Ron Cai
Zhong Lun Law Firm, Shanghai
roncai@zhonglun.com

Weiyue Zhu
Zhong Lun Law Firm, Shanghai
zhuweiyue@zhonglun.com

On 13 July 2023, the Cyberspace Administration of China (hereinafter referred to as ‘the CAC’), together with six other ministries in China, issued the ‘Interim Administrative Provisions on the Generative Artificial Intelligence Services’ (hereinafter referred to as ‘the Generative AI Regulations’), which became effective on 15 August 2023.

Three months before this final version, on 11 April 2023, the CAC released a draft of the Generative AI Regulations for public comments (hereinafter referred to as ‘the Draft Regulations’). The authors have published a commentary on the Draft Regulations.[1] This article summarises the major differences between the final version of the Generative AI Regulations and the Draft Regulations.

Clarification of the application scope

Article 2 of the Generative AI Regulations stipulates:

‘These Provisions shall apply to the use of generative artificial intelligence technology to provide services for generating texts, images, audio, video, and other contents to the public within the territory of the People's Republic of China (hereinafter referred to as the “generative AI services”).'

Compared with the Draft Regulations, the Generative AI Regulations explicitly exclude from the scope of application the development and the application of generative artificial intelligence technologies that do not provide generative AI services to the public in China – see Article 2:

‘Industry organizations, enterprises, educational and scientific research institutions, public cultural institutions, and relevant professional institutions that develop and apply generative artificial intelligence technology, but do not provide generative AI services to the domestic public, shall not be subject to these Provisions.'

This change supposedly will ease the burden for many companies that use generative AI for their own internal production or business needs, or those that are still testing the AI products or services.

In addition, overseas generative AI service providers offering services to the public within the territory of China, or domestic service providers embedding overseas generative AI services into their products to provide services to the domestic public, must also comply with the requirements of the Generative AI Regulations – see Article 20:

‘If the provision of generative AI services originating from outside the territory of the People's Republic of China does not comply with laws, administrative regulations, and these Provisions, the Cyberspace Administration of China shall notify relevant institutions to take technical measures and other necessary measures to deal with it.’

More encouraging provisions

Compared with the Draft Regulations, the Generative AI Regulations reflect more tolerance to immature generative AI services and focus more on the encouragement and support of the development of generative artificial intelligence industry. The Generative AI Regulations declare dual principles of ‘attaching equal importance to development and security, and combining innovation promotion and law-based governance’ – see Article 3:

‘The State adheres to the principles of attaching equal importance to development and security, and combining innovation promotion and law-based governance, adopts effective measures to encourage the innovation and development of generative artificial intelligence, and implements inclusive prudence and classified and hierarchical supervision on generative AI services.’

The Generative AI Regulations add ‘the Science and Technology Advancement Law of the People's Republic of China’ as the legislative basis, giving greater prominence to the policy orientation of encouraging scientific and technological innovation (see Article 1).

Shifting part of responsibilities from service providers to users

In our commentary on the Draft Regulations, we mention that the content compliance obligations are heavily rested on the generative AI service providers, while user responsibilities are absent, which may require further consideration. The Generative AI Regulations reduce the compliance burden of generative AI service providers, as further analysed below, while adding responsibilities on service users. Article 7 of the Generative AI Regulations stipulates that ‘the Providers shall sign service agreements with generative AI service users who register their services (hereinafter referred to as the “Users”), clarifying the rights and obligations of both parties’. Through the service agreements, the service providers may limit use of generative AI services by service users and transfer compliance risks to the users.

Relaxing requirements for generated contents, data and information

In response to the criticisms by commentators on the Draft Regulations’ requirements of ‘true and accurate’ for the generated contents and training data of generative AI services, and some other strict requirements on the personal information protection obligations of the generative AI service providers, the Generative AI Regulations relax the specific requirements, including:

• Deleting the requirements of ‘the content generated by generative artificial intelligence shall be true and accurate, and measures shall be taken to prevent the generation of false information’, and replacing it with ‘based on the characteristics of the service type, effective measures shall be taken to improve the transparency of generative AI services and improve the accuracy and reliability of generated contents’ (see Article 4).
• Changing the requirements that the service providers must ensure the authenticity, accuracy, objectivity, and diversity of the data to ‘take effective measures to improve the quality of training data, and enhance the authenticity, accuracy, objectivity, and diversity of training data’ (see Article 7).
• Deleting the requirements that the providers must ask the users to provide real identity information, and that the providers must not create user profiles based on user input information and usage (ie, infer and label user characteristics based on behavioural data analysis, such as user input information and usage, so as to achieve the purpose of precise marketing, user research, and personalised services, etc) (see Article 11).
• Regarding illegal content, deleting the requirements of ‘prevent the regeneration of such content through model optimisation training and other means within 3 months’, and replacing it with ‘timely take actions, such as stopping the generation or transmission, or elimination, adopt measures such as model optimization training to make rectification, and report to the competent authorities’ (see Article 14).

Increasing supervision and inspections

Compared with the Draft Regulations, the Generative AI Regulations authorise a number of regulators in addition to the CAC to strengthen the management of generative AI services according to their respective duties. The relevant authorities include the CAC, National Development and Reform Commission, Ministry of Education of the People’s Republic of China, Ministry of Science and Technology of the People’s Republic of China, Ministry of Industry and Information Technology of the People’s Republic of China, Ministry of Public Security of the People’s Republic of China, National Radio and Television Administration, National Press and Publication Administration, etc (see Article 16).

The Generative AI Regulations also state that the regulators will ‘implement inclusive prudence and classified and hierarchical supervision on generative AI services’. Classified and hierarchical supervision refers to taking tiered regulatory measures in accordance with the classification of possible risks and impacts based on the technological maturity and application scenarios of the generative AI services. This means that different industry authorities may formulate specific categorisation and classification supervision rules for each industry (see Article 16: ‘Relevant national authorities shall, in light of the characteristics of generative artificial intelligence technology and its service applications in relevant industries and fields, improve scientific supervision methods that are compatible with innovation and development, and formulate corresponding categorization and classification supervision rules or guidelines.’).

Author details

Ron Cai has more than 34 years of legal experience assisting clients in United States-China business projects. His practice focuses on cybersecurity, data compliance, personal information protection, international mergers & acquisitions, international business transactions and dispute resolution. Ron is a seasoned expert in Chinese Hi-tech regulations and market entry practices. He is familiar with a wide range of industries, including AI, metaverse, cloud computing, internet of things, e-commerce, digital media and entertainment, online games, e-health care, high-speed railway, and renewable energy. Ron speaks and writes frequently on Chinese Hi-tech laws and practices.

Notes

[1]   For the full text of the Commentary of the Administrative Measures for Generative Artificial Intelligence Services (Draft for Public Comments), see https://mp.weixin.qq.com/s/JaNv1jqCnV6DYs3ZQx2esQ.