China Issues New Rules for Mobile Apps
The Cyberspace Administration of China (CAC) has issued regulations for apps for smartphone/mobile devices that will come into effect August 1, 2016 (“App Rules,” available here, preceded by a Q&A section, all in Chinese). The App Rules are aimed primarily at regulating the rapidly growing app market and addressing corresponding data privacy issues. Overall, the App Rules impose new data management and data security requirements for app and app store providers.
App providers are required to authenticate the identities of their users—tying their online profiles to real citizen identification card numbers—and retain users’ activity logs for sixty days (Art. 7). Furthermore, app providers are required to obtain “relevant qualifications” and make record filings with CAC’s provincial counterparts within 30 days of beginning online operations (Art. 5). The term “relevant qualifications” is not defined and may differ depending on the type of service rendered. For instance, according to one commentary (Chinese), video streaming, health service, and news service app providers may all need different licenses from the respective regulatory agencies. (Note that health information websites already need to be filed for the record with the National Health and Family Planning Commission.) Meanwhile, app stores are required to establish stricter cybersecurity practices, including filing for the record with provincial authorities and monitoring apps for misuse of user data and intellectual property rights violations (Art. 8).
Companies looking to thrive in China’s mobile app market are advised to pay close attention to these new rules both to ensure compliance and remain competitive in the evolving business environment.
Tina Zhang, Addison Yang, and Steven Zhu of Covington & Burling LLP assisted with the research and preparation of this article.