Specifies safety requirements for generative AI services, focusing on corpus and model safety. Requires providers to conduct safety assessments and adhere to cybersecurity, data security, and personal information protection laws. Emphasizes preventing illegal content and ensuring model-generated content accuracy and reliability.
Analysis summaries, actor details, and coverage mappings were LLM-classified and may contain errors.
This is a binding technical standard issued by China's Standardization Administration that supports the Interim Measures for the Administration of Generative Artificial Intelligence Services. It contains mandatory requirements ('shall', 'must') with specific enforcement mechanisms including filing procedures, safety assessments, and compliance verification.
The document has good coverage of approximately 12-14 subdomains, with strong focus on misinformation (3.1, 3.2), malicious actors (4.1, 4.2, 4.3), discrimination and toxicity (1.1, 1.2), privacy and security (2.1, 2.2), AI system safety (7.1, 7.2, 7.3, 7.4), and governance (6.5). Coverage is concentrated in content safety, misuse prevention, and technical robustness domains.
The document governs generative AI services across multiple high-risk sectors including healthcare, finance, critical infrastructure, and education. It provides sector-specific safety requirements for medical information services, psychological counseling, financial information services, automatic control, and services for minors. The regulation applies broadly to all generative AI service providers operating in China.
The document comprehensively covers multiple AI lifecycle stages with primary focus on data collection/processing, model building, verification/validation, deployment, and operation/monitoring. It provides detailed requirements for corpus safety, model training, safety assessments, and ongoing monitoring of deployed systems.
The document explicitly covers generative AI services, AI models, and foundation models. It does not explicitly mention frontier AI, general purpose AI, task-specific AI, predictive AI, or compute thresholds. It addresses open-source models through corpus licensing requirements but does not use the term 'open-weight.' The focus is specifically on generative AI systems that produce text, graphics, audio, and video content.
National Technical Committee 260 on Cybersecurity of Standardization Administration of China; Chinese central government
The document is authored by National Technical Committee 260 on Cybersecurity under China's Standardization Administration, a government technical standards body. It explicitly supports the Interim Measures for the Administration of Generative Artificial Intelligence Services issued by the Chinese government.
main oversight department (主管部门); Standardization Administration of China
The document references the 'main oversight department' as the authority that receives filings and oversees compliance. Service providers must file with this department and submit assessment reports for review.
main oversight department (主管部门); third-party assessment agencies; in-house monitoring personnel
Monitoring is conducted at multiple levels: government oversight departments review filings and assessments, third-party agencies can conduct assessments, and providers must employ internal monitoring personnel to track content quality and safety.
Service providers of generative AI services; Organizations or individuals that provide generative AI services
The document explicitly targets 'service providers' defined as organizations or individuals providing generative AI services to the public within China. This includes both developers of foundation models and deployers of AI services.
17 subdomains (9 Good, 8 Minimal)