By Charmaine Tan
Globally, countries have begun moving towards a broader, singular legal framework that governs every aspect of AI; meanwhile, China has quietly done the opposite. While the 2025 legislative schedule was originally intended for AI policy consolidation, it was scrapped – its law now comprises a web of targeted rules. This allows for more flexibility, security, and greater industrial adoption. However, it also leaves legal gaps and contradictory rules.
China’s Intentional Push for a Decentralised AI Policy
The EU AI Act and Vietnam’s AI law are prime examples of the recent shift towards a singular, comprehensive AI policy framework. Many other countries are making this shift as well, with Brazil and Canada pending an overarching AI policy. However, China is bucking the trend with an intentional reversal to a decentralised set of AI policies.
Some of China’s AI regulations are as follows:
1. Compulsory AI labelling: AI-generated outputs must be tagged as such - both explicitly and via watermarks.
2. Amended Cybersecurity Law: Implemented in 2026, this law leverages specific provisions as well as a higher and tiered penalty system. It aims to streamline technological development without sacrificing security and ethics.
3. Bans on AI user anonymity: Anyone who uses Generative AI services in China is required to register with their real name to ensure accountability for the content generated.
4. “AI Plus” (AI+) initiative: China aims to increase AI adoption in various industries – particularly the use of AI agents in manufacturing – by 2027.
5. Higher technical standards enforced: Under the TC260 National Technical Standards, China has provided detailed compliance manuals that technology companies can reference to navigate the confusing array of AI laws.
6. Censored AI datasets: Public-facing AI models must pass a state security assessment before being released. These companies now have to spend on manual data scrubbing to align with China’s political ideologies.
The Benefits and Drawbacks
These laws are aimed at regulating AI risks. Although China’s decision may reduce the scope and strength of AI regulation, scrapping a comprehensive AI law allows for immediate control. It brings speed to the table; an overarching AI law would have possibly taken years to finalise, whereas multiple overlapping AI rules reduce this wait time. However, there are still shortcomings.
For one, the legal burden will be largely shouldered by technology companies and developers, who will be responsible for safety and compliance. This extends beyond China’s borders, as foreign AI companies that provide services to mainland China are also liable, as well as subject to penalties or restricted by the Great Firewall.
Corporate compliance is also made more difficult. Organisations are required to continuously monitor and comply with various protocols when there is no single, unified law to guide them. For example, hardware and infrastructure are handled by the Ministry of Industry and Information Technology, while ethical safety reviews are managed by the Ministry of Science and Technology.
Between compulsory assessments, data scrubbing, and regulatory adherence, smaller start-ups may struggle with juggling various ministries’ laws and the increased costs of compliance. China’s decision to police the nation’s AI usage through siloed targeted regulations instead of an overarching policy runs severe risks that critical gaps will be created between ministries.
The future of AI policy amidst China’s shift in focus
China’s move towards this ‘fragmented’ approach is a stark contrast to other countries doing the opposite. While it may help the country govern and adapt to rapidly advancing technology more quickly and effectively, it may create significant hurdles for organisations.
This model functions as a form of regulatory experimentation, and it remains to be seen if China will revert to its previous comprehensive AI law. The question awaiting to be answered is: Will this approach serve as a lesson for other nations, or will it give China the edge in the race towards AI governance?
China’s AI and data protection regulatory landscape is complex. If you are managing data privacy and compliance within the Chinese regulatory landscape, explore our IAPP CIPP/CN course to gain specialised expertise needed to lead data privacy efforts in one of the world's strictest regulatory environments.
Sources: The National People's Congress of the People's Republic of China, European Chinese Law Research Hub, GDPR Local, Nemko Digital, South China Morning Post, Mayer Brown, China Law Translate, Ministry of Foreign Affairs (People's Republic of China), Asiallians, IAPP, Carnegie Endowment for International Peace, Linklaters, ChinaTalk
