China internet regulator releases draft amendments to mobile app regulations

The Cybersecurity Administration of China (CAC) Wednesday published a draft of amendments to the Administrative Regulations on the Management of Mobile Internet Application Information Services issued in 2016. The draft contains 27 articles and places emphasis on data security, user privacy, and national security.

The rules govern app providers and distribution platforms, requiring them to abide by China’s Constitution, laws, and administrative regulations. These groups must now protect “public order,” enrich the spiritual and cultural life of their users, promote socialist core values, and adhere to the “correct political direction.” Apps cannot be used to engage in illegal activities, including anything that is deemed as “endangering national security, disrupting social order, or infringing on the legitimate rights and interests of others.”

Users registering for information release, instant messaging, or other services with apps must authenticate their identity through mobile phone numbers, identity card numbers, or unified social credit codes. App providers will also be prevented from providing services to users who provide false information or use the identity of other organizations or individuals for registration.

The rules control information dissemination by requiring app providers offering news services to obtain a license and prohibiting them from carrying news beyond the scope of the license. App providers are also prohibited from using false information, bundled downloads, or illegal information to induce users into downloading the app. In order to process data, they must fulfill data security requirements under Article 12. This also includes a provision against endangering national security, public interests, and the legal rights of individuals and organizations.

Compliance for app distributing platforms includes reviewing the application’s name, service, user behavior, collection of personal information, and the identity of the registered subject. Apps also can no longer use the Communist Party’s or country’s image mark. Where distributing platforms discover that an app contains hidden data security risks, violates personal information collection laws, or carries illegal information, they must de-platform the app.

Public feedback is sought till 20 January 2022. The new mobile app rules are the latest in the regulatory patchwork developed by the Chinese authorities to rein in the country’s technology sector. Since last year, the authorities have introduced new laws for personal data privacy, cybersecurity, facial recognition technology, and algorithm recommendation services.