The Regulations on the Management of Information Services for Mobile Applications

Release Date: 2022-06-14

Effective Date: 2022-08-01

Source: https://www.gov.cn/xinwen/2022-06/14/content_5695690.htm

Original Title: 移动互联网应用程序信息服务管理规定

The Regulations on the Management of Information Services for Mobile Applications

Chapter 1 General Principles

Article 1 In order to regulate the information services of mobile internet applications (hereinafter referred to as "applications"), protect the legitimate rights and interests of citizens, legal persons, and other organizations, and maintain national security and public interest, these regulations are formulated in accordance with the "Cybersecurity Law of the People's Republic of China," the "Data Security Law of the People's Republic of China," the "Personal Information Protection Law of the People's Republic of China," the "Minor Protection Law of the People's Republic of China," the "Regulations on the Administration of Internet Information Services," the "Regulations on the Administration of Internet News Information Services," the "Regulations on the Ecological Governance of Network Information Content," and other relevant laws, administrative regulations, and national provisions.

Article 2 Any provision of application information services within the territory of the People's Republic of China, as well as the distribution services of applications through internet application stores, shall comply with these regulations.

The application information services referred to in these regulations are activities that provide users with services for the creation, reproduction, publication, dissemination, and other activities of information such as text, images, voice, and video through applications. This includes instant messaging, news information, knowledge Q&A, forum communities, live streaming, e-commerce, online audio and video, and life services.

The application distribution services referred to in these regulations are activities that provide services for the release, download, dynamic loading, and other aspects of applications via the internet, including application stores, quick application centers, internet mini-program platforms, browser plug-in platforms, and others.

Article 3 The national internet information department is responsible for the supervision and management of application information content nationwide. Local internet information departments shall supervise and manage application information content within their respective administrative regions according to their responsibilities.

Article 4 Application providers and application distribution platforms shall comply with the Constitution, laws, and administrative regulations, promote the core socialist values, adhere to the correct political direction, public opinion orientation, and value orientation, follow public order and good customs, fulfill social responsibilities, and maintain a clear online space.

Application providers and application distribution platforms shall not use applications to engage in activities that harm national security, disrupt social order, or infringe upon the legitimate rights and interests of others as prohibited by laws and regulations.

Article 5 Application providers and application distribution platforms shall fulfill their principal responsibility for information content management, actively cooperate with the state in implementing the trusted identity strategy for the internet, establish and improve systems for information content security management, ecological governance of information content, data security, personal information protection, and minor protection, ensure network security, and maintain a good online ecology.

Chapter 2 Application Providers

Article 6 Application providers offering information publishing, instant messaging, and other services shall conduct real identity verification of registered users based on mobile phone numbers, ID card numbers, or unified social credit codes. Users who do not provide real identity information or who falsely register using the identity information of organizations or others shall not be provided with relevant services.

Article 7 Application providers offering internet news information services through applications must obtain a permit for internet news information services and are prohibited from engaging in internet news information service activities without a permit or beyond the scope of the permit.

For other internet information services provided by application providers, those that require approval or relevant permits from the competent authorities must obtain such approval or permits before providing services.

Article 8 Application providers shall be responsible for the presentation of information content and shall not produce or disseminate illegal information, actively preventing and resisting harmful information.

Application providers shall establish and improve mechanisms for information content review management, and implement comprehensive management measures for user registration, account management, information review, daily inspections, and emergency responses, equipping themselves with professional personnel and technical capabilities commensurate with the scale of their services.

Article 9 Application providers shall not engage in false advertising, bundled downloads, or manipulate rankings and metrics through machines or manual means, nor induce users to download by utilizing illegal and harmful information.

Article 10 Applications shall comply with the mandatory requirements of relevant national standards. When application providers discover security flaws, vulnerabilities, or other risks in their applications, they shall take immediate remedial measures and promptly inform users and report to the relevant competent authorities as required.

Article 11 Application providers conducting data processing activities shall fulfill their obligations for data security protection, establish and improve data security management systems throughout the entire process, adopt technical measures and other security measures to ensure data security, enhance risk monitoring, and shall not harm national security, public interest, or the legitimate rights and interests of others.

Article 12 When processing personal information, application providers shall adhere to the principles of legality, legitimacy, necessity, and good faith, have clear and reasonable purposes, and publicly disclose processing rules. They shall comply with relevant regulations regarding the necessary scope of personal information, standardize personal information processing activities, adopt necessary measures to ensure personal information security, and shall not coerce users into consenting to personal information processing for any reason. They shall not refuse users access to basic functional services due to their refusal to provide non-essential personal information.

Article 13 Application providers shall adhere to the principle that is most beneficial to minors, focus on the healthy growth of minors, fulfill all obligations for the online protection of minors, strictly implement the requirements for the registration and login of real identity information for minor users, and shall not provide any products or services that induce minors to become addicted in any form. They shall not produce, reproduce, publish, or disseminate information that contains content harmful to the physical and mental health of minors.

Article 14 When application providers launch new technologies, applications, or functions with public opinion attributes or social mobilization capabilities, they shall conduct safety assessments in accordance with national regulations.

Article 15 Application providers are encouraged to actively adopt Internet Protocol version 6 (IPv6) to provide information services to users.

Article 16 Application providers shall formulate and publicly disclose management rules in accordance with laws and regulations and relevant national provisions, and sign service agreements with registered users to clarify the relevant rights and obligations of both parties.

For registered users who violate these regulations and relevant laws, regulations, and service agreements, application providers shall take measures such as warnings, restricting functions, or closing accounts in accordance with the law and the agreements, maintain records, and report to the relevant competent authorities.

Chapter 3 Application Distribution Platforms

Article 17 Application distribution platforms shall file with the internet information department of the province, autonomous region, or municipality directly under the central government within thirty days of commencing operations. When filing, the following materials shall be submitted:

1. Basic information about the platform operator;
2. Information about the platform name, domain name, access services, service qualifications, categories of listed applications, etc.;
3. Materials related to the operating internet information service permit or non-operating internet information service filing obtained by the platform;
4. Relevant documents establishing and improving the systems required in Article 5 of these regulations;
5. Platform management rules, service agreements, etc.

The internet information department of the province, autonomous region, or municipality shall file the application if the materials are complete.

The national internet information department shall promptly publish a list of application distribution platforms that have completed filing procedures.

Article 18 Application distribution platforms shall establish a classified management system and implement classified management of the applications listed on their platforms, filing applications with the internet information department of the province, autonomous region, or municipality according to their categories.

Article 19 Application distribution platforms shall adopt composite verification measures to conduct real identity verification of application providers applying for listing based on mobile phone numbers, ID card numbers, or unified social credit codes. According to the different nature of the application providers, they shall publicly disclose the provider's name, unified social credit code, and other information to facilitate social supervision and inquiry.

Article 20 Application distribution platforms shall establish and improve management mechanisms and technical means, and implement comprehensive management measures for listing reviews, daily management, and emergency responses.

Application distribution platforms shall review applications applying for listing and updates. If they discover that the application name, icon, or description contains illegal and harmful information, is inconsistent with the registered entity's real identity information, or involves illegal business types, they shall not provide services for such applications.

If the information services provided by the application fall within the scope specified in Article 7 of these regulations, the application distribution platform shall verify the relevant permits; if it falls within the scope specified in Article 14 of these regulations, the application distribution platform shall verify the safety assessment situation.

Application distribution platforms shall strengthen daily management of listed applications and shall not provide services for applications that contain illegal and harmful information, falsify download volumes or evaluation metrics, present data security risks, illegally collect and use personal information, or infringe upon the legitimate rights and interests of others.

Article 21 Application distribution platforms shall formulate and publicly disclose management rules in accordance with laws and regulations and relevant national provisions, and sign service agreements with application providers to clarify the relevant rights and obligations of both parties.

For applications that violate these regulations and relevant laws, regulations, and service agreements, application distribution platforms shall take measures such as warnings, suspending services, or delisting in accordance with the law and the agreements, maintain records, and report to the relevant competent authorities.

Chapter 4 Supervision and Management

Article 22 Application providers and application distribution platforms shall consciously accept social supervision, set up prominent and convenient complaint reporting channels, publicize complaint reporting methods, and improve mechanisms for receiving, processing, and feedback, promptly addressing public complaints and reports.

Article 23 Internet industry organizations are encouraged to establish and improve industry self-discipline mechanisms, formulate and perfect industry norms and self-discipline agreements, and guide member units to establish and improve service standards, provide information services in accordance with laws and regulations, maintain market fairness, and promote the healthy development of the industry.

Article 24 The internet information department, in conjunction with relevant competent authorities, shall establish and improve work mechanisms to supervise and guide application providers and application distribution platforms in conducting information service activities in accordance with laws and regulations.

Application providers and application distribution platforms shall cooperate with the supervision and inspection carried out by the internet information department and relevant competent authorities in accordance with the law, and provide necessary support and assistance.

Article 25 If application providers and application distribution platforms violate these regulations, they shall be dealt with by the internet information department and relevant competent authorities in accordance with relevant laws and regulations within their scope of responsibility.

Chapter 5 Supplementary Provisions

Article 26 The term "mobile internet applications" as used in these regulations refers to application software that operates on mobile intelligent terminals to provide information services to users.

The term "mobile internet application providers" as used in these regulations refers to the owners or operators of mobile internet applications that provide information services.

The term "mobile internet application distribution platforms" as used in these regulations refers to internet information service providers that offer distribution services such as application release, download, and dynamic loading for mobile internet applications.

Article 27 These regulations shall come into effect on August 1, 2022. The "Regulations on the Management of Information Services for Mobile Internet Applications" promulgated on June 28, 2016, shall be simultaneously repealed.