity Law, AI service providers must adhere to stringent cybersecurity standards to protect the integrity and security of their systems, models, and data. This law mandates that companies establish robust cybersecurity practices, conduct regular security assessments, and ensure the security of network infrastructure. AI providers must implement measures to prevent data breaches, unauthorized access, and other cyber threats.

Under the Data Security Law, AI service providers are required to implement categorization and classification, establish strict data protection measures, and conduct risk assessments to identify and mitigate potential data security risks. That law also requires AI service providers to establish data security management systems and report any data security incidents to relevant authorities.

If any personal information is processed when offering services, AI service providers must comply with the rules provided by the Personal Information Protection Law. For example, AI service providers must obtain explicit consent from individuals before collecting their personal information and must inform them about the purpose, scope, and methods of data processing. They are also required to implement robust data protection measures, such as encryption and anonymization, to protect personal information from unauthorized access and breaches.

In addition, China’s restrictions and requirements on cross-border data transfer under those three laws and other regulations will also apply to the offering of AI services if any cross-border data transfer is involved. 

2►

Basic Requirements for Offering AI Based Services

Since 2021 to date, with the goal of creating a secure, fair, and trustworthy AI ecosystem in China, the CAC has promulgated three major regulations addressing the provision of AI based services: the Provisions for the Administration of Algorithmic Recommendations in Internet Information Services (互联网信息服务算法推荐管理规定) (2021), the Provisions for the Administration of Deep Synthesis in Connection with Internet Information Services (互联网信息服务深度合成管理规定) (2022) and the Interim Administrative Measures on Generative AI Services (2023) (生成式人工智能服务管理暂行办法). These regulations set out the basic compliance obligations for AI services providers in China.

The Provisions for the Administration of Algorithmic Recommendations in Internet Information Services impose a series of obligations on the service providers that use recommendation algorithm technologies (including generation and synthesis technology, personalized recommendation technology, ranking and selection technology, retrieval and filtering technology, and dispatching and decision-making technology to provide users with information) to run their Internet-based information services. These obligations include identifying and preventing the distribution of illegal information, promoting information that conforms to mainstream value orientations, establishing an algorithm review mechanism, making the algorithmic recommendation service-related rules transparent, and managing user profiling and labeling without using harmful information as keyword tags.

The Provisions for the Administration of Deep Synthesis in Connection with Internet Information Services impose compliance obligations upon service providers using deep synthesis technology (technologies that utilize algorithms, such as deep learning and virtual reality, to synthesize or generate text, photo, audio, video, or virtual scenes) to provide Internet-based information services. These obligations include establishing a database to identify illegal or adverse information, adding tags to information generated using deep synthesis technologies, authenticating users’ real identities before allowing them to use deep synthesis information publishing services, and more.

The Tentative Measures for the Administration of Generative Artificial Intelligence Services (生成式人工智能服务管理暂行办法) define “generative AI technology” as the models and related technologies that have the ability to generate content such as text, images, audio and video. This regulation applies to the service providers that utilize generative AI (GAI) technology to provide services to the public within China, including the provision of GAI services through programmable interfaces. The obligations include implementing mechanisms to monitor, identify and dispose of illegal content and add tags to mark generated content, protecting personal information, users’ input data, and use records, refraining from unlawfully collecting or using personal information, disclosing transparent information about GAI services, signing service agreements with users, establishing mechanisms to receive and respond to public complaints and reports, and complying with requirements about training data and respecting intellectual property rights.

3►

Control and Censorship of AI Generated Content     

Preventing the online distribution of “illegal information” is always the top priority in Chinese authorities’ regulation of cyberspace and Internet. The Cybersecurity Law clearly requires all network operators to monitor and manage the information published by their users and take actions to stop the transmission of illegal information and delete it. More detailed requirements are laid out by the regulatory document called Provisions on the Governance of Network Information Content Ecology (网络信息内容生态治理规定). This document requires operators that provide information dissemination services through the Internet to establish and implement mechanisms to screen the content published on their websites, platforms or applications and for the purpose of detecting the illegal information and preventing the dissemination of such information and deleting them immediately. When providing AI-based content generation services in China, the providers must comply with the above requirements.

Similar requirements are also provided under the Provisions for the Administration of Deep Synthesis in Connection with Internet Information Services, which obligate service providers to establish and implement mechanisms to review input data and generated data to detect and delete illegal information and report it to authorities. Furthermore, according to the Tentative Measures for the Administration of Generative Artificial Intelligence Services, upon discovering any illegal content, providers should promptly take measures such as terminating generation or transmission of such content, optimizing and training the models to rectify the issue, and reporting the same to authorities.

It is important to note that, in China, “illegal information” is a very broad and vague concept and can include information that may be deemed normal in other countries and regions. For AI service providers offering content generation services in China, it is crucial to train models with special datasets to identify such illegal information in the input data and ensure that the content generated by their services does not include such information.

4►

Requirements on Algorithm Filing and GAI Services Filing

Algorithm filing (AF) and GAI service filing are unique regulatory mechanisms for AI services in China, with the goal of ensuring transparency, accountability, and security in the deployment of AI technologies.

The core legislation providing for the AF mechanism is the Administrative Provisions for the Administration of Algorithmic Recommendations in Internet Information Services, under which the providers of the services with public opinion attributes or social mobilization capabilities are required to file for records for the algorithm of their services with the CAC on the CAC-managed online submission system. The content to be submitted and reviewed under the AF mechanism includes the identity of the service provider, internal rules and policies in place to achieve algorithm safety, and detailed information related to the underlying algorithm (including the name of the relevant algorithm, basic algorithm rationale, algorithm operation mechanism, scenarios of application, etc.).

The Provisions for the Administration of Deep Synthesis in Connection with Internet Information Services also connect with the AF mechanism. These provisions require providers of deep synthesis services with public opinion attributes or social mobilization capability to undergo the AF procedure. The identity of the service provider is further divided by these provisions into “providers of deep synthesis services” and “technology supporters for deep synthesis services”, entailing differentiated obligations applicable to the two different roles.

On top of the AF requirements, the Tentative Measures for the Administration of Generative Artificial Intelligence Services provide additional filing requirements for GAI services with public opinion attributes or social mobilization capability, called “GAI service filing” or “large model filing”. Unlike AF, which can be filed and completed online with the filing system, GAI service filing is completed through an offline procedure. During the review, the CAC’s provincial branches will assign experts to guide companies in filling out the paper-based declaration form and preparing the required materials (including the security self-assessment report, training data’s labeling rules, assessment and testing question sets, etc.). After passing the assessment and technical testing at the provincial level, the final review of materials and technical testing will also be organized by the CAC. It should be noted that, compared with the AF mechanism, GAI service filing entails even more rigorous paperwork and technical review, which demands more technical details. For preparing the materials, specific requirements regarding corpus security, model security, security measures, and security self-assessment are provided by the technical document called Basic Security Requirements for Generative Artificial Intelligence Service,（生成式人工智能服务安全基本要求） published by the National Cybersecurity Technology Standardization Committee on March 1, 2024.

It is worth noting that one significant impact of the AF and GAI service filing requirements is that only large models and the relevant AI applications deployed within China can meet the obligations of disclosing technical details and security measures and pass the potential security and technical tests during the filing procedure. This means that international large models and AI services based on these models, which are deployed outside of China, will be unable to meet these filing requirements and thus cannot be legally provided to users in China.

5►

Security Assessment Requirements for AI Services with Attributes of Public Opinion or Social Mobilization Capability

Under the three regulations of AI based services, there is an additional security assessment for AI services that contains “public opinion attributes” or entails “social mobilization capability”.

Under a 2018 regulation called Provisions on the Safety Assessment for Internet Information Services with Public Opinions Attributes or Social Mobilization Capability（具有舆论属性或社会动员能力的互联网信息服务安全评估规定）, the CAC and the Ministry of Public Security (MPS) provide a list of examples on internet information services with “public opinion attributes and social mobilization capability”, such as forums, blogs, microblogs and chat rooms. According to such regulation, “public opinion attributes” and “social mobilization capability” are further interpreted as “channels for the public to express their opinions or are capable of mobilizing the public to engage in specific activities”.

Such security assessment is usually conducted through the online system administered by the MPS. The focuses of the security assessment include the appointment of security management personnel and organization, verifying user real identities, retaining user log information, managing illegal content, protecting personal information, establishing complaint and reporting systems, and providing support to regulatory and law enforcement authorities.

6►

Ethics Review Requirements

Similar to regulatory approaches in other jurisdictions around the world, China’s regulation of AI also emphasizes aligning AI with ethical standards. The Measures for Science and Technology Ethics Reviews (Trial Implementation) (科技伦理审查办法(试行)) outline mandatory ethical review processes for scientific and technological activities, including AI services. It requires ethical reviews for activities involving human participants, animal testing, and those posing ethical risks to life, health, environment, public order, or sustainable development. Institutions involved in life sciences, medicine, and AI are required to establish internal ethical review committees that include experts in relevant fields, ethics, and law, and have mechanisms for managing conflicts of interest.

These measures require that certain high-risk activities must be subject to further expert review. This will be organized by local government or industry-specific authorities after passing the initial review by the institutions’ own ethical review committee. The AI services-related activities subject to the expert review include (i) research and development of algorithmic models, applications and systems with the ability to mobilize public opinion and guide social awareness; and (ii) research and development of automated decision-making systems with a high degree of autonomy for scenarios involving security and personal health risks. This regulation ensures that AI services offered in China undergo rigorous ethical scrutiny, aiming to safeguard human rights, data privacy, and societal welfare.

China’s approach to AI regulation, with its emphasis on cybersecurity, data protection, content censorship and ethical standards, provides a robust framework that seeks to balance innovation with national security and social stability. Understanding and adhering to these comprehensive legal requirements is essential for successfully offering AI services in China, ensuring both compliance and the fostering of innovation within a secure and ethical framework.