On December 31, 2021, the Cyberspace Administration of China, the Ministry of Industry and Information Technology, the Ministry of Public Security, and the State Administration of Market Supervision and Administration jointly promulgated the Provisions on the Administration of Algorithm Recommendation for Internet Information Services (hereinafter, the “Provisions”), which shall go into effect on March 1, 2022. The Provisions are highlighted below:
I. General provisions
The Provisions apply to the application of algorithm recommendation technology in the People’s Republic of China to provide Internet information services (hereinafter, the “Algorithmic Recommendation Services”). The Cyberspace Administration of China is responsible for coordinating the governance and related supervision and administration of the Algorithm Recommendation Services nationwide. Local authorities for telecommunications, public security, market supervision, etc. will be responsible for the supervision and administration of the Algorithm Recommendation Services within their administrative regions to fulfill their respective responsibility. The provision of the Algorithm Recommendation Services shall comply with laws and regulations, respect social morality, conform to follow business ethics and professional ethics, follow the principles of justice and fairness, openness and transparency, science and reason, and sincerity and trustworthiness.
II. Regulation of information services
Providers of the Algorithm Recommendation Services shall adhere to the mainstream value orientation, optimize the algorithm recommendation service mechanism, actively spread positive energy, promote the application of algorithms for good cause, shall not use the Algorithm Recommendation Services to engage in illegal, infringing, and other acts, and shall implement relevant management systems and technical measures, formulate and disclose the rules related to the Algorithm Recommendation Services, and equip themselves with professional staff and technical support appropriate to the scale of the Algorithm Recommendation Services.
The Provisions contain several mandatory requirements for the providers of the Algorithm Recommendation Services as follows: they shall not set up any algorithm model to induce users to indulge themselves, excessively consume, or otherwise violate laws and regulations or ethics; shall establish and improve the feature databases used to identify illegal and undesirable information; shall not use an algorithm to falsely register accounts or illegal trading accounts, or manipulate user accounts or false likes, comments, retweets; and shall not use an algorithm to interfere with the presentation of information or conduct any act that affects online public opinion or evades supervision or administration, such as information blocking, excessive recommendations, manipulation of rankings or search results sorting, control of hot search or selection, etc.
III. Protection of user rights and interests
Providers of the Algorithm Recommendation Service shall inform the users in a conspicuous way of the status of its Algorithm Recommendation Services, provide the users with options that do not target their personal characteristics, or provide the users with a convenient option to turn off the Algorithm Recommendation Services.
Providers of the Algorithm Recommendation Services that provide services to minors shall fulfill the network protection obligations for minors in accordance with law; Providers of Algorithm Recommendation Services that provide services to the elderly shall protect the rights enjoyed by the elderly under the law by providing smart services suitable to the elderly. Providers of the Algorithm Recommendation Services that provide work scheduling services to workers shall protect the legitimate rights and interests of workers to obtain labor compensation, rest, leave, etc., and that sell products or provide services shall protect the fair trade right of the consumers.
IV. Supervision and administration
Cybersecurity agencies shall set up an algorithm classification security management system in conjunction with telecommunications, public security, market supervision, and other relevant agencies, and implement security assessment, supervision, and inspection of the Algorithm Recommendation Services in accordance with law. Providers of the Algorithm Recommendation Services with public opinion attributes or social mobilization capabilities shall, within 10 working days after the services are provided, handle the recordation formalities through the Internet information service algorithm recordation system, and conduct the security assessment pursuant to relevant state requirements. The personal privacy, personal information, and trade secrets learned by agencies and personnel that participate in the security assessment of the Algorithm Recommendation Services and the supervision and inspection of the relevant agencies and personnel in the performance of their duties shall be kept confidential in accordance with law, and shall not be divulged or illegally provided to others.
V. Legal liability
For providers of the Algorithm Recommendation Services that violate the Provisions, the cybersecurity agencies and telecommunications, public security, market supervision, and other relevant agencies shall, based on their authority, issue warnings, circulate a notice of criticism, order rectification within a specified period, order the suspension of information updates, revoke the recordation, or impose a fine of RMB 10,000 to RMB 100,000.