Last reviewed: April 9, 2026
Jurisdictions covered: China
Reading time: 13 minutes
This is a living tracker. We update it when new rules are issued.
Language note: Regulation names verified against original Chinese text on cac.gov.cn. English translations cross-referenced with DigiChina (Stanford) and China Law Translate.
CAC AI Rules Tracker: Every Regulation from 2017 to 2026
The Cyberspace Administration of China has issued or co-issued seven binding AI regulations since 2022. That is more than any other single regulator in the world.
The CAC does not wait for omnibus legislation. It issues targeted rules one at a time — algorithmic recommendations in March 2022, deepfakes in January 2023, generative AI in August 2023, content labeling in September 2025, facial recognition in June 2025 — each addressing a specific technology with specific obligations. By the time the EU finalized its AI Act in 2024, China already had three AI-specific rules in force and was enforcing them.
This tracker consolidates every CAC AI regulation in chronological order. For the full picture of Chinese AI regulation across all agencies, see our China AI Regulation 2026 guide.
Key Takeaways
- The CAC has issued 7 AI-specific rules since 2022, plus 3 more in draft as of April 2026. It co-issues rules with other agencies (MIIT, MPS, SAMR) but leads the drafting process for consumer-facing AI.
- 796 generative AI services have filed with the CAC as of February 2026, plus 6,000+ algorithm registrations across all categories. Filing is a pre-launch gate — no filing means no legal launch.
- Enforcement is campaign-based, not case-by-case. The February 2026 labeling crackdown penalized 13,421 accounts in a single sweep.
Master Tracker: Every CAC AI Rule (2017-2026)
In Force
| # | Rule (English) | Rule (Chinese) | Co-Issued With | Effective | Articles | Key Obligation | Status |
|---|---|---|---|---|---|---|---|
| 1 | Cybersecurity Law | 网络安全法 | NPC | Jun 1, 2017 (amended Jan 1, 2026) | 79 (original) | Network security; data localization; AI development safety clause (2026 amendment) | IN FORCE |
| 2 | Algorithmic Recommendation Provisions | 互联网信息服务算法推荐管理规定 | MIIT, MPS, SAMR | Mar 1, 2022 | 35 | Algorithm filing; user opt-out; price discrimination ban; minors protection | IN FORCE |
| 3 | Deep Synthesis Provisions | 互联网信息服务深度合成管理规定 | MIIT | Jan 10, 2023 | 25 | Mandatory labeling/watermarking; biometric consent; real-name verification; filing | IN FORCE |
| 4 | Generative AI Measures (Interim) | 生成式人工智能服务管理暂行办法 | NDRC, MOE, MOST, MIIT, MPS, NRTA | Aug 15, 2023 | 24 | CAC security assessment + filing before launch; training data compliance; content restrictions; API providers included | IN FORCE |
| 5 | AI Content Labeling Measures | 人工智能生成合成内容标识办法 | MIIT, MPS, SAMR | Sep 1, 2025 | 14 | Explicit + implicit labeling; metadata standards; platform verification duty | IN FORCE |
| 6 | Facial Recognition Measures | 人脸识别技术应用安全管理办法 | MPS | Jun 1, 2025 | 20 | Separate consent; on-device storage; alternatives required; registration at 100K persons; banned in private spaces | IN FORCE |
| 7 | AI Ethics Review Measures | 人工智能科技伦理审查与服务办法(试行) | MIIT + 8 agencies | Apr 2, 2026 | TBD | Mandatory ethics review: 6 areas (welfare, fairness, controllability, transparency, accountability, privacy) | IN FORCE |
Companion Standards (Mandatory)
| Standard | Title | Effective | Significance |
|---|---|---|---|
| GB 45438-2025 | Labeling Method for AI-Generated Content | Sep 1, 2025 | Mandatory (GB, not GB/T). Specifies watermark dimensions, audio marking (Morse “AI”), JSON metadata format |
| GB/T 45392-2025 | Security Requirements for Automated Decision-Making | Mar 28, 2025 | Implements PIPL Art. 24 at technical level. First Chinese standard on automated decision-making security |
| GB/T 45652-2025 | Security Specification for GenAI Training Data | Mar 28, 2025 | Companion to GenAI safety standard. Training data security requirements |
| TC260-003 | Basic Safety Requirements for Generative AI Services | Feb 29, 2024 (upgraded to national standard Nov 1, 2025) | Technical safety assessment baseline |
In Draft (Comment Period)
| Rule | Status | Expected | Key Provision |
|---|---|---|---|
| Interactive AI Services Measures (AI companions, chatbots) | Comment period open (late March 2026) | H2 2026 | 2-hour daily limits for minors; mandatory human takeover for self-harm; security assessment at 1M users or 100K MAU |
| Digital Virtual Person Measures (digital humans, avatars) | Comment period closes May 6, 2026 | H2 2026 | Mandatory labeling; consent for likeness/voice; ban on virtual intimate relationships with minors |
| SAMR Anti-Unfair Competition (AI-specific provisions) | Extraterritorial enforcement notice (March 30, 2026) | 2026 | Trade secrets expanded to cover algorithms, code, data |
Enforcement: Campaigns, Not Cases
The CAC does not enforce AI rules through individual administrative proceedings the way European regulators do. It uses campaigns — coordinated enforcement sweeps targeting a specific violation type across thousands of companies simultaneously.
Recent campaigns:
| Campaign | Period | Targets | Results |
|---|---|---|---|
| Clear and Bright: AI Technology Abuse | Apr-Jul 2025 | Deepfake misuse, AI spam, misinformation | Platforms required to implement controls |
| AI Content Labeling Enforcement | Feb 12, 2026 | Unlabeled AI-generated content | 13,421 accounts penalized; 543,000+ content pieces removed |
| Qinglang 2026 Spring Festival | Jan-Mar 2026 | AI-generated “digital slop” | 39,000+ accounts; 708,000+ content pieces removed |
The campaign model means enforcement arrives in waves. Between campaigns, compliance pressure is lower. But when a campaign targets your category, the scale is overwhelming — thousands of companies affected in weeks.
For the complete enforcement database including SAMR antitrust cases and PIPL data fines, see our China AI Enforcement tracker.
Other Chinese AI Regulators
The CAC leads consumer-facing AI regulation, but it is not the only player. Here is a quick map of who handles what beyond the CAC’s scope.
| Regulator | AI Domain | Key Rule/Action |
|---|---|---|
| MIIT | Industrial AI; AI ethics review (lead for 10-agency framework) | AI Ethics Review Measures (April 2026) |
| SAMR | Algorithmic pricing; AI antitrust; unfair competition | Anti-Monopoly Guidelines finalized Feb 2026; 5 AI enforcement cases |
| MOST | AI R&D policy; national strategy; ethics governance | AI Ethics Norms (2021); AI Plus Initiative (2025) |
| MPS | Facial recognition; AI in law enforcement | Co-issued Facial Recognition Measures with CAC |
| NMPA | Medical AI device approval | Pre-market classification and registration |
| PBOC | Fintech AI; credit scoring | Ant Group rectification (RMB 7.1B fine) |
| TC260 | Technical standards (labeling, security, training data) | GB 45438-2025; 48 new standards planned for 2026 |
For the full regulatory architecture, see our China AI Regulation 2026 guide.
Disclaimer: This content is for informational purposes only and does not constitute legal advice. Chinese AI regulation changes frequently and operates in Mandarin. Organizations should engage qualified legal counsel with China-specific expertise. Reg Intel is not a law firm and does not provide legal services.
Last verified: April 9, 2026
Compare: EU vs China
For the global keystone comparison across twelve dimensions — algorithm filing vs conformity assessment, content moderation conflicts, asymmetric extraterritoriality, enforcement philosophy, and a five-step dual-market compliance baseline — see EU vs China AI Regulation: Two Systems, Two Philosophies (2026).