China tightens regulation of mobile apps market

Jason McGee-Abe
Published on:

The Chinese government has become concerned with a number of potential uses of mobile apps, including terrorism, and has introduced a range of regulatory controls, 'Administrative Rules on Information Services via Mobile Internet Applications'. Barbara Li, partner, and Olivia Yang, associate, of Norton Rose Fulbright take GTB through the rules

         Norton Rose Fulbright

Barbara Li - Norton Rose Fulbright
Barbara Li, partner, Beijing, Norton Rose Fulbright
Olivia Yang
Olivia Yang, associate, Beijing, Norton Rose Fulbright

China has the largest number of mobile internet users in the world, and is estimated to host more than 4 million mobile apps. As in other locations around the world, apps are widely used by businesses for marketing promotions and for online sale of goods and services.

With this proliferation of mobile apps, China’s government has become concerned with a number of potential uses that might be illegal such as terrorism, or could be deemed as “improper” such as pornography.

In light of this, the government has introduced a range of regulatory controls over mobile apps which includes imposing obligatory verification procedures on apps providers and apps store operators.

These new rules, entitled “Administrative Rules on Information Services via Mobile Internet Applications” were issued in late June by the Cyberspace Administration of China (CAC), the government regulator, and came into effect on 1 August 2016.

Apps providers are now required to verify their users’ identification by way of a mobile number or by other means. While apps users can still use a public alias, their real names must now be registered with the relevant apps provider, who must keep users’ activity logs for at least 60 days.

Apps store operators are required to conduct authentication verification of apps providers and must check on the security and legal compliance of apps. They’re also required to file a registration with their province’s cyberspace authority before they can start an apps store business, as well as supervising providers to protect users’ information.

The rules provide that apps providers must comply with the principles of legality, appropriateness and necessity in collecting and using personal data. Providers are required to give notice to app users about the purpose, means and scope within which personal data will be collected and used, and consent is required before they can collect personal data including access to a user’s geographic location, contacts list, or recorded video and audio. They also need consent to bundle or activate unnecessary services and functions.

Apps providers also cannot develop and publish apps that pirate rivals' products or infringe IP rights under the new rules. Apps store operators are required to protect the IP rights of apps providers and to supervise the publication of apps.

The rules require apps providers to sign an agreement with apps store operators, with a view to allocating respective rights and obligations between them. If an apps provider fails to comply with the requirements under the new rules, the relevant store operator may issue warnings, suspend release of relevant apps or remove them from the store. The rules envisage that the CAC will set up a whistle-blowing system so the public can report any irregularities to the authorities.

The implementation of the rules has significant implications for businesses using mobile apps for their businesses in China. They need to review their operational practices to ensure compliance with the new obligations.

For example, apps providers may need to revise and update their apps so that they can verify the identity of users and record users’ activities for a minimum period of 60 days (if this has not been done under their current operational practices).

In addition, with the roll-out of the new real name registration scheme, a vast amount of personal data will be handled by apps providers and apps store operators. They will need to comply with the new apps rules as well as other applicable Chinese personal data regulations.

China’s fast changing regulatory environment can present a challenge to international businesses, however, the new rules are consistent with the government’s increased focus on creating a safer cyber environment.