Press "Enter" to skip to content

Measures on the Administration of Generative Artificial Intelligence Services (Draft for Solicitation of Comments)


The newer document resulting from this draft:


Article 1 These Measures are formulated on the basis of the PRC Cybersecurity Law, The PRC Data Security Law, the PRC Law on the Protection of Personal Information, and other such laws and regulations so as to promote the healthy development and regulated application of generative artificial intelligence.

Article 2: These measures apply to the research and development and the utilization of generative AI products, and to the provision of services to the public in the [mainland] PRC.

“Generative artificial intelligence” as used in these Measures refers to technology that generates text, pictures, audio, video, code, or other content based on algorithms, models, and rules.

Article 3: The State supports independent innovation, popularization of applications, and international cooperation in foundational technologies such as artificial intelligence algorithms and frameworks, and encourages giving priority to the adoption of safe and reliable software, tools, calculation, and data resources.

Article 4: The provision of generative AI products and services shall comply with the requirements of laws and regulations, respect social mores and good customs, and meet the following requirements:

(1) Content generated using generative AI shall embody the Core Socialist Values and must not incite subversion of national sovereignty or the overturn of the socialist system, incite separatism, undermine national unity, advocate terrorism or extremism, propagate ethnic hatred and ethnic discrimination, or have information that is violent, obscene, or fake, as well as content that might disrupt the economic or social order.

(2) During processes such as algorithm design, the selection of training data, model generation and optimization, and the provision of services, measures are to be employed to prevent the occurrence of discrimination such as by race, ethnicity, faith, nationality, region, sex, age, or profession.

(3) Respect intellectual property rights and commercial ethics; advantages in algorithms, data, platforms, and so forth must not be used to carry out unfair competition.

(4) Content created by generative AI shall be true and accurate, and measures are to be employed to prevent the generation of fake information.

(5) Respect the lawful rights and interests of others, prevent harm to the physical and mental health of others and their image rights, reputation rights, personal privacy, and the infringement of intellectual property rights. The illegal acquisition, disclosure, and use of personal information and privacy, as well as commercial secrets, is prohibited.

Article 5: Organizations and individuals using generative AI products to provide services such as chat or the generation of text, images, and audio (hereinafter “providers”) including the support of others generating text, images, audio, and so forth on their own through the provision of programmable interfaces or other means, are to bear responsibility as the producers of content generated by those products; and where personal information is involved, they are to bear the legally-prescribed responsibility as personal information handlers and perform obligations to protect personal information.

Article 6: Before services using generative AI products are provided to the public, a security assessment declaration shall be made to the State Internet Information Department in accordance with the Provisions on the Security Assessment of Internet Information Services that have Public Opinion Properties or the Capacity for Social Mobilization, and the procedures for filing algorithms or for modifying or canceling filings, shall be performed in accordance with the Provisions on the Management of Algorithmic Recommendations in Internet Information Services.

Article 7: Providers shall be responsible for the legality of the sources of pre-training data and optimization data for generative AI products.

Pre-training and optimization training data used for generative AI products shall satisfy the following requirements:

(1) Satisfy the Requirements of the Cybersecurity Law of the PRC and other laws and regulations;

(2) Not include content that infringes on intellectual property rights;

(3) Where the data includes personal information, the consent of personal information subject shall be obtained or it shall comply with other situations provided by laws and administrative regulations;

(4) Be able to ensure the truth, accuracy, objectivity, and diversity of the data;

(5) Other regulatory requirements of the state internet information department related to generative AI services.

Article 8: When manual tagging is used in the course of researching and developing generative AI products, the providers shall formulate clear, specific, and feasible tagging rules that meet the requirements of these Measures, conduct necessary training for tagging personnel, and make sample checks of the accuracy of tagging content.

Article 9: The provision of generative AI services shall require users to provide real identity information in accordance with the provisions of the “Cybersecurity Law of the People’s Republic of China”.

Article 10: Providers shall clarify and disclose the user groups, occasions, and uses of their services, and employ appropriate measures to prevent users from overreliance or addiction to generated content.

Article 11: During the provision of services, providers bear an obligation to protect information entered by users and usage records. Input information from which users’ identities can be deduced must not be illegally retained; profiling must not be conducted based on user input information or usage situations; and user input information must not be provided to others. Where laws and regulations provide otherwise, follow those provisions.

Article 12: Providers must not conduct discriminatory content generation based on users' race, country, sex, and so forth.

Article 13: Providers shall establish mechanisms for receiving and addressing user complaints, and promptly handle requests from individuals regarding the correction, deletion, or blocking of their personal information; and when it is discovered or learned that generated text, images, audio, video, and so forth infringe on others’ image rights, reputation rights, personal privacy, or commercial secrets, or that the requirements of these Measures are not satisfied, measures shall be employed to stop the generation and prevent continued harm.

Article 14: Providers shall provide safe, stable, and sustained service throughout the lifecycle to ensure users’ normal usage.

Article 15: Where generated content that does not comply with these Measures’ requirements is discovered during operations or reported by users, in addition to employing content filtering measures, repeat generation should be prevented through means such as model optimization training within three months.

Article 16: Providers shall label generated content such as images and video in accordance with the Provisions on the Administration of Deep Synthesis Internet Information Services.

Article 17: Based on the requirements of the state internet information department and relevant competent departments, providers shall provide necessary information that can impact user confidence or selections, including descriptions of the sources, scale, types, and quality of pre-training and optimization training data, the rules for manual tagging, the scale and types of manual tagging data, foundational algorithms and technical systems, and so forth.

Article 18: Providers shall guide users to scientifically recognize and rationally use content generated by generative AI, to not use generated content to harm the image, reputation and other lawful rights and interests of others; and to not conduct commercial hype or improper marketing.

When users discover that generated content does not meet the requirements of these Measures, they have the right to make a report to the internet information departments or relevant competent departments.

Article 19: When providers discover users have violated laws or regulations, or have conduct that is contrary to commercial ethics or social mores during their use of generative AI products, including engaging in online hype, malicious posting of comments, spam generation, compiling malicious software, or carrying out improper commercial marketing, they shall suspend or stop services.

Article 20: Where providers violate these Measures, penalties are to be given by the internet information departments or relevant regulatory departments in accordance with the provisions of the PRC Cybersecurity Law, The PRC Data Security Law, the PRC Law on the Protection of Personal Information, and other such laws and administrative regulations.

Where laws and administrative regulations are silent, the internet information departments and relevant competent departments are to give warnings, circulate criticism, and order that corrections be made in a set period of time on the basis of their duties; where corrections are refused or the circumstances are serious, they are to order that a suspension or termination of the offenders’ use of generative AI to provide services and give a fine of between 10,000 and 100,000 RMB. Where violations of public security are constituted, a public security administrative sanction is lawfully given; where a crime is constituted, criminal responsibility is to be pursued in accordance with law.

Article 21: These Measures will take effect on XX/XX/2023.


Click to rate this post!
[Total: 0 Average: 0]

Print this entry

CLT is a crowdsourced, crowdfunded legal translation project that enables English speaking people to better understand Chinese law.

Be First to Comment

    Leave a Reply

    Your email address will not be published. Required fields are marked *