Provisions on the management of algorithmic recommendations in Internet information services

Chapter I: General Provisions

Article 1: These Provisions are drafted on the basis of the Cybersecurity Law of the PRC, the PRC Data Security Law, the Personal Information Protection Law of the PRC, The Measures on the Administration of Internet Information Services, and other relevant laws and administrative regulations, so as to regulate internet information services algorithmic recommendation activities, carry forward the Core Socialist Values, preserve national security and the societal public interest, protect the lawful rights and interests of citizens, legal persons, and other organizations, and promote the healthy and orderly development of internet information services.

Article 2: These provisions apply to the use of algorithmic recommendation technology to provide internet information services within the mainland territory of the People’s Republic of China. Where laws or administrative regulations otherwise provide, follow those provisions.

“Use of algorithmic recommendation technology” as used in the preceding paragraph refers to the use of algorithm technologies types such as generation and synthesis, individualized pushing, sequence refinement, search filtering, schedule decision-making, and so forth to provide users with information.

Article 3: The state internet information department is responsible for the overall planning and coordinating of the nation’s governance of algorithmic recommendation services and related oversight and management efforts. Based on their respective duties, relevant departments of the State Council, such as for telecommunications, public security, and market regulation, are responsible for efforts to oversee and manage algorithmic recommendation services.

Local internet information departments are responsible for the overall planning and coordinating the governance of algorithmic recommendation services and related oversight and management efforts within the corresponding administrative region. Based on their respective duties, relevant local departments such as for telecommunications, public security, and market regulation, are responsible for efforts to oversee and manage algorithmic recommendation services within the corresponding administrative region.

Article 4: The provision of algorithmic recommendation services shall obey laws and regulations, respect social mores and ethics, obey commercial and professional ethics, follow the principles of equity and fairness, openness and transparency, being rational and reasonable, and good faith.

Article 5: Relevant industry organizations are encouraged to strengthen industry discipline, establishing and completing industry standards, norms, and systems for self-discipline and management, urging and guiding algorithmic recommendation service providers to draft and improve service specifications, to provide services in accordance with law, and accept societal oversight.

Chapter II: Regulation of Information Services

Article 6: Algorithmic recommendation service providers shall persist in being oriented towards mainstream values, optimize mechanisms for algorithmic recommendation services, actively transmit positive energy, and promote the uplifting use of algorithms.

The providers of algorithmic recommendation services must not use algorithmic recommendation services to engage in activities that are prohibited by laws and administrative regulations, such as those that endanger national security or the societal public interest, disrupt economic and social order, or harm the lawful rights and interests of others; must not use algorithmic recommendation services to transmit information that is prohibited by laws and administrative regulations; and shall employ measures to prevent and stop the transmission of negative information.

Article 7: The providers of algorithmic recommendation services shall implement entity responsibility for algorithm security, establish and complete management systems and technical measures such as for checking algorithm mechanisms, technology ethics reviews, user registration, checking published information, data security, personal information protections, countering telecommunication network fraud, security assessments and monitoring, and emergency response and handling of security incidents; and draft and disclose the rules for algorithmic recommendation services, alloting professional staff and technical support corresponding to the scale of algorithmic recommendation services.

Article 8: The providers of algorithmic recommendation services shall periodically check, assess, and verify algorithm mechanisms, models, data, and outcomes, and must not set up algorithmic models that violate laws and regulations, or go against ethics and morals, such as by inducing users to become addicted or spend too much.

Article 9: The providers of algorithmic recommendation services shall strengthen the management of information security, establishing and completing a pool of characteristics used to identify illegal and negative content, and improve standards, rules, and procedures for inclusion in the pool. Where it is discovered that algorithmically generated or synthesized information is not conspicuously labeled, transmission may continue on after making a conspicuous label.

Where unlawful information is discovered, transmission shall be immediately stopped, and measures shall be employed to eliminate it or otherwise address it, stop the spread of the information, store relevant records, and report to the internet information departments and relevant departments. Where negative information is discovered, it shall be addressed in accordance with the relevant provisions on the management of the internet information content ecology.

Article 10: The providers of algorithmic recommendation services shall strengthen the management of user modeling and user labels, improving rules for recording the interests of user models and rules for managing user labels; keywords that are unlawful or negative information must not be used as recorded user interests or user labels used to push information.

Article 11: The providers of algorithm recommendation services shall strengthen the page ecological management of algorithm recommendation service pages, establish and improve mechanisms for manual intervention and users’ independent selections, and actively present information that comports with mainstream value orientations ​​in key steps such as the homepage, home screen, hot searches, selections, top content lists, and pop-up windows.

Article 12: The providers of algorithmic recommendation services are encouraged to comprehensively use strategies such as for eliminating duplicate content and for fragmentation and intervention, and optimize the transparency and explainability of rules for searches, sorting, selections, pushing, and displays, to avoid producing a negative impact on users, and to prevent and reduce contention and disputes.

Article 13: Where the providers of algorithmic recommendation services provide Internet news information services, they shall obtain Internet news information service permits in accordance with law, regulate the carrying out Internet news information collection and publication services, forwarding services, and transmission platform services, and must not generate or synthesize fake news information or transmit news information from units that are not within the scope provided by the state.

Article 14: The providers of algorithmic recommendation services must not use algorithms to register fake accounts, illegal trade accounts, manipulate user accounts, or give false likes, comments, or forwards; and must not use algorithms to interfere with information presentation such as by blocking information, making excessive reccomendations, manipulating the order of top content lists or search results, or controlling hot searches or selections, influencing online public opinion or evading oversight and management.

Article 15: The providers of algorithmic recommendation services must not use algorithms to unreasonably restrict other internet information service providers, or to obstruct and undermine the normal operation of the internet information services the lawfully provide, implementing a monopoly or unfair competition.

Chapter III: Protection of User’s Rights and Interests

Article 16: The providers of algorithmic recommendation services shall inform users in a conspicuous fashion of the circumstances of the algorithmic recommendation services provided, and display the algorithmic recommendation services’ basic principles, intended purposes, main operation mechanisms, and so forth in an appropriate manner.

Article 17: The providers of algorithmic recommendation services shall provide users with options not targetting their individual characteristics or provide users with convenient options to close algorithmic recommendation services. Where users select to close algorithmic recommendation services, the algorithmic recommendation service providers shall immediately stop providing those services.

The providers of algorithmic recommendation services shall provide users with functions for selecting or deleting user labels used in algorithmic recommendation services that target their personal traits.

Where algorithmic recommendation service providers’ use of algorithms causes a major impact on users’ rights and interests, they shall give an explanation and bear corresponding responsibility in accordance with law.

Article 18: Where the providers of algorithmic recommendation services provide services to minors, they shall perform obligations to protect minors online in accordance with law, and facilitate minors obtaining beneficial and healthy information through methods such as having modes appropriate for use by minors and providing services suited to the characteristics of minors.

The providers of algorithmic recommendation services must not push information to minors that might impact minors’ physical and psychological health such as possibly leading them to imitate unsafe behaviors and conduct contrary to social mores or inducing negative habits, and must not use algorithmic recommendation services to induce minors’ addiction to the internet.

Article 19: When the providers of algorithmic recommendation services provide seniors with services, they shall safeguard the rights and interests lawfully enjoyed by the seniors, fully consider the needs of seniors in travel, seeking medical care, spending, and handling affairs; provide smart services suited to seniors in accordance with relevant state provisions; carry out monitoring, recognition, and handling of information involving telecommunication network fraud, and facilitate seniors’ safe use of algorithmic recommendation services.

Article 20: Where the providers of algorithmic recommendation services provide work coordination services for laborers, they shall protect the laborers’ lawful rights and interests such as to receive salary and to rest and vacation, and establish and improve algorithms related to assigning orders, salary composition and payment, work times, rewards and penalties, and so forth.

Article 21: Where the providers of algorithmic recommendation services market goods or provide services to consumers, they shall protect the consumers’ rights to fair transactions and must not use algorithms to carry out unreasonable differentiation in treatment in terms of transaction prices or other transaction conditions or carry out other unlawful conduct, based on consumers preferences, transaction habits, or other traits.

Article 22: The providers of algorithmic recommendation services shall set up convenient and effective portals for user appeals and public complaints or reports, clarifying the process for handling them and time limits for giving feedback, to promptly accept and address them, and give feedback on the outcomes.

Chapter IV: Oversight and Management

Article 23: In conjunction with relevant departments such as for telecommunications, public security, and market regulation, the internet information department is to establish a hierarchical and categorical management system to conduct management by grade and category of algorithmic recommendation service providers based on the algorithmic recommendation services’ public sentiment attributes and capacity to mobilize the public, the content types, the scale of users, the importance of the data handled by the algorithmic recommendation technology, the degree of interference in user conduct, and so forth.

Article 24: Within 10 working days of beginning to provide services, algorithmic recommendation service providers that have public opinion properties or capacity for social mobilization shall provide the service provider’s name, service form, field of application, type of algorithm, algorithm self-assessment report, content to be displayed, and other such information through the internet information services algorithm filing system, and perform filing procedures.

Where algorithmic recommendation service providers’ recorded information changes, they shall complete modification procedures within 10 working days of the change.

Where algorithmic recommendation service providers terminate services, they shall handle procedures to deregister the records within 20 working days of the conclusion and make appropriate arrangements.

Article 25: After the state and provincial, autonomous region, or directly governed municipality internet information departments receive the materials for filing from a filer, where the materials are complete, they shall file them within 30 working days and issue a file index number and display them; where the materials are incomplete, they are not to file them, and shall notify the filer and explain the reasons within 30 working days.

Article 26: Algorithmic recommendation service providers that have completed recording shall indicate their record index number and provide links to displayed information in a conspicuous location in their websites or applications that provide external services.

Article 27: Algorithmic recommendation service providers that have public opinion properties or capacity for social mobilization shall carry out security assessments in accordance with relevant state provisions.

Article 28: In conjunction with relevant departments such as for telecommunications, public security, and market regulation, the internet information departments are to carry out security assessments and oversight inspections efforts on algorithmic recommendation services in accordance with law, promptly submit corrective opinions on issues that are discovered and set a time for corrections.

The providers of algorithmic recommendation services shall retain network logs in accordance with law, cooperate with the internet information, telecommunications, public security, and market supervision departments conducting security assessments and oversight inspections in accordance with law, and provide necessary technical and data support and assistance.

Article 29: Relevant bodies and personnel participating in security assessments and oversight inspections of algorithmic recommendation services shall strictly keep the confidentiality of personal private information, personal information, and commercial secrets that they learn of in performing their duties, and must not leak or unlawfully provide it to others.

Article 30: Where any organization or individual discovers conduct violating these Provisions, they may make a complaint or report it to the internet information departments and relevant departments. Departments receiving complaints or reports shall handle them promptly and in accordance with law.

Chapter V: Legal Responsibility

Article 31: Where laws and administrative regulations have provisions on violations by algorithmic recommendation service providers of articles 7, 8, paragraph 1 of article 9, articles 10, 14, 16, 17, 22, 24, or 26 of these provisions, follow those provisions; where laws and administrative regulations are silent, the internet information departments and relevant departments such as for telecommunications, public security, and market regulation are to give warnings and circulate criticism, and order that corrections be made in a set period of time, on the basis of their duties; where corrections are refused or the circumstances are serious, order a temporary suspension of information updates and give a fine of between 10,000 and 100,000 RMB. Where violations of public security are constituted, a public security administrative sanction is lawfully given; where a crime is constituted, criminal responsibility is to be pursued in accordance with law.

Article 32: Where algorithmic recommendation service providers violate article 6, paragraph 2 of article 9, articles 11, 13, 15, 18, 19, 20, 21, 27,, or paragraph 2 of article 28 of these Provisions, the internet information departments and relevant departments such as for telecommunications, public security, and market regulation are to address it on the basis of their duties and in accordance with relevant laws, administrative regulations, and department rules.

Article 33: Where algorithmic recommendation service providers with public opinion properties or capacity for social mobilization use improper tactics such as concealing relevant circumstances or providing false materials in filing, the state or provincial, autonomous region, or directly governed municipality internet information departments are to revoke the filings and give warnings and circulate criticism; where corrections are refused or the circumstances are serious, they are to order a suspension of information updates and give a concurrent fine of between 10,000 and 100,000 RMB.

Where algorithmic recommendation service providers with public opinion properties or capacity for social mobilization that conclude services fail to promptly handle procedures for deregistering filings in accordance with paragraph 3 of article 24 of these Provisions, or where they receive administrative punishments such as being ordered to close websites or having related operation permits or business licenses canceled, the state or provincial, autonomous region, or directly governed municipality internet information departments are to deregister their filings.

Chapter VI: Supplemental Provisions

Article 34: The State Internet Information Office, in conjunction with the Ministry of Industry and Information, Ministry of Public Security, and State Administration for Market Regulation, is responsible for interpreting these Provisions.

Article 35: These Provisions are to take effect on March 1, 2022.