China increases scrutiny on mobile internet applications
On 28 June 2016, the Cyberspace Administration of China issued rules to tighten the regulation of mobile internet applications (or apps), the first mobile-app specific rules in China (the “Rules”). The Rules will come into effect on 1 August 2016.
We outline below those obligations imposed by the Rules which are likely to be of interest to app providers (which, under the Rules, comprise both “app owners” and app operators) and app stores:
App providers must:
- Real name registration: verify a registered user’s identity. The Chinese authorities’ requirement for real name registration can be seen as a clear attempt by them to compel registered app users to tie their accounts to their actual names to facilitate policing of the internet.
- Data protection: protect user data; inform users of the purpose, method and scope of data collection and its use; and obtain a user’s consent before either an app gains access to the user’s geographic location, contacts, mobile device’s camera or microphone, or it activates any non-essential functions or bundles an irrelevant app.
- IP protection: not create or publish apps that may violate others’ intellectual property rights, a move in line with other recent reforms aimed at improving IP protection in China.
- Illegal content: issue warnings to users, restrict their access to apps or updates to them, or shut down users’ accounts, in each case if users publish "illegal information and content".
- Record-keeping: keep a record of a user’s activity for 60 days, and record and report non-compliance with the Rules to the relevant regulators.
App stores must:
- Filings: make a filing with the provincial-level internet information office responsible for the stores’ supervision within 30 days of commencing business. In addition, each app store is responsible for systematically examining an app provider’s credentials and security and legal compliance procedures, as well as categorising and filing with the internet information office prescribed information on each app provider that publishes an app on its store.
- Supervision and reporting: procure that user information is protected by app providers and that any published app and its content complies with law. Stores are further required to warn app providers, suspend publication of apps or remove apps from their stores, if app providers fail to comply with the relevant Rules. Non-compliance must be recorded and reported to the relevant regulators.
- Service agreement: enter into a service agreement with an app provider. This agreement will likely set out the terms governing the administration between the two parties of the above supervisory matters.
The Rules demonstrate the Chinese government’s intention to strengthen the regulation of the mobile internet market. However, it remains uncertain how the Rules will be enforced in practice, especially against the vast number of app developers and operators in the China market. Similarly it is not clear how significant the impact of the Rules will be on day-to-day operation of major players (such as Apple’s App Store) in China, as certain compliance obligations cannot be contractually shifted from stores to developers or operators.