Overview & Analysis
The Interim Measures for the Management of Generative Artificial Intelligence Services is China's first dedicated regulation specifically targeting generative AI — covering services that use generative AI technology to produce text, images, audio, and video for the domestic public. The Measures require service providers to ensure that generated content aligns with socialist core values and does not generate or spread illegal, harmful, or false information, and must not harm public safety, social stability, or individual rights. Providers are responsible for securing data sources, protecting personal privacy, labeling AI-generated content, preventing discrimination in algorithms and training data, and implementing complaint and reporting mechanisms. Critically, providers with services that have "public opinion attributes or social mobilization capabilities" must conduct security assessments and complete algorithm filings before offering their services.
In the context of rapidly advancing AI technology, this regulation both ensures the compliance of generative AI services and encourages technological innovation through an "inclusive, prudent, and classified supervision" approach. AI-generated content is widely used across news, entertainment, advertising, and education — having profound impacts on public opinion, information dissemination, and public safety. For multinational companies, this policy provides a clear compliance path for market entry in China, ensuring that generative AI applications comply with national laws and ethical standards. The Measures apply not only to Chinese-developed services but also to overseas providers offering generative AI services to users within mainland China.
The Measures are broadly applicable in AI contexts, especially in scenarios involving content generation. AI service providers that use generative AI technologies to generate content — whether in news publishing, advertising recommendations, entertainment content creation, social media interactions, or educational tutoring — must comply with the provisions.
1. Generative AI in News Publishing & Advertising Recommendations
In the news, advertising, and similar fields, AI-generated content must comply with national laws and public moral standards. Companies must ensure that generated content does not incite violence, spread false information, or engage in inappropriate conduct, and must comply with national regulations for news content. Services with public opinion attributes or social mobilization capabilities trigger mandatory security assessment and algorithm filing requirements.
2. Generating Interactive Content on Social Media Platforms
On social platforms, AI-generated interactive content — such as virtual characters or automated replies — must be clearly labeled to prevent users from mistakenly thinking it is human-created. Platforms must ensure that users are not misled by false or inappropriate content, especially when the content involves minors. Providers must also take measures to prevent minors from excessive reliance on or addiction to generative AI services.
3. Using Generative AI in Education & Training
On educational platforms, AI-generated learning content, assessments, or supplemental tutorials must comply with educational standards and not mislead students with incorrect learning information. Companies must ensure the authenticity and accuracy of educational content. Providers must clearly specify target user groups, applicable scenarios, and intended uses, and guide users to scientifically and rationally understand and lawfully use the technology.
4. Cross-Border Content Creation & Data Transmission
For generative AI applications involving cross-border data flows — particularly when dealing with international copyright and data privacy issues — companies must ensure compliance with China's data protection laws and provide appropriate safeguards. Overseas providers offering services to users within mainland China are also covered and must comply; the CAC can require technical measures to block non-compliant offshore services.
5. Virtual Reality, Metaverse, and Synthetic Media Platforms
On virtual reality or metaverse platforms, AI-generated content must be clearly labeled as AI-generated to prevent users from being misled during virtual interactions. In line with the Provisions on the Administration of Deep Synthesis of Internet Information Services, providers must label generated images, videos, and other content. Platforms should ensure clear labeling and appropriate content management, particularly when generating content related to virtual characters or identities.
The Measures provide multinational companies with clear compliance requirements for generative AI services in China, especially concerning content transparency, data protection, and social responsibility. AI project managers need to fully understand this policy and ensure their services comply with Chinese legal requirements to mitigate potential legal risks.
Determine Whether Your Service Triggers the "Public Opinion / Social Mobilization" Test
This is the most operationally important threshold. Services with public opinion attributes or social mobilization capabilities must conduct security assessments and complete algorithm filings before launch. If your generative AI service is consumer-facing, shapes opinions, or can mobilize significant user action, assume this test is met and build in the pre-launch assessment process. Do not treat this as an optional post-launch exercise.
Ensure Transparency & Compliance in Content Generation
All generated content — whether in news, advertising, social media, or educational resources — must meet the transparency requirements set forth in the Measures. Particularly when generating content related to social opinion, sensitive topics, or minors, labeling must be clear and easily identifiable to avoid misleading the public. Follow the deep synthesis labeling rules for images and videos, and ensure content output pipelines have built-in compliance checkpoints.
Strengthen Data Compliance & User Privacy Protection
For AI-generated content involving user data, ensure compliance with China's data protection regulations — particularly in the collection, storage, and use of user data. Consent must be obtained or other legal conditions met. Providers must not collect unnecessary personal information, must not unlawfully retain identifiable input information or usage records, and must promptly handle individual requests to access, copy, correct, supplement, or delete personal information.
Conduct Regular Service Audits, Risk Assessments & Incident Response
Establish internal review mechanisms to regularly assess the compliance of AI services. Providers must promptly take measures — including stopping generation, stopping transmission, and model optimization training — when unlawful content is discovered, and must report to competent authorities. Build a complaint and reporting mechanism with clear channels, documented processing procedures, and defined response timelines. Cooperate fully with regulatory supervision and inspections, including providing explanations of training data sources, scale, types, annotation rules, and algorithm mechanisms.
The Measures offer a comprehensive compliance framework for generative AI services in China. By ensuring transparency, data protection, and legal content generation — and by strengthening compliance management and conducting regular evaluations — multinational companies can effectively reduce legal risks and enhance platform credibility. These are not one-time steps; they must become ongoing operational practices embedded into generative AI product design, testing, launch, and post-deployment management.
Complete Legislative Text
Table of Contents
Where the State has other provisions regarding the use of generative artificial intelligence services in activities such as news publishing, film and television production, and literary and artistic creation, such provisions shall prevail.
Where industry organizations, enterprises, educational and research institutions, public cultural institutions, and relevant professional institutions develop or apply generative artificial intelligence technology but do not provide generative artificial intelligence services to the domestic public, these Measures shall not apply.
(1) Uphold core socialist values, and shall not generate content prohibited by laws and administrative regulations, including content that incites subversion of state power or overthrow of the socialist system, endangers national security and interests, harms national image, incites secession or undermines national unity and social stability, promotes terrorism or extremism, promotes ethnic hatred or discrimination, or involves violence, obscenity, pornography, or false and harmful information;
(2) In the processes of algorithm design, training data selection, model generation and optimization, and service provision, adopt effective measures to prevent discrimination based on ethnicity, belief, nationality, region, gender, age, occupation, health, etc.;
(3) Respect intellectual property rights and business ethics, protect trade secrets, and shall not use advantages in algorithms, data, or platforms to engage in monopolistic or unfair competition;
(4) Respect the lawful rights and interests of others, shall not harm the physical or mental health of others, and shall not infringe upon others' rights of portrait, reputation, honor, privacy, or personal information;
(5) Based on the characteristics of the service type, adopt effective measures to enhance transparency of generative artificial intelligence services and improve the accuracy and reliability of generated content.
Industry organizations, enterprises, educational and research institutions, public cultural institutions, and relevant professional institutions are supported in conducting cooperation in technological innovation, data resource development, application transformation, and risk prevention related to generative artificial intelligence.
It promotes the construction of generative artificial intelligence infrastructure and public training data resource platforms, advances coordinated sharing of computing power resources, improves utilization efficiency of computing resources, promotes orderly opening of classified public data, expands high-quality public training data resources, and encourages the use of safe and reliable chips, software, tools, computing power, and data resources.
(1) Use data and base models from lawful sources;
(2) Where intellectual property is involved, shall not infringe upon others' lawful intellectual property rights;
(3) Where personal information is involved, obtain individual consent or meet other conditions prescribed by laws and administrative regulations;
(4) Adopt effective measures to improve training data quality and enhance the authenticity, accuracy, objectivity, and diversity of training data;
(5) Comply with other relevant provisions of laws and administrative regulations such as the Cybersecurity Law, Data Security Law, and Personal Information Protection Law, as well as relevant regulatory requirements of competent authorities.
Providers shall enter into service agreements with users registered for their generative artificial intelligence services and clearly define the rights and obligations of both parties.
Providers shall, in accordance with the law, promptly accept and process requests from individuals to access, copy, correct, supplement, or delete their personal information.
Where providers discover that users are using generative artificial intelligence services to engage in unlawful activities, they shall take measures in accordance with law and agreements such as warnings, functional restrictions, suspension, or termination of services, retain relevant records, and report to relevant competent authorities.
Relevant national authorities shall, based on the characteristics of generative artificial intelligence technology and its applications in industries and fields, improve scientific regulatory methods adapted to innovation development, and formulate corresponding classified and graded regulatory rules or guidelines.
Relevant institutions and personnel participating in security assessments and supervision shall keep confidential state secrets, commercial secrets, personal privacy, and personal information learned in the course of their duties, and shall not disclose or unlawfully provide them to others.
Where violations constitute breaches of public security administration, administrative penalties shall be imposed; where a crime is constituted, criminal responsibility shall be pursued.
(2) "Generative artificial intelligence service providers" refer to organizations or individuals that use generative artificial intelligence technology to provide such services (including through programmable interfaces);
(3) "Generative artificial intelligence service users" refer to organizations or individuals that use such services to generate content.
Foreign investment in generative artificial intelligence services shall comply with relevant laws and administrative regulations on foreign investment.
生成式人工智能服务管理暂行办法
(2023年7月10日公布,自2023年8月15日起施行,第15号令)
来源:国家互联网信息办公室
目 录
国家对利用生成式人工智能服务从事新闻出版、影视制作、文艺创作等活动另有规定的,从其规定。
行业组织、企业、教育和科研机构、公共文化机构、有关专业机构等研发、应用生成式人工智能技术,未向境内公众提供生成式人工智能服务的,不适用本办法的规定。
(一)坚持社会主义核心价值观,不得生成煽动颠覆国家政权、推翻社会主义制度,危害国家安全和利益、损害国家形象,煽动分裂国家、破坏国家统一和社会稳定,宣扬恐怖主义、极端主义,宣扬民族仇恨、民族歧视,暴力、淫秽色情,以及虚假有害信息等法律、行政法规禁止的内容;
(二)在算法设计、训练数据选择、模型生成和优化、提供服务等过程中,采取有效措施防止产生民族、信仰、国别、地域、性别、年龄、职业、健康等歧视;
(三)尊重知识产权、商业道德,保守商业秘密,不得利用算法、数据、平台等优势,实施垄断和不正当竞争行为;
(四)尊重他人合法权益,不得危害他人身心健康,不得侵害他人肖像权、名誉权、荣誉权、隐私权和个人信息权益;
(五)基于服务类型特点,采取有效措施,提升生成式人工智能服务的透明度,提高生成内容的准确性和可靠性。
支持行业组织、企业、教育和科研机构、公共文化机构、有关专业机构等在生成式人工智能技术创新、数据资源建设、转化应用、风险防范等方面开展协作。
推动生成式人工智能基础设施和公共训练数据资源平台建设。促进算力资源协同共享,提升算力资源利用效能。推动公共数据分类分级有序开放,扩展高质量的公共训练数据资源。鼓励采用安全可信的芯片、软件、工具、算力和数据资源。
(一)使用具有合法来源的数据和基础模型;
(二)涉及知识产权的,不得侵害他人依法享有的知识产权;
(三)涉及个人信息的,应当取得个人同意或者符合法律、行政法规规定的其他情形;
(四)采取有效措施提高训练数据质量,增强训练数据的真实性、准确性、客观性、多样性;
(五)《中华人民共和国网络安全法》、《中华人民共和国数据安全法》、《中华人民共和国个人信息保护法》等法律、行政法规的其他有关规定和有关主管部门的相关监管要求。
提供者应当与注册其服务的生成式人工智能服务使用者(以下称使用者)签订服务协议,明确双方权利义务。
提供者应当依法及时受理和处理个人关于查阅、复制、更正、补充、删除其个人信息等的请求。
提供者发现使用者利用生成式人工智能服务从事违法活动的,应当依法依约采取警示、限制功能、暂停或者终止向其提供服务等处置措施,保存有关记录,并向有关主管部门报告。
国家有关主管部门针对生成式人工智能技术特点及其在有关行业和领域的服务应用,完善与创新发展相适应的科学监管方式,制定相应的分类分级监管规则或者指引。
参与生成式人工智能服务安全评估和监督检查的相关机构和人员对在履行职责中知悉的国家秘密、商业秘密、个人隐私和个人信息应当依法予以保密,不得泄露或者非法向他人提供。
构成违反治安管理行为的,依法给予治安管理处罚;构成犯罪的,依法追究刑事责任。
(一)生成式人工智能技术,是指具有文本、图片、音频、视频等内容生成能力的模型及相关技术。
(二)生成式人工智能服务提供者,是指利用生成式人工智能技术提供生成式人工智能服务(包括通过提供可编程接口等方式提供生成式人工智能服务)的组织、个人。
(三)生成式人工智能服务使用者,是指使用生成式人工智能服务生成内容的组织、个人。
外商投资生成式人工智能服务,应当符合外商投资相关法律、行政法规的规定。
