Chapter I: General Provisions
Article 1: In order to regulate mobile internet application (hereinafter "application") information services, to protect the lawful rights and interests of citizens, legal persons, and other organizations, and to preserve national security and the public interest, on the basis of the "Cybersecurity Law of the People's Republic of China", "Data Security Law of the People's Republic of China", "Personal Information Protection Law of the People's Republic of China", "Law of the People's Republic of China on the Protection of Minors", "Measures on the Administration of Internet Information Services", "Provisions on the Management of Internet News Information Services", " Provisions on the Governance of the Online Information Content Ecosystem" and other laws, administrative regulations, and relevant state provisions, these Provisions are drafted.
Article 2: These Provisions shall be complied with in the provision of application information services within the mainland territory of the People's Republic of China, as well as engaging in application distribution services such as internet app stores.
"Application information services" as used in these Provisions refers to activities that provide users with services such as the production, reproduction, publication, and dissemination of text, pictures, voice, and video information through applications, including instant messaging, news information, knowledge quizzes, forum communities, webcasts, e-commerce, online audio and video, and life services.
"Application distribution services" as used in these Provisions refers to activities that provide services such as the publishing, downloading, and dynamic loading of applications over the internet, including types such as app stores, quick application centers, internet mini program platforms, and browser plug-in platforms.
Article 3: The State Internet Information Department is responsible for efforts to oversee and manage the nation's application information content. On the basis of their duties, local internet information departments are responsible for oversight and management of application information content within that administrative region.
Article 4: Application providers and application distribution platforms shall comply with the Constitution, laws, and administrative regulations, carry forward the Core Socialist Values, adhere to the correct political orientation, public opinion orientation, and value orientation, follow public order and good customs, perform social responsibilities, and preserve a clean cyberspace.
Application providers and application distribution platforms must not use applications to engage in activities prohibited by laws and regulations, such as endangering national security, disrupting social order, or infringing upon the lawful rights and interests of others.
Article 5: Application providers and application distribution platforms shall perform entity responsibility for information content management, actively cooperate with the state in implementing the online trusted identity strategy, establish and complete management systems such as for information content security management, governance of the information content ecosystem, data security and personal information protection, and protection of minors, to ensure network security and maintain a positive online ecology.
Chapter II: Application Providers
Article 6: Where application providers provide users with services such as information publication and instant messaging, they shall conduct verification of the real identity information of users applying for registration based on methods such as mobile phone numbers, identification numbers, or uniform social credit codes. Where users do not provide real identity information, or fraudulently use the identity information of organizations or others to make false registrations, they must not be provided with relevant services.
Article 7: Where application providers provide Internet news information services through applications, they shall obtain Internet news information service permits, and it is prohibited to carry out Internet news information service activities without permission or beyond the scope of the permit.
Where application providers providing other internet information services are required to obtain the review and consent of the relevant regulatory departments or obtain relevant permits in accordance with law, the services may only be provided after the relevant regulatory departments have reviewed and approved or obtained the relevant permits.
Article 8: Application providers shall be responsible for the results of the presentation of information content, must not produce or disseminate illegal information, and conscientiously prevent and resist negative information.
Application providers shall establish and complete mechanisms for the review and management of information content, establish and improve management measures such as for user registration, account management, information review, routine inspections, and emergency response, and allocate professional personnel and technical capacity appropriate to the scale of services.
Article 9: Application providers must not use conduct such as false publicity, bundled downloads, or methods such as machine or manual brushing, volume brushing, or control of evaluations, or the use of illegal or negative information to induce users to download.
Article 10: Applications shall comply with the mandatory requirements of relevant national standards. When application providers discover that applications have security flaws, vulnerabilities, or other risks, they shall immediately employ remedial measures, promptly inform users in accordance with provisions, and report to the relevant regulatory departments.
Article 11: Application providers carrying out application data handling activities shall perform data security protection obligations, establish and complete data security management systems for the entire process, employ technical and other security measures to ensure data security, strengthen risk monitoring, and must not endanger national security or the public interest, and must not harm the lawful rights and interests of others.
Article 12: Application providers handling personal information shall follow the principles of legality, legitimacy, necessity, and good faith, have a clear and reasonable purpose, and disclose the rules for handling, comply with relevant provisions on the scope of necessary personal information, regulate personal information handling activities, and employ necessary measures to ensure the security of personal information, and must not compel users' consent to the handling of personal information for any reason, and must not refuse users to use their basic functions and services because users do not agree to provide unnecessary personal information.
Article 13: Application providers shall adhere to the principle of the best interests of minors, pay attention to the healthy growth of minors, perform all obligations to protect minors online, strictly implement requirements for the registration and login of minors' users' accounts in accordance with law, must not provide minors with products and services that induce them to indulge in any form, and must not produce, reproduce, publish, or transmit information containing content that endangers minors' physical and psychological health.
Article 14: Where application providers launch new technologies, new applications, or new functions that have public opinion attributes or capacity for social mobilization, they shall conduct security assessments in accordance with relevant state provisions.
Article 15: Application providers are encouraged to actively use Internet Protocol version 6 (IPv6) to provide information services to users.
Article 16: Application providers shall draft and disclose management rules on the basis of laws, regulations, and relevant state provisions, sign service agreements with registered users, and clarify the relevant rights and obligations of both parties.
For registered users who violate these Provisions, relevant laws, regulations, and service agreements, application providers shall employ measures such as warnings, restricting functions, and closing accounts in accordance with laws and agreements, and shall keep records and report to the relevant regulatory departments.
Chapter III: Application Distribution Platforms
Article 17: Application distribution platforms shall file with the internet information department of the province, autonomous region, or directly governed municipality for the area within 30 days of going live and operation. The following materials shall be submitted when filing for the record:
(1) The basic circumstances of the platform operating entity;
(2) Information such as the platform's name, domain name, access services, service qualifications, and types of applications on the shelves;
(3) Materials such as for-profit internet information service licenses or non-for-profit internet information service filings obtained by the platform;
(D) Article 5 of these provisions requires the establishment of a sound relevant system documents;
(5) Platform management rules, service agreements, and so forth.
After the provincial, autonomous region, or directly governed municipality internet information departments receive the filing materials, they shall file them where the materials are complete.
The state internet information department is to promptly publish a list of application distribution platforms that have already completed filing formalities.
Article 18: Application distribution platforms shall establish categorical management systems, carry out categorical management of applications that are put on the shelves, and file applications with the internet information departments of the provinces, autonomous regions, or directly governed municipalities where they are located by category.
Article 19: Application distribution platforms shall employ measures such as composite verification to conduct verification of the real identity information of application providers applying for listing based on a combination of methods such as mobile phone numbers, ID numbers, or uniform social credit codes. Based on the nature of the application provider's different entities, display information such as the provider's name and uniform social credit code, to facilitate societal oversight and inquiries.
Article 20: Application distribution platforms shall establish and complete management mechanisms and technical means, and establish and improve management measures such as for listing reviews, routine management, and emergency response.
Application distribution platforms shall conduct a review of applications that apply to be put on the shelves or updated, and must not provide services to applications where they are found to have illegal or negative information in their names, icons, or profiles, that do not match the real identity information of the registered entity, or that there are violations of laws or regulations in the type of business.
Where the information services provided by applications are within the scope provided for in article 7 of these Provisions, the application distribution platform shall conduct a verification of the relevant permits and other such circumstances, and where it is within the scope of article 14 of these Provisions, the application distribution platform shall conduct a verification of the security assessment.
Application distribution platforms shall strengthen routine management of applications on the shelves, and must not provide services to those that contain illegal or negative information, falsify data such as the number of downloads and evaluation indicators, have potential data security risks, collect and use personal information in violation of laws and regulations, harm the lawful rights and interests of others, and so forth.
Article 21: Application distribution platforms shall draft and disclose management rules on the basis of laws, regulations, and relevant state provisions, and sign service agreements with application providers, clarifying the rights and obligations of both parties.
For applications that violate these Provisions, relevant laws, regulations, and service agreements, the application distribution platform shall employ measures such as warnings, suspension of services, and removal from the shelves in accordance with laws and agreements, and shall keep records and report to the relevant regulatory departments.
Chapter IV: Supervision and Management
Article 22: Application providers and application distribution platforms shall conscientiously accept societal oversight, set up conspicuous and convenient portals for complaints and reports, publish methods for complaints and reports, complete mechanisms such as for acceptance, handling, and feedback, and promptly handle public complaints and reports.
Article 23: Internet industry organizations are encouraged to establish and complete industry self-discipline mechanisms, draft and improve industry norms and self-discipline conventions, guide member units to establish and complete service specifications, provide information services in accordance with laws and regulations, preserve market fairness, and promote the healthy development of the industry.
Article 24: Internet information departments, in conjunction with relevant regulatory departments, are to establish and complete working mechanisms, overseeing and guiding application providers and application distribution platforms in engaging in information service activities in accordance with laws and regulations.
Application providers and application distribution platforms shall cooperate with oversight and inspections carried out by internet information departments and relevant regulatory departments in accordance with law, and provide necessary support and assistance.
Article 25: Where application providers and application distribution platforms violate these Provisions, the internet information departments and relevant regulatory departments are to handle it in accordance with relevant laws and regulations within the scope of their duties.
Chapter V: Supplementary Provisions
Article 26: "Mobile Internet applications" as used in these Provisions refers to application software that runs on mobile smart terminals to provide information services to users.
"Mobile internet application providers" as used in these Provisions refers to mobile internet application owners or operators that provide information services.
"Mobile Internet Application Distribution Platforms" as used in these Provisions refers to Internet information service providers that provide distribution services such as publishing, downloading, and dynamically loading mobile Internet applications.
Article 27: These Provisions take effect on August 1, 2022. The "Provisions on the Management of Mobile Internet Application Information Services" promulgated on June 28, 2016 shall be repealed at the same time.
Source: China Network Information Network, Yangtze River Cloud
!["4.15" National Security Laws and Regulations Prize Answering Competition[fig]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)