On 25 June 2016, the Cyberspace Administration of China (CAC) published its new Administrative Provisions on Internet Information Search Services (the “Search Provisions”). Three days later, the Administrative Provisions on Mobile Internet Applications Information Services (the “Mobile Provisions”) were released. Both Provisions will come into effect on 1 August 2016.
The Search Provisions impose several new obligations on Internet information search service providers (“Search Providers”), which are broadly defined as entities that “utilize computer technology to collect and process information on the Internet for retrieval by users”. This includes search engines and social media providers. Search Providers shall: (1) adopt information security management systems to enable the review and real-time inspection of the information by the relevant government agencies, and protection of personal information; (2) not post or allow obscene content and other content prohibited by laws; (3) block the search results prohibited by laws and report them to the CAC; (4) provide search results that are objective, impartial and authoritative; (5) mark paid search results and segregate them from natural search results; and (6) establish comprehensive systems for public complaints and reports.
The release of the Search Provisions was triggered by the death of a young man, who chose a hospital based on an Internet search on a Chinese search engine but received ineffective hospital treatment not yet fully approved.
The Mobile Provisions govern mobile Internet application providers (“Mobile Providers”) where mobile Internet applications refer to “application software obtained through pre-installation or downloads and which is used in mobile smart terminals to provide information services to users.” Mobile Providers need to satisfy six requirements when operating in China: (1) verify new app users’ mobile phone numbers and other identity information; (2) abide by the principles of legality, propriety and necessity when collecting and processing personal data; (3) have sanctions in place for users who publish content that violates applicable laws and regulations, and report the same to the relevant government agencies; (4) not access location, address books, cameras, audio recording or other functions unrelated to the service provided or bundle the application with unrelated applications without users’ express consent; (5) respect and protect intellectual property rights (“IP”); and (6) record user logs and keep them for at least sixty days.
The Mobile Provisions also impose some similar obligations on mobile Internet application stores (“Mobile Stores”). For example, Mobile Stores are required to share management responsibilities by verifying the legitimacy of the Mobile Providers and requiring them to respect users’ privacy and IP rights.
The Mobile Provisions are aimed to curtail the use of mobile apps that incite violence, terrorism, fraud, or pornography, or infringe users’ privacy according to the CAC. The number of mobile Internet users in China stood at 619 million in 2015 and over four million mobile applications are currently available from domestic Mobile Stores with the number increasing rapidly.
While both Provisions impose obligations on providers to sanction content and report violations to government agencies, they do enhance users’ overall online privacy and IP. Specifically, the requirement that express consent must be given before accessing certain functions of a mobile device may prove critical in managing any threats to mobile privacy.