Chinese AI Law

Strategic Foundation: The New Generation AI Development Plan

China’s AI regulatory framework operates within the ambitious policy vision articulated in the New Generation Artificial Intelligence Development Plan (2017), issued by the State Council. The Plan set the objective of making China the world’s leading AI innovation centre by 2030, with a domestic AI industry valued at over ¥1 trillion. The Plan emphasises the integration of AI into economic production, social governance, and national security, and calls for the establishment of a comprehensive legal and regulatory framework to support AI development while managing risks.

Subsequent implementing documents, including the New Generation AI Governance Principles (2019) issued by the National New Generation AI Governance Expert Committee, articulate eight principles: harmony and friendliness; fairness and justice; inclusivity and sharing; respect for privacy; security and controllability; shared responsibility; open collaboration; and agile governance. These principles inform the development of specific regulatory instruments.

Draft AI Law

China has commenced the process of drafting a comprehensive Artificial Intelligence Law, announced as a legislative priority in the 2023–2027 legislative plan of the National People’s Congress. The draft law is expected to consolidate and harmonise the existing patchwork of AI regulations, establish a unified regulatory authority, and address cross-cutting issues including liability, intellectual property, and fundamental rights. Public consultation documents indicate that the law will adopt a risk-based classification system, impose algorithmic transparency obligations, and require safety assessments for high-risk AI applications.

Generative AI Measures (2023)

The Interim Measures for the Management of Generative AI Services, effective August 2023, represent the world’s first comprehensive regulation of generative AI. The Measures impose obligations on providers of generative AI services, including text-to-image, text-to-video, and large language model systems. Key requirements include: (1) content that complies with socialist core values and does not subvert state power; (2) truthful and accurate training data that does not infringe intellectual property; (3) measures to prevent discrimination; (4) labelling of AI-generated content; and (5) obligations to report security assessments to the cyberspace administration.

The Measures also require providers to implement content filtering mechanisms, maintain training data transparency, and establish user complaint channels. Violations can result in warnings, fines, suspension of services, or revocation of operating permits. The Cyberspace Administration of China enforces the Measures and has published guidance on compliance expectations.

Algorithm Registration and Recommendation Regulation

The Internet Information Service Algorithmic Recommendation Regulation (2022) requires platforms that use algorithmic recommendation systems to register their algorithms with the CAC, disclose the basic principles of their recommendation mechanisms, and provide users with options to opt out of personalised recommendations. The Regulation targets recommendation-driven harms including echo chambers, information manipulation, and excessive commercial exploitation. It imposes specific obligations on recommendation algorithms used for news dissemination, requiring that official state media content receive priority placement.

The Management Provisions on Algorithmic Recommendations further require that algorithms not violate the principle of fair competition and not engage in differential pricing based on user profiling (so-called big data blackbox pricing or dà shùjù shā shú).

Deep Synthesis Regulation

The Provisions on the Management of Deep Synthesis Internet Information Services (2023) regulate AI technologies that generate or manipulate images, audio, and video (deepfakes). The Provisions require deep synthesis service providers to: (1) mark generated content conspicuously; (2) obtain consent from individuals whose likeness is used; (3) maintain technical logs for six months; (4) implement identity verification for users; and (5) refuse to generate content that violates laws or public order. The Provisions also prohibit the use of deep synthesis to spread false information or engage in fraud.

Facial Recognition and Biometric Data

The Supreme People’s Court Judicial Interpretation on the Handling of Facial Recognition Cases (2021) established rules for the lawful use of facial recognition technology. The Interpretation clarifies that facial recognition constitutes the processing of sensitive personal information under the Personal Information Protection Law (PIPL) and requires separate consent. It prohibits the collection of facial information in public spaces except for public security purposes, and requires building management and commercial establishments to offer alternative identification methods. Courts may award damages for unlawful facial recognition use and have done so in several reported cases.

Social Credit System and AI

China’s Social Credit System infrastructure relies heavily on AI for data aggregation, analysis, and scoring. The integration of AI into social credit raises distinct legal questions about algorithmic fairness, transparency, and the right to challenge automated assessments. The Regulation on the Administration of the Social Credit System currently under development is expected to address the role of AI in credit scoring, including requirements for explainability and appeal mechanisms.

AI Safety Governance Framework

China has established a AI Safety Governance Framework under the leadership of the Ministry of Science and Technology and the CAC. The framework includes a national AI safety testing and evaluation system, standards for AI system security, and protocols for responding to AI safety incidents. The White Paper on AI Safety Governance (2023) sets out principles for safety throughout the AI lifecycle, from data collection through deployment and monitoring.

CAC AI Content Rules

The Cyberspace Administration of China exercises broad authority over AI-generated and AI-curated content under multiple legal instruments, including the Cybersecurity Law (2017), the Data Security Law (2021), and the Personal Information Protection Law (2021). The CAC requires that AI content service providers conduct security assessments before launching their services, maintain content management systems, and cooperate with government oversight. The CAC has removed or restricted several AI services for non-compliance.

Outlook

China’s AI regulatory framework is among the most comprehensive and rapidly evolving globally. The combination of a strategic state-driven innovation agenda, strict content controls, and expanding regulation of algorithmic systems creates a distinctive legal environment that shapes how AI is developed and deployed within and beyond China.