Basic Structure of Chinese AI Governance

AI Regulation in China: An Overview of Legislation, Governance, and Development Logic

Overview of Artificial Intelligence Legislation in China

Artificial intelligence is making its way into the workplace and everyday life at an unprecedented pace. From content creation and intelligent customer service to healthcare, finance, and public administration, AI is no longer just an abstract technical concept; rather, it is increasingly becoming a central infrastructure that significantly shapes societal processes.

The technological opportunities are clear. At the same time, risks such as data misuse, algorithmic discrimination, deepfakes, the protection of minors, and unclear allocation of responsibility pose significant challenges to existing legal and regulatory frameworks.

Against this backdrop, the regulation of artificial intelligence is no longer merely a “forward-looking discussion,” but has become a concrete legislative task that governments around the world must address. The European Union has taken a leading role with the AI Act, while Japan and South Korea are also continuously expanding their national governance structures for AI.

Unlike legal systems that attempt to regulate AI “in one fell swoop” through a comprehensive law, China is taking a much more cautious and incremental approach. China’s AI regulation specifically targets specific risk areas—particularly algorithms and content-generating applications—and continues to develop the regulatory framework through ongoing additions and clarifications. This approach can be described as a model of “incremental progress with rapid iteration.”

As of January 1, 2026, a regulatory framework has emerged in China consisting of national development strategies, ministerial regulations, and fundamental laws, and its contours are becoming increasingly clear.


AI Regulation, Governance, and Development Logic in China

Image source: AI-generated | Description: An overview of AI regulation in China: How AI is regulated by law, what rules apply, and why governance works differently there.


I. Overview of the Most Important Legal and Regulatory Documents Related to AI in China

From a historical perspective, Chinese AI regulation did not begin with specific regulatory provisions, but rather at the level of national development strategies.

  • “Development Plan for Next-Generation Artificial Intelligence” (State Council, 2017): Establishes a national AI strategy for the first time and explicitly sets forth the goal of establishing a system of laws, ethical guidelines, and policy measures.
  • “Ethical Guidelines for Next-Generation Artificial Intelligence” (2021): Embed ethical principles throughout the entire life cycle of AI systems and establish the vision of “benevolent AI.”
  • Regulation on the Management of Algorithmic Recommendation Services on the Internet (2021/2022): Regulates algorithmic recommendation systems and is considered one of the starting points for operational AI regulation in China.
  • Regulation on the Management of Deep Synthesis Services on the Internet (2022/2023): Contains specific guidelines for AI-generated synthetic content, such as audio and video deepfakes.
  • Provisional Administrative Measures for Generative AI Services (2023): One of the world’s first sets of regulations specifically designed for generative AI; establishes obligations for providers, risk-based oversight, and compliance requirements.
  • Measures for Labeling AI-Generated Content (2025): Introduce a mandatory labeling requirement for AI-generated content, supported by technical standards.

These regulations do not stand alone. Fundamental laws such as the Cybersecurity Law, the Data Security Law, the Personal Data Protection Law, and the Regulation on the Protection of Minors on the Internet form the legal foundation of China’s AI governance in the areas of data security, data protection, and network security.



II. The Regulatory Classification of the “Provisional Administrative Measures for Generative AI Services”

Within the existing regulatory framework, the Provisional Administrative Measures for Generative AI Services (hereinafter referred to as the “Provisional Measures”) are of particular importance. The regulatory framework does not purport to clarify fundamental issues such as the definition of AI or a comprehensive classification system.

Instead, it focuses specifically on generative AI as the form of application in which risks are currently most concentrated and public attention is particularly high.

The Provisional Measures explicitly emphasize the principle of promoting innovation and safety in equal measure and combining technological development with governance based on the rule of law.

On the one hand, they define clear compliance boundaries regarding the legality of training data, data annotation, algorithm security assessments, and registration and reporting requirements. On the other hand, they address practical risks such as content moderation, labeling requirements, the protection of minors, and complaint and reporting mechanisms.

From a regulatory perspective, the framework does not take a repressive approach but rather reflects a “prudent and tolerant regulatory approach.” This leaves room for technological innovation while at the same time safeguarding key risk areas.

This balance also illustrates that, at this stage, Chinese legislation on artificial intelligence is more focused on risk prevention and does not yet constitute a fully consolidated, comprehensive regulatory framework.



III. Regulatory Logic and Key Features of the Preliminary Measures

From a normative perspective, provisional measures are less a form of traditional technology regulation and more a pragmatic governance tool that responds quickly to specific risks.

First, the Provisional Measures take a strongly problem-oriented approach. Rather than developing abstract definitions or comprehensive classifications, they focus directly on already identifiable risks such as disinformation, content bias, violations of third-party rights, and the protection of minors.

Second, the measures build on the element-based regulatory framework established in China. Existing requirements regarding data security, data protection, and algorithm governance are systematically integrated into the context of generative AI.

Third, the regulatory framework is intentionally designed to be moderate. No licensing or market access systems will be introduced. Instead, oversight relies on procedural obligations prior to market entry, as well as ongoing and ex post monitoring.

Fourth, the provisional measures are clearly transitional in nature. The very fact that they are described as “provisional” indicates that this regulation is not intended to be a stable, definitive norm in the long term.

In summary, it can be said that the Provisional Administrative Measures neither constitute a comprehensive AI law in the strict sense nor claim to establish a complete risk classification system.



IV. Limitations of the Current Governance Model

Despite the increasing number of regulations, the Chinese AI governance system continues to exhibit distinct phase-specific characteristics.

On the one hand, the risk and supervisory framework has thus far been predominantly application- and technology-oriented. On the other hand, the relevant regulations at the level of core elements—such as data, algorithms, and models—are largely limited to principle-based guidelines.



V. Future Trends

AI legislation is, by its very nature, a dynamic process. With the publication of the “Framework for the Security Governance of Artificial Intelligence (Version 2.0)” by the National Committee for Cybersecurity Standardization in September 2025, important foundations were laid for potential comprehensive AI legislation.

It is foreseeable that China will continue its incremental regulatory approach and that AI legislation will become increasingly systematized and refined through ongoing adjustments.


Sources & References

  • Regulation (EU) 2024/1689 of the European Parliament and of the Council on Artificial Intelligence (Artificial Intelligence Act, “AI Act”). Entered into force on August 1, 2024; phased implementation of the provisions.
  • Japanese AI Governance Strategies:
  • South Korea:
    • Standards for the Processing of Public Data in the Development and Provision of AI Services, Personal Information Protection Commission (PIPC), available at https://www.pipc.go.kr/…
    • Framework Act on the Development of Artificial Intelligence and the Establishment of a Trust-Based Infrastructure, Government of the Republic of Korea, available at https://www.law.go.kr/…
  • Xu Wei / Zhang Li: Legislation on Artificial Intelligence: Experiences from the European Union and the Chinese Approach, in: Deutschland-Studien (German Studies), 2024, Issue 6, Volume 39.