Yanting Pei and Teresa Huang
The Cyberspace Administration of China issued the newly revised Provisions on the Administration of Information Services of Mobile Internet Apps (hereinafter referred to as the “Provisions”) on June 14, 2022, which comes into effect on August 1, 2022. The Provisions have a total of twenty-seven articles, and revised almost the full text of the Provisions issued in 2016, mainly covering the subject responsibility of information content management, real identity information authentication, classified management, industry self-regulation, public monitoring and administrative management. For practitioners, it is recommended to focus on the following content:
I. Redefined the information services of Apps and Apps distribution services
Information services of Apps:
means the activities of providing users with production, copying, publishing, spreading and other services of text, picture, voice, video and other information through Apps, including instant messaging, news, knowledge Q&A, forums, online live broadcast, e-commerce, online audio and video, life services and other types.
Apps distribution services:
means the activities of providing services such as release, downloading, and dynamic loading of Apps through the Internet, including Apps stores, quick Apps centers, Internet applet platforms, browser plug-in platforms, and other types.
II. Main compliance obligations of Apps providers
1. To verify user identity information
According to the Provisions, an App provider providing users with services such as information release and instant messaging shall authenticate the real identity information on users applying for registration. Relevant services shall not be provided for users that do not provide real identity information or that falsely use organizations and others’ identity information for false registration.
2. To obtain the administrative license approval for relevant information services
An App provider providing Internet news information services through an App shall obtain a permit for Internet news information services; and if an App provider providing other Internet information services is subject to the review and approval of the relevant competent departments or is required to obtain the relevant license according to law, such services may be provided only after being approved by the relevant competent departments or having obtained the relevant license.
3. To examine the information content presented
The Provisions stipulate that Apps information service providers shall be responsible for the results of information content presented, shall not produce and disseminate illegal information, shall consciously prevent and resist bad information, and shall establish the appropriate information content examination management mechanism.
4. To fulfill the obligations of cyber security, data security and personal information protection
Most importantly, the new Provisions have added the obligations of Apps providers to maintain cyber security and data security and to protect personal information security. Practitioners should pay attention to the relevant provisions, and fulfill the corresponding responsibilities.
III. Main compliance obligations of Apps distribution platforms
1. To promptly file with local cyberspace administrations after going live for operation
According to the Provisions, Apps distribution platforms shall file with the cyberspace administrations of the provinces, autonomous regions, and municipalities directly at the places where they are located within 30 days after going live for operation.
2. To authenticate the real identity information of Apps providers applying for hitting the shelves
The Provisions provide that Apps distribution platforms shall take measures such as composite authentication to authenticate the real identity information of Apps providers applying for distribution through such APP platform by combining a variety of ways. Apps distribution platforms shall, based on the different subject nature of Apps providers, disclose the name, unified social credit code and other information of the Apps providers to facilitate public monitoring and query.
3. To establish and improve the management system
The Provisions also point out that Apps distribution platforms shall establish and improve the management mechanism and technical means to set up and perfect the management measures such as examination of application for distribution in the platform, daily management and emergency disposal etc.
On top of that, the Provisions also require Apps providers and Apps distribution platforms to enter into relevant service agreements with users and to set up the corresponding complaint reporting portals.
In general, the Provisions mainly require that Apps providers and Apps distribution platforms shall perform the subject responsibility of information content management, actively cooperate with the State in implementing the strategy of credible identity in cyberspace, and establish and improve the security management and ecological governance of information content, protection of data security and personal information, protection of minors and other management systems to ensure cyber security and maintain a sound network ecology. Apps providers and Apps distribution platforms should pay attention to checking whether they meet the corresponding requirements in accordance with the Provisions, and update the corresponding internal management systems and product content in a timely manner to avoid non-compliance, which may bring negative impact to the enterprises.