What is AI regulation in China?
Global AI regulation
As of June 2026, AI regulation in China is not one single AI Act. It is a layered regime built from general cybersecurity, data and content law, plus service-specific rules for algorithmic recommendation, deep synthesis, generative AI and AI-generated content labelling. Public-facing services, especially those with public opinion or social mobilisation capacity, may need filing, security assessment, content controls, data governance, user protections and visible labelling. National planning and standards sit above this legal stack.
What this means
China regulates AI mainly through internet, data and content law, then adds targeted rules for particular AI-enabled services. The main live instruments are the 2022 algorithm recommendation rules, the 2023 deep synthesis rules, the 2023 interim generative AI measures, and the 2025 AI content labelling rules.
That means compliance in China is less about asking whether a model is "high risk" in the abstract. It is more about what the service does, who it reaches, what it can generate or distribute, whether it can shape public discussion at scale, and whether the provider can control content, data, users and labelling.
The result is a practical, platform-centred regime. It mixes industrial planning, cybersecurity, personal information law, online content governance, technical standards and filing or security assessment processes.
Why it matters
If you build, buy, deploy or govern AI for users in China, these rules can affect whether a product can launch, which features can be turned on, what training data can be used, how outputs must be labelled, which contracts are needed with users, and whether local filing or security assessment is required before release.
It also matters for procurement and partnerships. A buyer or integrator should not stop at model capability. In China, the practical questions include whether the relevant service has been filed or registered, whether the provider can show lawful data provenance, whether the product page discloses the filing identifier, how AI-generated content is labelled, and whether separate sector permissions or platform controls apply.
How it works
China uses a layered regime
As of 4 June 2026, China does not have one omnibus AI act comparable to the EU AI Act. Instead, it regulates AI through a stack of instruments: national planning, general cybersecurity and personal information law, online content and platform regulation, AI-specific service rules, filing and security assessment mechanisms, and technical standards. For most operators, the first legal question is what internet service or feature is being offered in mainland China, not which abstract model category the system belongs to.
Institutionally, the Cyberspace Administration of China, or CAC, is the central coordinator. Depending on the instrument, it works with the Ministry of Industry and Information Technology, the Ministry of Public Security, the State Administration for Market Regulation, the National Development and Reform Commission, the Ministry of Education, the Ministry of Science and Technology, the National Radio and Television Administration and other sector bodies. The standards layer runs through the national standards system and the TC260 cybersecurity standards process.
The planning layer sets direction, but not launch checklists
China's broader AI governance story starts with the 2017 New Generation Artificial Intelligence Development Plan. That document matters because it put AI at national-strategy level, linked AI to industrial and state capacity goals through 2030, and expressly connected development with governance, standards, security and international rule-making.
But the planning layer is not the same thing as a direct compliance rulebook. It tells you why China is building this regime and where policy is headed. It does not by itself tell a provider how to release a chatbot, a synthetic media tool or an AI feature inside a platform. Those operational duties sit in later regulations and standards.
Algorithm recommendation rules shape platform behaviour
The 2022 algorithm recommendation provisions are broader than many readers expect. They do not only regulate recommendation feeds. They cover generative or synthetic, personalised recommendation, ranking and selection, search filtering, and dispatching or decision-making style algorithmic services when these are used to provide internet information services.
These rules require providers to review, assess and verify algorithmic mechanisms, models, data and application effects. They prohibit manipulative algorithmic behaviour such as inducing addiction or excessive spending. They also tie AI compliance to content governance: providers must prevent illegal and harmful information, label generated synthetic information before continuing transmission if it is unlabelled, and comply with licensing rules where internet news services are involved.
They also contain practical user-rights duties. Providers must tell users that algorithmic recommendation is being used, disclose the basic principles and main operating mechanisms in an appropriate way, offer a non-personalised option or a convenient switch-off, and let users select or delete user tags used for recommendation. The rules also mention specific protections for minors, older people, workers and consumers. In practice, this means China's AI regime is partly a platform-governance regime, not only a model-safety regime.
Deep synthesis rules target synthetic media and identity-related manipulation
The 2023 deep synthesis rules are China's core rule set for deepfakes and similar media tools. They apply to synthetic text, speech, music, images, video, digital people and immersive virtual scenes. They are important because they regulate both direct consumer services and, in some cases, technical supporters behind those services.
Providers must review inputs and generated results, keep logs, maintain mechanisms for handling false information, and create user complaint channels. Where a service allows publication of information, real identity verification is required before that publication function is provided. The rules also tie app stores into the system by requiring application distribution platforms to check relevant security assessment and filing status before listing deep synthesis apps and to take corrective action where the rules are breached.
A particularly practical point is biometric editing. If a service provides tools to edit facial or voice biometric information, the service user must be prompted to notify the individual being edited and obtain that person's separate consent. This is one reason why face-swap and voice-clone products can fall into a more serious regulatory bucket than their consumer branding suggests.
The deep synthesis rules also create China's first detailed AI content-labelling duties. Providers must add technical labels to content generated or edited through the service, and where the content may cause the public to be confused or misled, they must add prominent labels in the output itself. That covers areas such as intelligent dialogue, intelligent writing, voice synthesis, face generation, face replacement and immersive realistic scenes.
Generative AI rules govern public-facing services
China's 2023 Interim Measures for the Management of Generative Artificial Intelligence Services apply when generative AI is offered to the public in mainland China to generate text, images, audio, video or similar content. This is the main public-facing GenAI rule.
The scope is precise. The measures do not apply to organisations developing or using generative AI internally, including businesses, educational and research institutions and public cultural bodies, if they are not providing the service to the domestic public. That is an important boundary. It does not mean internal use is unregulated, because general cybersecurity, data, personal information and sector rules can still apply. It does mean the generative AI measures themselves are primarily a public-service rule.
Substantively, the measures require providers to use lawfully sourced data and base models, respect intellectual property and commercial ethics, handle personal information lawfully, improve training-data quality, and control discriminatory bias. Providers must protect user inputs and usage records, avoid collecting unnecessary personal information, provide complaint and reporting channels, and take action if illegal content is generated or if users misuse the service.
The measures also make clear that China is regulating services, not only standalone models. A provider includes a party offering the service through an API or similar interface. That is one reason the Chinese framework sits next to, rather than mirrors, a general-purpose model discussion. In China, the service wrapper, the distribution path and the public-facing function matter greatly.
The measures also preserve sector overlays. If a generative AI service is used in areas such as news, publishing, film or other separately regulated activities, those rules continue to apply. Foreign investment in generative AI services must comply with foreign investment law, and overseas services offered into China can be met with technical or other necessary measures if they do not comply with Chinese legal requirements.
Security assessment and filing act as launch controls
A major practical trigger in China is whether a service has "public opinion properties or social mobilisation capacity". In the wider internet service safety assessment rules, that concept covers services such as forums, blogs, microblogs, chatrooms, public accounts, short video, livestreaming, information-sharing services and mini-programmes, as well as other services that open channels for public expression or can mobilise the public into specific activities.
For covered services, providers must carry out a security assessment and submit the report to the relevant authorities. The report can be prepared internally or with a third-party assessor, but the provider remains responsible for it. Where the trigger is the launch of a new covered service or the addition of a covered function, the report must be submitted before launch or before the new function goes live.
The algorithm recommendation rules require filing within 10 working days after a covered service starts. The deep synthesis rules and the generative AI measures both point back to that filing machinery. In other words, the filing and security assessment system is one of the main operational gateways into the Chinese AI market for public-facing services with significant communication or mobilisation effects.
Labelling now runs from creation to distribution
From 1 September 2025, the AI generated and synthesized content labelling measures, together with the mandatory national standard GB 45438-2025, made China's labelling regime far more operational. The rules now cover text, audio, images, video and virtual scenes, and they apply not only to generators but also to distribution platforms.
Covered service providers must add visible labels in or around generated content and hidden labels in file metadata. The exact presentation depends on the medium: text prompts or symbols for text, audible or rhythmic prompts for audio, visible marks for images, visible prompts around or within video, and visible prompts in virtual scenes. File exports, downloads and copies must also carry the required visible label.
The distribution side is crucial. If a platform sees metadata showing that content is AI generated, it must add a visible prompt around the published content. If metadata is absent but the user says the content is AI generated, the platform must still add a visible prompt. If the platform detects visible labelling or other clear synthetic traces despite no user declaration, it must warn users that the content is suspected to be AI generated. App stores must ask providers whether their apps offer AI generation functions and must verify the relevant labelling materials before listing.
There is one narrow flexibility point. If a user specifically asks for a copy without a visible label, a provider may supply it after clearly allocating the user's later labelling obligations in the user agreement and keeping the handover logs for at least six months. That does not remove the duty to declare and label the content if the user later publishes it to the public.
Institutions, standards and active filing make the regime operational
China's AI regime is not just text on paper. It is operationalised through public filing notices, app-store checks and an increasingly detailed standards layer. The 2025 mandatory labelling standard is one example of this. It sits alongside other emerging standards work on generative AI security and data handling, which helps translate legal duties into concrete implementation practices.
Current filing notices show the scale of the live system. As of 30 April 2026, CAC said 868 generative AI services had completed filing and 530 applications or functions had completed registration. The notices also clarify an important split in practice: direct generative AI services that trigger the regime go through filing, while applications or features that call an already filed model through an API or similar route can be registered locally instead. Product pages are expected to display the model name and filing number or online number.
Enforcement is also layered. Some AI rules have their own penalty clauses, but many duties are enforced through China's broader cybersecurity, data and personal information law. In practice, that means AI failures can lead to warnings, public criticism, rectification orders, suspension of functions or services, app-store action, and statutory fines under the underlying legal stack. Filing or registration is therefore not a one-off badge of approval. Continuous compliance still matters.
Examples
A public chatbot or image generator launches in mainland China. The operator first checks whether the service is public-facing and whether it has public opinion properties or social mobilisation capacity. If it does, the security assessment and filing machinery becomes part of the launch path. If a later app feature simply calls an already filed model through an API or similar route, current CAC practice points to local registration rather than a fresh national filing. Either way, the public product page is expected to show the model name and filing or registration identifier.
A social platform receives an uploaded AI-generated video. If the file metadata shows it is generated content, the platform must add a visible prompt around the post. If the metadata is missing but the uploader declares that the content is AI generated, the platform still has to add a visible warning. If the uploader says nothing but the platform can detect synthetic traces, the platform must treat the post as suspected AI-generated content and label it accordingly. In China, the duty does not stop with the original generator.
A face-swap or voice-clone app is prepared for public release. Under the deep synthesis rules, the provider must consider whether the feature edits biometric information, whether users need to be prompted to notify the affected individual and obtain separate consent, whether outputs that could mislead the public need prominent labels, whether real identity verification is needed before public posting functions are enabled, and whether the app store has enough evidence of filing or assessment status to allow listing. A product sold as lightweight entertainment can therefore be treated legally as synthetic media infrastructure.
Common misunderstandings
"China already has one comprehensive AI act." Not yet. As of June 2026, China still regulates AI through a layered stack of planning documents, internet service rules, content rules, data law, filing processes and standards.
"The generative AI measures are only soft guidance because they are called 'interim'." No. They are binding measures that took effect on 15 August 2023.
"Only model developers need to care." No. Duties can fall on service providers, platforms, app stores, technical supporters and, in some cases, users.
"Internal AI tools are fully exempt." Not quite. Non-public internal use falls outside the specific public-facing generative AI measures, but other cybersecurity, personal information, data and sector rules can still apply.
"Labelling only matters for pictures and video." Not any more. Since 1 September 2025, China's AI labelling regime also covers text, audio and virtual scenes, and it places duties on distribution platforms as well as generators.
Risks and boundaries
This page is about China's general public-internet AI regime. It does not fully cover adjacent but distinct topic areas such as online platform moderation in detail, biometric identification and surveillance law, or sector-specific supervision in fields where separate licensing and operational rules apply.
It is also not a universal risk-taxonomy page. China's current approach does not organise AI law around a single all-purpose list of prohibited, high-risk and low-risk systems. Instead, the regime asks what the service does, how it is distributed, what kind of content it generates or carries, and whether it can shape public discussion or mobilise users.
The current legal status is relatively clear on the core instruments. The algorithm recommendation rules have applied since 1 March 2022. The deep synthesis rules have applied since 10 January 2023. The generative AI measures have applied since 15 August 2023. The AI content labelling measures and mandatory standard GB 45438-2025 have applied since 1 September 2025. The live uncertainty is less about whether China regulates AI and more about how quickly added standards, filing practice and further targeted rules continue to build on this base.
A final boundary point is that filing or registration does not equal substantive clearance for every use. Providers still have ongoing duties around content legality, training-data provenance, personal information handling, user complaints, output labelling, product updates and sector-specific permissions. In a fast-dating system, launch-day compliance is only the starting point.
What to do next
Map the product by service function, not by marketing label. Ask whether it is acting as an algorithmic recommender, a deep synthesis tool, a public generative AI service, a distribution platform, or more than one at once. Then decide whether the service is public-facing in mainland China and whether it may have public opinion properties or social mobilisation capacity, because that drives security assessment and filing risk.
After that, build a China-specific control set: lawful-source checks for training data and base models, personal information and intellectual property review, output moderation and incident handling, visible and hidden labelling, user agreements, complaint handling, and app-store evidence packs. If you buy from or integrate with another provider, ask for the filing or registration identifier, who owns the public-facing obligations, and how feature changes are handled. Finally, because this area changes quickly, monitor CAC notices and national standards updates at each major release, not only once a year.
FAQs
Does China have one national AI act in force? A: No. As of June 2026, China regulates AI through a layered stack of laws, regulations, filing processes and standards rather than one single comprehensive AI statute.
No. As of June 2026, China regulates AI through a layered stack of laws, regulations, filing processes and standards rather than one single comprehensive AI statute.
What is the main trigger for the generative AI measures? A: The key trigger is offering generative AI services to the public in mainland China for creating text, images, audio, video or similar content.
The key trigger is offering generative AI services to the public in mainland China for creating text, images, audio, video or similar content.
Are internal enterprise tools outside the generative AI measures? A: Usually yes, if they are not offered to the domestic public. But that does not remove duties under general cybersecurity, personal information, data or sector law.
Usually yes, if they are not offered to the domestic public. But that does not remove duties under general cybersecurity, personal information, data or sector law.
Does China regulate models or services? A: Mostly services and functions. China can still reach model providers because API-based provision counts as a form of service, but the legal triggers are strongly service-led.
Mostly services and functions. China can still reach model providers because API-based provision counts as a form of service, but the legal triggers are strongly service-led.
What if I build an app on top of another provider's filed model? A: Current CAC practice distinguishes between direct filing for qualifying generative AI services and local registration for applications or features that call an already filed model through an API or similar method.
Current CAC practice distinguishes between direct filing for qualifying generative AI services and local registration for applications or features that call an already filed model through an API or similar method.
Are AI labels mandatory for text as well as images and video? A: Yes, for covered services. Since 1 September 2025, China's labelling rules extend to text, audio, images, video and virtual scenes, and they also place duties on distribution platforms.
Yes, for covered services. Since 1 September 2025, China's labelling rules extend to text, audio, images, video and virtual scenes, and they also place duties on distribution platforms.
How is China's approach different from the EU approach? A: China currently regulates AI mainly through internet service, content, data and platform rules, while the EU relies more heavily on a single horizontal AI act with a defined product-risk architecture.
China currently regulates AI mainly through internet service, content, data and platform rules, while the EU relies more heavily on a single horizontal AI act with a defined product-risk architecture.