China’s amended Cybersecurity Law, effective January 1, 2026, explicitly references AI and adds requirements for AI security reviews and data localisation. Separate AI Labeling Rules require service providers to add explicit and implicit labels to AI-generated content across platforms. The National Data Administration expects to issue 30 or more new standards in 2026 covering AI agents, high-quality datasets, and public data infrastructure. China’s governance approach is state-directed, balancing innovation incentives with security, content control, and intellectual property protection.
Who it affects: AI service providers operating in or serving users in China. International companies face data localisation requirements. The labeling rules affect any platform publishing AI-generated content to Chinese users.
What is notably missing: No requirement for AI ethics education or workforce training in the public interest. Governance is oriented toward state security, content labeling, and data control rather than equipping citizens or workers to critically evaluate AI systems or participate in decisions about their governance.