China's regulation of artificial intelligence – progress and challenges

Liang Ding

DeHeng Law Offices, Beijing

dingliang@dehenglaw.com

Artificial intelligence (AI) is developing rapidly in China, with the number of patents[1] and the size of the market[2] both ranking highly among countries. However, this rapid development has posed new challenges to the legal framework, ethical norms and social governance, prompting China to continuously adjust and improve the relevant regulatory system.

China's legal regulatory framework for AI

China’s AI policy

China has successively issued a number of policy documents, such as the New Generation Artificial Intelligence Development Plan issued in 2017, which clarified China's national strategic goals and pathways for AI development, proposed the goal of becoming a global centre for AI innovation by 2030.

The 2020 Guidelines for the Construction of the Standard System of the New Generation of Artificial Intelligence has provided a clear blueprint for the standardisation of the development of China’s AI industry, ensuring that technological innovation and industrial application progress in tandem within a standardised framework. It also focuses on ethics and safety to promote the sustainable development of AI.

The 2025 Opinions of the State Council on Deepening the Implementation of the ‘Artificial Intelligence+’ Initiative, states that by 2030:

• AI in China will fully empower high-quality development;
• the penetration rate of new-generation intelligent terminals and intelligent agents will exceed 90 per cent;
• the intelligent economy will become an important growth area of China’s economic development; and
• the promotion of technological inclusiveness and achievement sharing will be advanced.

By 2035, China will fully enter a new stage of intelligent economy and intelligent society development, providing strong support for the basic realisation of socialist modernisation.

Laws

China has not yet enacted laws directly targeting AI. Basic laws such as the Cybersecurity Law, the Data Security Law and the Personal Information Protection Law provide legal support for the regulation of AI, clarifying the basic principles of data security, personal information protection and algorithmic governance.

Regulations

One key AI regulation is the Provisional Measures for the Administration of Generative Artificial Intelligence Services（2023）(生成式人工智能服务管理暂行办法 or ‘Provisional Measures’), which set forth five principles for generative AI (GAI):

1. upholding socialist core values, and not generating any content prohibited by laws and regulations that incites the subversion of the state power or the overthrow of the socialist system, endangers national security and interests, damages the national image, incites separatism, undermines national unity and social stability, etc;
2. taking effective measures to prevent discrimination in the process of algorithm design, training data selection, model generation and optimisation, service provision, etc;
3. respecting intellectual property rights and business ethics;
4. respecting others’ legitimate rights and interests; and
5. taking effective measures to boost the transparency of GAI services and the accuracy and reliability of content generated.

The Provisional Measures also reflect the fragmentation of GAI service administration and supervision, as government departments – including cyberspace administration, development and reform, education, science and technology, industry and information technology, public security, radio and television, and press and publication – can all oversee GAI services according to their respective responsibilities.

The Administrative Measures on Internet-based Information Services（2025)（互联网信息服务管理办法）divides internet-based information services into services of a commercial nature (where a licence is needed) and services of a non-commercial nature (filing is sufficient). Regarding content management, the Administrative Measures on Internet-based Information Services stipulates that internet information service providers shall not produce, reproduce, publish or disseminate ten major categories of content, including endangering national security, leaking state secrets, subverting state power and undermining national unity. 

The Administrative Provisions on Algorithm Recommendation for Internet Information Services (2021) (互联网信息服务算法推荐管理规定 or ‘Provisions on Algorithm Recommendation’) regulates the application of algorithm recommendation technologies such as GAI, personalised push notifications, sorting display pages, filtering search engine results, decision-making, etc.

The Administrative Provisions on Deep Synthesis of Internet-based Information Services (2023) (互联网信息服务深度合成管理规定 or Provisions on Deep Synthesis) regulates the application of deep synthesis technology such as generating or editing text contents, text-to-speech, music generation, face generation, image generation, three-dimensional reconstruction and digital simulation.

Standards and guidelines

Cybersecurity technology – security specification for generative artificial intelligence pre-training and fine-tuning data (GB/T 45652-2025) stipulates the security requirements for the pre-training and fine-tuning data of GAI and processing activities, and describes the corresponding evaluation methods.

1. Cybersecurity technology - Labelling method for content generated by artificial intelligence (GB 45438-2025) stipulates the labelling method for content generated by AI.
2. Measures for Labelling of AI-generated Synthetic Content (2025)（人工智能生成合成内容标识办法) and Cybersecurity Standard Practice Guide - Generative Artificial Intelligence Service Content Identification Method（网络安全标准实践指南——人工智能生成合成内容标识方法）define the methods for file metadata of artificial intelligent-generated and synthesised text, images, audio, video and other content, the metadata security protection guidelines, and the detection framework for generated and synthesised content.
3. Cybersecurity Technology - Basic Security Requirements for Generative Artificial Intelligence Service (GB/T 45654-2025) secures GAI training data by mandating source vetting, diversified provenance, IP protection, and explicit separate consent for sensitive personal data. It further requires:
   • isolation of training and inference environments;
   • hardening the model with a security-test question bank;
   • systematic audits of framework and code;
   • and rapid vulnerability remediation to guarantee both model safety and output reliability.

Analysis of rights and responsibilities of AI in key industries

Autonomous driving

McKinsey predicts that China is likely to become the world's largest market for autonomous driving. By 2030, the revenue from new car sales and mobility services related to autonomous driving will exceed US $500bn.[3] However, there are significant legal obstacles for autonomous driving in China.

No laws for autonomous driving

The applicable laws—Road Traffic Safety Law, Civil Code, etc.—were written for human drivers. There is no provision on who (or what) the driver at L3-plus is, how liability is allocated, or how insurance should respond. Ministerial documents provide only soft-law guidance.

No unified mandatory technical standards

No domestic lab can issue a statutory type-approval certificate for a 'software-defined' vehicle, so the car cannot enter the Ministry of Industry and Information Technology's public sales catalogue, be sold, registered or plated.

No framework for licensing

The Road Traffic Safety Law centres on a natural person holding a driving licence. An L4/L5 vehicle—essentially a driverless motor vehicle—is a legal impossibility under that statute, leaving traffic offences, accident liability, operating permits and insurance claims in a vacuum.

No pathway to commercial operation

The Road Transport Regulations require a 'tested and qualified vehicle' to obtain a passenger or freight operating licence. Without national test reports or a legal driver, operators can secure only local 'pilot' plates; these cannot be converted into permanent operating licences.

No enforceable insurance or liability regime

Compulsory and commercial insurance still price and subrogate on human fault. There is no mandatory product-liability cover for system failure, cyber-attack or algorithmic defect. After a crash, victims face uncertainty over whom to sue, for what loss and on which legal basis.

Healthcare

The shortage of medical professionals is a long-standing structural problem in China's healthcare system. In the past, medical AI technology mainly relied on medical device carriers such as auxiliary diagnosis systems and intelligent decision-making platforms to improve diagnostic efficiency during the diagnosis stage and control medical costs.

Artificial intelligence has high sensitivity in image-assisted diagnosis, especially in the early screening of some cancers, surpassing the average level of humans. Surgical robots like Da Vinci and Honghu use AI to achieve real-time navigation and precise cutting during surgery. AI virtual screening has shortened the new drug discovery cycle from ten years to two-three years. Rehabilitation robots and companion robots provide emotional dialogue and assistance in daily life.

However, these applications have also raised ethical issues such as insufficient algorithm security and accuracy, and conflicts with patients' right to know due to the unexplainability of AI decisions. For example, AI misdiagnosis may directly endanger patients' lives, and the unexplainability of its decision-making process may prevent patients from fully understanding the basis of treatment plans. Moreover, medical and health big data is the core resource for AI technology, but it also involves patients' privacy and personal sensitive information.

The Personal Information Protection Law has put forward strict requirements for the collection, processing, and storage of personal information, but the specific regulatory details for medical and health data still need to be improved. Ensuring the legality and security of data and the preventing information leakage, especially in the data training stage of AI has become a focus of regulation.

Frontier issues in the regulation of AI

The filing of GAI

The Provisional Measures stipulate that any provider of GAI services with attribute of public opinions or capable of social mobilisation shall conduct a security assessments and complete the formalities for algorithm filing.

According to the Provisions on the Security Assessment of Internet-based Information Services with Attribute of Public Opinions or Capable of Social Mobilisation, the following categories are GAI services with attribute of public opinions or capable of social mobilisation:

1. Providing such information services as bulletin boards, blogs, microblogs, chat rooms, communication groups, public accounts, short videos, online streaming, information sharing and mini programs, etc. or setting up corresponding functions; and
2. Providing other internet-based information services that offer channels for expressing public opinions or that are capable of mobilising the public to carry out specific activities.

Before the launch of large models, authorities will require GAI service providers to fulfil the legal obligation of filing for large models in accordance with the Provisional Measures.

Regarding the filing of large models, GAI service providers should obtain and complete the filing materials for large models through the local Cyberspace Administration, including the 'Filing Form for Large Language Models of Generative AI' and the 'Key Points for Security Assessment of Large Language Models of Generative AI', etc. After the review of materials and technical tests at both the provincial and central Cyberspace Administration levels, the filing for large models will be completed.

Collection of data for large models

The quantity, quality and diversity of data are the key factors in building large models. Currently, the sources of data for large models mainly include scraped public data, open data sets, purchased data, synthetic data, and enterprise-owned data.

Scraped public data

Public data is currently one of the main sources for the pre-training data of large models. During the process of accessing and collecting public data the following compliance points need to be paid attention to:

1. Traffic and frequency control: affecting the normal operation of websites, network products/services, or the normal functions of the system is not allowed.
2. Technical measure management: bypassing or breaking through the technical protection measures adopted by websites and systems is not allowed.
3. Content screening and filtering: the data types scraped should be public and non-confidential front-end data, and data cleaning and content security management should be carried out.
4. Usage restrictions: the processing/usage of scraped public data should be limited within legal and reasonable limits: having a substitutional effect on the original data source website/system is not allowed.
5. Public data itself: may have multiple legal attributes, including but not limited to personal information, works, public data and other specific data rights. In practice, targeted compliance measures need to be taken based on the legal attributes of the data.

Open source datasets

Open source datasets are collections that assemble numerous data contents (such as web pages, images, and text). The conditions and limitations for using and distributing the datasets are defined through open source licences.

Purchased data

The following conditions apply to purchased data:

• it shall not contain data types that are prohibited or restricted from circulation and trading, such as state secrets, business secrets, personal privacy, etc;
• the data cannot be collected without authorisation;
• the seller legally owns or controls the data and has the right to provide it to others.

Synthetic data

Utilising synthetic data for training large models is an effective solution to alleviate the shortage of training data. The following issues need to be addressed.

• Data quality: the authenticity, accuracy, objectivity, and diversity of synthetic data.
• Fairness, justice, and explainability: since the generation process of synthetic data is based on algorithms and data models, it may not directly explain the principles and basis of data synthesis. Therefore, technical and management measures need to be taken to ensure compliance with principles such as fairness, justice, transparency, reliability and controllability.
• Ethical issues: due to the inherent characteristics of the aforementioned synthetic data, attention should be paid to the risk control and protection of personal rights and public interests resulting from the training of large models based on synthetic data.

Enterprise-owned data

Enterprise-owned data is used for fine-tuning large models and holds significant value for enhancing the personalisation of large models. The following issues need to be considered:

• retaining records of customer authorisation;
• providing customers with a convenient way to stop using their input content for the training of the large model; and
• clearly informing customers about the information collection and the aforementioned closing method.

Intellectual property issues regarding AI-generated content

The copyrightability of AI-generated content

Currently, there is no unified conclusion on whether AI-generated content can be regarded as a work and thus receive protection under copyright law. The participation factors and intellectual contributions of humans have become important criteria for determining copyrightability. If the AI-generated content reflects the original intellectual contributions of a natural person, can be presented in a specific form and, by continuously adjusting the prompts to guide the generated content, it can be considered to have original expression, it meets the requirements for a work. Thus, it should be protected as a work.

Who owns the rights to the AI-generated content?

Currently, there are no mandatory regulations at the legal level regarding the rights and ownership of AI-generated content. In practice, agreements such as user agreements are often made between AI technology/service providers and users to stipulate the ownership of the generated content. The mainstream approach is to stipulate that the generated content rights belong to the users. Considering that the generated content may be used for the optimisation and debugging of AI in the future, corresponding provisions are also made that AI technology/service providers have certain usage rights for the generated content.

If the content generated by AI infringes upon others' rights, who should bear the liability for infringement?

The AI-generated content may carry the memories or traces of the training works. The generated content may exhibit certain elements, features, styles, etc. from the training works. Generally, if the generated content is 'substantially similar' to the training works in expression and there is 'contact', there may be an infringement risk.

In a judgment of the Guangzhou Internet Court, the view of 'recognising the AI service provider as the liable party for the infringement of the generated content' was clearly stated. The defendant, as the AI service provider, failed to fulfil the reasonable duty of care, had subjective fault and should bear corresponding compensation liability for the infringement. Theoretically, if the user has fault in using the AI service, for example, by inputting prompts or other means to induce the AI to generate content infringing upon the rights of a third party, the user may also bear corresponding infringement liability for their fault behaviour.

Algorithmic discrimination

The rapid development of AI technology has brought with it the potential for opacity of algorithm operation, unfairness of decision-making results, and the resulting problem of responsibility attribution. Due to the complexity of the algorithm, even professionals find it difficult to fully understand its internal logic. This understanding barrier has given rise to problems of information asymmetry and unequal responsibility, hindering the standardisation of fair use of algorithms.

Big data discrimination

The platform builds a consumption profile for users by analysing their behaviour data and formulates differentiated pricing strategies based on their profile. For instance, the prices for existing users are often higher than those for new users, which is known as 'price gouging'. This kind of behaviour undermines users' trust and also violates the principle of fair pricing.

Information cocoon

The dominant role of algorithms has made search engines a tool for a few who master algorithmic technology, leading to the manipulation of information dissemination. This not only influences users' choices but may also form an 'information cocoon'. The fundamental cause of algorithmic discrimination lies in the 'black box nature' of algorithms.

Algorithmic accountability

Algorithmic accountability is regarded as an afterthought approach to addressing algorithmic discrimination and opacity. When algorithms cause damage, the accountability mechanism can also quickly trace the cause, clarify responsibility, and restore fairness through reasonable compensation. The core of the accountability mechanism lies in enhancing the transparency and interpretability of algorithms to safeguard the public's right to know and make decisions under the influence of algorithms. For the field of public decision-making and commercial algorithms involving public interests, it is particularly necessary to explain the algorithms in a way that the public can understand to ensure transparency and fairness.

Conclusions and recommendations

China has established a preliminary multi-level legal regulatory framework for AI, but still faces challenges such as data use and privacy protection, algorithmic bias and liability attribution.

In the future, it will be necessary to:

• further improve laws and regulations; 
• promote regional pilots and international cooperation; and
• incorporate AI governance into a global framework to achieve a virtuous interaction between technology, law and society.