CAC Draft Rules Target Human-Like AI Services, Triggering New Security Assessment and Content Governance Obligations for China Market Operators
What happened
The Cyberspace Administration of China published its draft Interim Measures governing anthropomorphic interactive AI services on April 10, 2026, opening a public comment period. The draft targets AI systems that simulate human personality, emotional responses, or cognitive interaction, covering a broad range of consumer and enterprise-facing products such as companionship AI, AI customer service agents, and emotionally responsive chatbots. Regulated providers must establish controls spanning content governance, cybersecurity, data security, personal information protection, fraud prevention, ethics committee review, and emergency response procedures. Providers operating at scale or whose services implicate national security must additionally complete and file security assessments with the CAC before or during operation. The instrument adds a dedicated regulatory layer on top of China's existing generative AI framework and deep synthesis rules, and a separate finding suggests a possible effective date of July 15, 2026, though that date requires verification given the draft status noted in official materials.
Why it matters
- ·Regulatory exposure: Multinational companies deploying any AI product in China that simulates human interaction, including customer-facing chatbots or virtual assistants, may fall within scope and face mandatory security assessments, ethics reviews, and registration obligations before or shortly after the rules take effect.
- ·Operational impact: The requirement to establish standing ethics review processes, emergency response procedures, and fraud prevention controls for affected AI services creates new internal governance infrastructure that cannot be built quickly, making early gap assessment critical for organizations already operating in this space.
- ·Organizational risk: The draft's breadth in defining anthropomorphic AI is deliberately wide, meaning product and legal teams that have not mapped their China-deployed AI services against this framework risk misclassifying products as out-of-scope, creating latent compliance exposure as enforcement begins.
Governance controls affected
What to do now
- ☐Inventory all AI products and features deployed or marketed in China that involve simulated personality, emotional response, or human-like conversational interaction, and flag each against the draft's scope definitions.
- ☐Assess whether any flagged services meet the draft's threshold criteria (large user base, national security sensitivity) that would trigger mandatory CAC security assessment filing obligations.
- ☐Review existing content moderation, fraud prevention, and data security controls for China-facing AI services against the draft's enumerated control categories and document gaps for remediation.
- ☐Assign ownership for standing ethics review of anthropomorphic AI services in China and draft a committee charter or equivalent governance structure in anticipation of the final rule.
- ☐Monitor the CAC comment period and track whether a July 15, 2026 effective date is confirmed in the final text, and build that date into your regulatory calendar and project timelines.
What to watch next
Compliance teams should track the close of the CAC public comment period and watch for a finalized version of the Interim Measures, paying close attention to whether the rumored July 15, 2026 effective date is confirmed, as that would give operators a very short runway for implementation. The CAC's enforcement posture under its existing Generative AI Interim Measures and Deep Synthesis Regulations will provide a leading indicator of how aggressively it intends to pursue non-compliant anthropomorphic AI services. Teams should also monitor China's broader draft AI Law, which is still moving through legislative review, to understand how the anthropomorphic AI rules will nest within that overarching framework.