State Cyberspace Office Releases “Administrative Regulations on Mobile Internet Application Information Services”

June 28, 2016

Source: China Netcom

The Cyberspace Administration of China issued the Provisions on the Administration of Mobile Internet Application Information Services (hereinafter referred to as the “Provisions“) on June 28. Relevant principal of the Cyberspace Administration of China stated that the release of the Provisions aims to strengthen the standardized management of mobile Internet application (APP) information services, promote the healthy and orderly development of the industry, and protect the legitimate rights and interests of citizens, legal persons and other organizations.

The relevant principal of the Cyberspace Administration of China introduced that applications have become the main carrier of mobile Internet information services and played an important role in providing people’s livelihood services and promoting economic and social development. At the same time, a small number of applications are used by criminals to spread violent terror, obscene pornography, rumors and other illegal information, and some of them are also involved in stealing privacy, malicious deductions, fraud and other behaviors that harm the legitimate rights and interests of users, which arouse a strong social reaction.

The Provisions clearly states that mobile Internet application providers should strictly preform their responsibility for information security management, establish and improve user information security protection mechanisms, guarantee users’ right to know and choose during installation or use, and respect and protect intellectual property rights.

The Provisions requires that mobile Internet application providers and Internet application store service providers must not use applications to engage in activities prohibited by laws and regulations, such as endangering national security, disrupting social order, or infringing on the legal rights and interests of others, and must not use applications to make, copy, publish and disseminate information prohibited by laws and regulations. At the same time, the Provisions encourages party and government agencies at all levels, enterprises, institutions and people’s organizations to actively use applications to promote government affairs public, provide public services, and promote economic and social development.

The relevant principal of the Cyberspace Administration of China emphasized that mobile Internet application providers and Internet application store service providers should effectively fulfill their management responsibilities, actively assume social responsibilities, consciously accept public supervision, and provide safe, high-quality, convenient, and practical information to Internet users service.

Relevant principal of the Cyberspace Administration of China answered reporters’ questions on the Provisions on the Administration of Mobile Internet Application Information Services

The Cyberspace Administration of China issued the Provisions on the Administration of Mobile Internet Application Information Services(hereinafter referred to as the “Provisions“) on June 28. The relevant principal of the Cyberspace Administration of China accepted an interview and answered questions of reporters on the relevant issues of the Provisions.

Q: Please tell us the background of the Provisions.

    A: At present, mobile Internet applications (APPs) have become the main carriers of mobile Internet information services, which have played an important role in providing livelihood services and promoting economic and social development. According to incomplete statistics, there are more than 4 million APPs on shelves in domestic application stores, and the number is still growing rapidly. At the same time, a small number of APPs have also been used by criminals to spread violent terror, obscene pornography and rumors and other illegal information, some of them are also involved in stealing privacy, malicious deductions, fraud and other acts that damage the legitimate rights and interests of users, which arouse a strong social reaction.

On the basis of in-depth research and extensive consultation, the Cyberspace Administration of China has issued the Provisions on the Administration of Mobile Internet Application Information Services, which is to strengthen the standardized management of APP information services based on the purpose of serving, facilitating and benefiting the people, and promote the industry development in a healthy and ordered way.

Q: Netizen reports that some applications spread harmful information such as violent terror, obscenity and false rumors, and the competent department should promptly “issue a warning”. What specific requirements does the Provisions have for APP information management?

A: The Provisions requires that mobile Internet application providers and Internet application store service providers must not use mobile Internet applications to engage in activities prohibited by laws and regulations, such as endangering national security, disrupting social order, or infringing on the legal rights and interests of others, and must not use application programs produce, copy, publish, and disseminate information content prohibited by laws and regulations.

To this end, the Provisions proposes that mobile Internet application providers should strictly implement their responsibility for information security management and perform “six obligations” in accordance with the law:

First, according to the principle of “real-name in the background and voluntary action in the front desk”, authenticating the identity information of registered users; second, establishing and improving a user information security protection mechanism; and third, establishing and improving a mechanism for auditing and managing information content to publish information content that violates laws and regulations by taking actions such as warnings, restricting functions, suspending updates, and closing accounts as appropriate; fourth, protecting users’ right to know and choose according to law; fifth, respecting and protecting intellectual property rights to not make or publish applications that infringe on others’ intellectual property rights; sixth, recording user log information and saving it for sixty days.

Q: It is understood that some APPs call mobile phone permissions at will, violate user privacy, publish false advertisements, and even conduct malicious deduction, deceiving and fraud. The users extremely hate this. What specific measures does the Provisions propose?

A: The Provisions specifically requires, for the protection of user personal information and legal rights and interests, that mobile Internet application providers should establish and improve user information security protection mechanisms. The collection and use of user personal information should follow the principles of lawfulness, justification and necessity, expressing its purpose, method and scope, with the consent of the user. The user’s right to know and choose during installation or use shall be guaranteed in accordance with the law. Functions that can collect geographical location, read contacts, use cameras, enable recording, etc. shall not be opened without the user’s consent, and functions unrelated to the service shall not be opened and unrelated applications must not be bundled.

Q: Nowadays, most users download applications through the application store. What kind of responsibilities do the Provisions specify for such “APP supermarkets”?

Answer: Internet application store service providers should perform “four management responsibilities” with application providers:

The first is to audit the application provider for authenticity, security, legality, etc., and establish a credit management system; the second is to urge the application provider to protect user information, provide complete instructions for the application to obtain and use user information, and present to users; the third is to urge application providers to publish legal information content, establish and improve a security audit mechanism, and equip professionals applicable for the size of the service; the fourth is to urge application providers to publish legitimate applications, respect and protect the application providers’ intellectual property.

Q: At present, mobile government is booming. What are the advocacy opinions of the Provisions?

A: The Provisions clearly proposes that the party and government agencies, enterprises, institutions and people’s organizations at all levels are encouraged to actively use mobile Internet applications to promote government affairs public, provide public services, and promote economic and social development.

 Q: Some netizen said that when they found bad information or reported bad applications, their complaints cannot be dealt with or no result can be gained. What are the requirements of the Provisions?

A: The Provisions requires that mobile Internet application providers and Internet application store service providers should cooperate with relevant departments in accordance with the supervision and inspection conducted by law, consciously accept social supervision, set up a convenient complaint window, and promptly handle public complaint reports.

    If the public is dissatisfied with the processing results or complaint reports are not smoothly, they can report to the Internet illegal and bad information reporting center (report website: www.12377.cn, report phone: 12377, report email: jubao@12377.cn).

Provisions on the Administration of Mobile Internet Application Information Services

Article 1 To strengthen the management of mobile Internet application (APP) information services, protect the legitimate rights and interests of citizens, legal persons and other organizations, and safeguard national security and public interests, according to the National People’s Congress Standing Committee’s Decision on Strengthening the Protection of Network Information  and the State Council’s Notice on Authorizing the Cyberspace Administration of China to Take Charge of Internet Information Content Management Work,  the Provisions is formulated.

Article 2 Providing information services and engaging in Internet application store services through mobile Internet applications within the territory of the People’s Republic of China shall comply with the Provisions.

The mobile Internet applications mentioned in the Provisions refers to application software that is obtained through pre-install, downloading, etc. and runs on mobile smart terminals to provide users with information services.

The mobile Internet application provider mentioned in the Provisions refers to the owner or operator of mobile Internet applications that provide information services.

The “Internet application store” mentioned in the Provisions refers to a platform that provides application software to browse, search, download, or develop tools and product release services through the Internet.

Article 3 The Cyberspace Administration of China is responsible for the supervision and law enforcement of the information content of mobile Internet applications nationwide. The local Internet information office is responsible for the supervision and law enforcement of the mobile Internet application information content within its administrative area in accordance with its duties.

Article 4 The party and government agencies, enterprises, institutions and people’s organizations at all levels are encouraged to actively use mobile Internet applications to promote open government affairs, provide public services, and promote economic and social development.

Article 5 To provide information services through mobile Internet applications, relevant qualifications required by laws and regulations shall be obtained in accordance with the law. When engaged in Internet application store services, it shall also file a record with the Internet Information Office of the province, autonomous region, or municipality directly under the Central Government within 30 days of its online operation.

Article 6 Mobile Internet application providers and Internet application store service providers shall not use mobile Internet applications to engage in activities prohibited by laws and regulations, such as endangering national security, disrupting social order, or infringing on the legal rights and interests of others, and shall not use mobile Internet applications to make, copy, publish, and disseminate information content prohibited by laws and regulations.

Article 7 Providers of mobile Internet applications shall strictly implement their responsibility for information security management and perform the following obligations in accordance with the law:

(I) According to the principle of “real-name in the background and voluntary action  in the front desk”, the registered users shall be authenticated based on their real identity information such as mobile phone numbers.

(II) Establish and improve the user information security protection mechanism. The collection and use of personal information of users shall follow the principles of lawfulness, justification, and necessity, expressing its purpose, method, and scope, with the consent of the user.

(III) Establish and improve the information content audit management mechanism, and take measures such as warnings, restricting functions, suspending updates and closing accounts,, to keep records and report to the relevant competent authorities as appropriate.

(IV) Protect the user’s right to know and choose during installation or use according to law. Without expressing to the user and their consent, functions such as collecting geographic locations, reading address books, using cameras, enabling recording must not be opened. Features not regulated to services must not be opened and irrelevant applications must not be bundled with.

(V) Respect and protect intellectual property rights, and applications that infringe on the intellectual property rights of others shall not be made or published.

(VI) Record user log information and keep it for 60 days.

Article 8 An Internet application store service provider shall perform the following management responsibilities to the application provider:

(I) Audit the authenticity, security, legality, etc. of application providers, establish a credit management system, and file it in classification with the Internet Information Office of the province, autonomous region, and municipality directly under the central government.

(II) Urge application providers to protect user information, provide complete instructions for applications to obtain and use user information, and present them to users.

(III) Urge application providers to publish legal information content, establish and improve a security audit mechanism, and equip professionals appropriate to the size of the service.

(IV) Urge application providers to publish legitimate applications and respect and protect the intellectual property rights of application providers.

For application providers that violate the provisions of the preceding paragraph, measures such as warnings, suspension of release, and removing applications off shelves shall be taken , as appropriate, to keep records and report to relevant authorities.

Article 9 The service provider of the Internet application store and the provider of the mobile Internet application shall sign a service agreement, clarify the rights and obligations of both parties, and jointly comply with laws and regulations and platform conventions.

Article 10 Mobile Internet application program providers and Internet application store service providers shall cooperate with relevant departments in conducting supervision and inspection in accordance with the law, consciously accept social supervision, set up convenient complaint windows, and promptly handle public complaint reports.

Article 11 The Provisions shall come into effect on August 1, 2016.