China Deep Synthesis Regulations

Issued by

Cyberspace Administration of China (CAC), Ministry of Industry and Information Technology (MIIT), Ministry of Public Security (MPS)

liveEffective 2023-01-10Deep Synthesis ProvisionsVerified April 2026

Official document →

China's Provisions on the Administration of Deep Synthesis Internet Information Services regulate the development, distribution, and use of deep synthesis technologies-including AI-generated or AI-manipulated text, images, audio, video, and virtual humans-by service providers and users operating in or targeting China. They impose labelling, registration, security-assessment, and content-moderation obligations.

Applies To

Technology companies and AI developers in China offering any generative-media, voice-synthesis, face-swap, or virtual-avatar functionalityDomestic and international platforms distributing user-generated content that may include AI-synthesised mediaAdvertising agencies and brand owners using AI-generated or AI-modified imagery, voice, or video of real persons for campaigns targeting Chinese consumersMedia, entertainment, and streaming companies deploying AI dubbing, de-aging, or virtual presenter technologies for Chinese-market contentCustomer experience and contact-centre operators using AI-generated voice or avatar agents to interact with users in ChinaGaming companies and metaverse platform operators using deep synthesis to create or animate virtual characters or scenesNews and journalism platforms distributing AI-assisted or AI-generated articles, headlines, or multimedia in ChinaAPI providers and model vendors whose deep synthesis capabilities are integrated into third-party products serving the Chinese marketMultinational enterprises with any product feature, workflow, or third-party integration that generates synthetic media accessible to users in China

Overview

The Provisions on the Administration of Deep Synthesis Internet Information Services (《互联网信息服务深度合成管理规定》) were promulgated jointly by the Cyberspace Administration of China, the Ministry of Industry and Information Technology, and the Ministry of Public Security. They came into effect on 10 January 2023. The provisions define 'deep synthesis' broadly to encompass any technology that uses deep learning, virtual reality, or related techniques to generate or materially alter text, images, audio, video, virtual scenes, or virtual persons. This definition captures generative AI models, voice cloning, face swapping, lip-sync manipulation, text-to-image systems, AI-generated avatars, and similar capabilities. The regulations apply to deep synthesis service providers-entities that develop or operate platforms offering deep synthesis tools-and to deep synthesis users who deploy those tools to create or disseminate content. The framework sits within China's broader AI content governance architecture, which includes the Generative AI Measures (effective August 2023), the Algorithm Recommendation Provisions (effective March 2022), and the overarching Cybersecurity Law and Data Security Law. Enterprises with any deep synthesis product, feature, or workflow touching users in China-whether operating domestically or cross-border-must assess whether the provisions apply to their technical stack and content supply chain. Particular attention is required for enterprises using third-party AI-generated content APIs, synthetic media in advertising, AI avatars in customer service, and AI-generated dubbing or subtitling.

Key Requirements

•Deep synthesis service providers must implement real-name registration for users, verifying identity before permitting access to synthesis tools.
•Synthetic content that could cause public confusion must carry a visible and non-removable label disclosing its AI-generated or AI-modified nature; providers must embed imperceptible technical watermarks in addition to visible labels.
•Providers must not be used to create or disseminate disinformation, fake news, content that endangers national security, content that defames individuals, or content that infringes on personal information or portrait rights.
•Content generated using the likeness, voice, or biometric data of a real person requires the prior explicit consent of that individual.
•Providers that reach significant-influence thresholds must complete a security assessment with the CAC and register their algorithms with the authority.
•Providers must maintain logs of deep synthesis activities, including user identity records and content metadata, for a minimum prescribed period (typically not less than six months in connected regulations, and consistent with Cybersecurity Law obligations).
•Providers must implement content-moderation systems capable of detecting and blocking prohibited deep synthesis outputs before distribution.
•Training data used to build deep synthesis models must be sourced lawfully, respecting intellectual property rights and personal-information-protection obligations under PIPL and the Data Security Law.
•Providers must establish and publish complaint and reporting mechanisms allowing users to flag suspected illegal or harmful synthetic content.
•Overseas providers whose services are accessible in China and reach relevant user thresholds are within scope and must designate a domestic compliance representative or establish a local entity.

What Your Organization Must Do

→Audit all products, features, and third-party API integrations by business unit to identify any deep synthesis touchpoints accessible to users in China, and document findings in a formal scope assessment completed by a designated compliance lead before deploying or continuing any affected service.
→Implement real-name identity verification for all users accessing deep synthesis tools in China, ensuring the verification workflow is operational and logged prior to granting access, with IT and legal jointly responsible for confirming the system meets CAC standards.
→Deploy both visible, non-removable labels and imperceptible technical watermarks on all AI-generated or AI-modified content, working with engineering teams to embed these controls into the content pipeline before any synthetic output reaches end users.
→Establish and document consent workflows to obtain prior explicit written consent from any real individual whose likeness, voice, or biometric data is used in synthetic content, with legal counsel reviewing consent forms for compliance with PIPL and portrait-rights requirements.
→Determine whether any deep synthesis service meets significant-influence thresholds requiring CAC security assessment and algorithm registration, and if so, initiate the security assessment filing process immediately given the January 2023 effective date has already passed.
→Retain logs of all deep synthesis activities including user identity records and content metadata for a minimum of six months in line with Cybersecurity Law obligations, and assign a data governance owner to verify log completeness, access controls, and retention schedules on a quarterly basis.

Playbook Guidance

Step-by-step implementation guidance for compliance teams.

04What are our obligations under emerging AI regulations?07How do we handle AI-generated content and hallucinations?09How do we maintain data privacy compliance when using AI?12Is our training data compliant with global privacy laws?19How do we handle intellectual property and copyright in AI?

Frequently Asked Questions

Do the China Deep Synthesis Regulations apply to foreign companies whose AI tools are accessible to users in China?: Yes. Overseas providers whose deep synthesis services reach users in China above relevant user thresholds are within scope. They must designate a domestic compliance representative or establish a local entity to meet CAC obligations.
What labelling is required for AI-generated content under the Deep Synthesis Provisions?: Providers must apply both a visible, non-removable label disclosing AI-generated or AI-modified status and an imperceptible technical watermark. Both controls must be embedded in the content pipeline before any synthetic output reaches end users.
Is real-name registration mandatory for users of deep synthesis platforms in China?: Yes. Service providers must verify user identity through real-name registration before granting access to any deep synthesis tool. The verification system must be operational, logged, and meet CAC standards prior to users accessing synthesis features.
When does using a real person's likeness or voice in AI-generated content require consent under these provisions?: Any use of a real individual's likeness, voice, or biometric data in synthetic content requires prior explicit consent from that person. Consent workflows should be reviewed by legal counsel for compliance with PIPL and Chinese portrait-rights requirements.
What triggers the CAC security assessment and algorithm registration requirement under the Deep Synthesis Provisions?: Providers that reach significant-influence thresholds as defined by the CAC must complete a security assessment and register their algorithms with the authority. Companies should assess whether any current service already meets these thresholds, given the January 2023 effective date has passed.
How do the Deep Synthesis Provisions relate to China's Generative AI Measures and Algorithm Recommendation Provisions?: The Deep Synthesis Provisions form one layer of China's AI content governance framework, sitting alongside the Algorithm Recommendation Provisions (effective March 2022) and the Generative AI Measures (effective August 2023). Providers may face overlapping obligations under all three instruments depending on the functionality of their service.