Editor's note: A finalized version of these Provisions took effect January 10, 2023. A translation of that version is available on China Law Translate.
This translation is by Rogier Creemers and was edited by Graham Webster with reference to an alternative translation by China Law Translate.
Source: http://www.cac.gov.cn/2022-01/28/c_1644970458520968.htm
Archived copy: https://web.archive.org/web/20220131190544/http://www.cac.gov.cn/2022-01/28/c_1644970458520968.htm
TRANSLATION
Internet Information Service Deep Synthesis Management Provisions (Draft for Comment)
Article 1: These provisions are formulated in order to regulate deep synthesis activities in Internet information services, to carry forward the core Socialist value vision, to safeguard national security and the societal public interest, and to protect the lawful rights and interests of citizens, legal persons, and other organizations, on the basis of the Cybersecurity Law of the People’s Republic of China, the Data Security Law of the People’s Republic of China, the Personal Information Protection Law of the People’s Republic of China, the Internet Information Service Management Measures, and other such laws and administrative regulations.
Article 2: These Provisions apply to the use of deep synthesis technologies to provide Internet information services (hereafter referred to as deep synthesis services), as well as activities providing technical support to deep synthesis services, within the territory of the People’s Republic of China. Where laws or administrative regulations provide otherwise, those provisions are to be followed.
Deep synthesis technology as used in these Provisions refers to technologies using generative and synthesizing algorithms, with deep learning and virtual reality as representative examples, to produce text, images, sound, video, virtual settings, and other such information, including but not limited to:
- Technologies for generating or editing textual content, such as text generation, writing style transformation, and question-and-answer dialogues;
- Technologies for generating or editing voice content, such as text-to-speech, voice transformation, and voice characteristic editing;
- Technologies for generating or editing non-voice sound content, such as music generation, and ambient sound editing;
- Technologies for generating or editing human faces in images or video, such as facial generation, facial substitution, personal characteristic editing, facial manipulation, and posture manipulation;
- Technologies for editing non-biological characteristics in images or video, such as image enhancement and image repair;
- Technologies for generating or editing virtual settings, such as three-dimensional re-modelling.
"Deep synthesis service providers" refers to organizations providing deep synthesis services or providing technical support to deep synthesis services.
"Deep synthesis service users" refers to organizations and individuals using deep synthesis services to produce, reproduce, publish, or disseminate information.
Article 3: The State cybersecurity and informatization department is responsible for comprehensively coordinating deep synthesis service governance–related supervision and management work nationwide. Local cybersecurity and informatization departments are responsible for comprehensively coordinating deep synthesis service governance–related supervision and management work within their administrative areas.
Article 4: Deep synthesis service providers and deep synthesis service users shall abide by laws and regulations, respect social morals and ethics, adhere to the correct political direction, public opinion orientation, and value orientation, and promote progress and improvement in deep synthesis services.
Article 5: Relevant industry organizations are encouraged to strengthen industry self-discipline; establish and complete industry standards, industry norms, and self-discipline management structures; and supervise and guide deep synthesis service providers to formulate and perfect service standards, strengthen information content security management, provide services according to the law, and accept social supervision.
Article 6: No organization or individual may use deep synthesis to engage in activities harming national security, destroying social stability, upsetting social order, violating the lawful rights and interests of others, or other such acts prohibited by laws and regulations. They may not produce, reproduce, publish, or disseminate: information inciting subversion of State power or harming national security and social stability; obscenity and pornography; false information; information harming other people’s reputation rights, image rights, privacy rights, intellectual property rights and other lawful rights and interests; or other such content prohibited by laws and regulations.
Article 7: Deep synthesis service providers shall fulfill entity responsibility for information security, establish and complete management structures for algorithmic mechanism and logic (机制机理) examination and verification, user registration, information content management, data security and personal information protection, protection of minors, employee education and training, etc., with secure and controllable technical safeguard mechanisms suited to the development of new technologies and new applications.
Article 8: Deep synthesis service providers shall formulate and disclose management norms and platform covenants, improve service agreements, post the security obligations of deep synthesis service users in a conspicuous manner, and fulfill corresponding management responsibilities according to the law and according to covenants.
Article 9: Deep synthesis service providers shall conduct real identity information verification of deep synthesis service users according to the law. Where deep synthesis service users do not conduct real identity information verification, deep synthesis service providers may not provide information publishing services to them.
Article 10: Deep synthesis service providers shall: strengthen content management for deep synthesis information content, adopt technical or manual methods to examine and verify data input by deep synthesis service users, and the synthesis results; establish and complete a database of characteristics to be used to identify unlawful and harmful deep synthesis information content, and improve standards, norms, and procedures for making entries to the database; adopt corresponding methods to deal with unlawful and harmful information according to the law; and adopt response measures such as warnings, limitation of functions, suspension of service, account closure, etc., against related deep synthesis service users according to laws and covenants.
Article 11: Deep synthesis service providers shall strengthen management of deep synthesis technology, periodically examine and verify, assess, and test algorithmic mechanisms and logic; where they provide models or templating tools with the capability to edit facial, human voice, or other such distinguishing biological information or the distinguishing information of special non-biological objects or settings that may involve national security or the social public interest, they shall take the initiative to conduct security assessments and prevent information security risks.
Article 12: Deep synthesis service providers shall strengthen training data management, ensure the legality and propriety of data handling, and adopt necessary measures to ensure data security. Where training data includes data involving personal information, they shall also abide by personal information protection-related regulations, and must not illegally handle personal information.
Where deep synthesis service providers provide significant editing functions for facial or vocal information, or other such distinguishing biological information, they shall prompt deep synthesis service users and notify them and obtain separate consent from the edited personal information subjects in accordance with the law, except where laws and administrative regulations provide otherwise.
Article 13: Deep synthesis service providers shall use effective technical measures to add marks that do not affect users’ usage to deep synthesis information content produced using their, retain daily record information according to the law, and ensure that published or disseminated deep synthesis information content can be self-identified and traced.
Article 14: Where deep synthesis service providers provide the following deep synthesis services, they shall use prominent methods to label deep synthesis information content, and effectively point out to the public the synthesized nature of the information content:
- Where providing smart dialogue, smart writing, and other such textual generation or editing services simulating natural persons, a clear label is to be provided in a position such as the source explanation section of the text information content;
- Where providing synthesized voices, imitated voices, and other such speech generation or editing services that significantly change individual identifying characteristics, a clear indication by spoken explanation or other such methods is to be provided in a reasonable part in the audio information content;
- Where providing services such as synthesis of virtual persons in images or video through facial generation, face substitution, face manipulation, posture manipulation, etc., or editing that significantly changes individual identifying characteristics; a clear label is to be provided in a prominent position in the image or video information content;
- Where providing immersive virtual reality settings and other such generative or editing services, a clear indication is to be provided in a prominent position in the virtual setting information content;
- Where providing other services with generative or significant information content modification functions, a clear indication is to be provided in a reasonable position in the text, image, audio, video, virtual setting, etc.
Where deep synthesis providers provide deep synthesis services other than those provided in the previous paragraph, they shall provide deep synthesis service users with a function to prominently label deep synthesis information content, and point out that deep synthesis service users may provide prominent labels of deep synthesis information content.
Article 15: Where deep synthesis providers discover deep synthesis information content does not contain a prominent label as provided in Article 14, Paragraph I, they shall immediately cease the dissemination of the said information, and may only continue to disseminate it after a prominent label is made according to regulations.
Article 16: Internet application store service providers shall fulfill security management responsibilities concerning deep synthesis application programs provided by deep synthesis providers, and verify the security assessment, filing, and other such matters concerning deep synthesis application programs according to the law and covenants; where relevant State regulations are violated, they shall promptly adopt response measures such as listing refusal, temporary delisting, or delisting, etc.
Article 17: Deep synthesis service providers shall establish and complete mechanisms for dispelling rumors; where it is discovered that deep synthesis information service users use deep synthesis technologies to produce, reproduce, publish, or disseminate false information, they shall promptly adopt corresponding measures to dispel rumors and file the relevant information with cybersecurity and informatization and other such departments.
Article 18: Deep synthesis service providers shall install convenient and effective portals for user appeals and public complaints and reports, publish handling procedures and feedback time periods for them, promptly accept and handle them, and provide feedback on the handling results.
Article 19: Deep synthesis service providers shall, according to the relevant provisions of the Internet Information Service Algorithmic Recommendation Management Provisions, conduct filing formalities within 10 working days of first providing services.
Deep synthesis service providers that have completed filing shall indicate their filing number in a prominent location on the website, application program, etc., where they provide external services and provide links to published information.
Article 20: Where deep synthesis service providers develop new products, new applications, or new functions online that have public opinion characteristics or social mobilization capacity, they shall conduct a security assessment according to relevant State provisions.
Article 21: All levels’ cybersecurity and informatization departments are to conduct supervision and inspection of deep synthesis information service providers’ fulfilment of their entity responsibility for deep synthesis information content management, and promptly put forward correction opinions and correction within a set time to deep synthesis information service providers where problems exist.
Deep synthesis service providers shall cooperate with cybersecurity and informatization departments conducting supervision and inspection according to the law, and provide them with necessary technical, data, and other such support and assistance.
Article 22: In case of violations of Article 7, Article 8, Article 10, Article 11, Article 13, Article 14, Article 15, Article 16, Article 17, Article 18, Article 20, or Article 21 Paragraph II of these Provisions, where laws and administrative regulations contain provisions, those provisions are to be followed; where laws or administrative regulations do not contain provisions, the national and provincial, autonomous region, or directly-governed municipality cybersecurity and informatization department, on the basis of its duties and responsibilities, is to issue a warning, order correction within a limited time, and imposes suspension of related operations until correction; where correction is refused or circumstances are grave, it is to order provisional cessation of information updates and impose a fine between 10,000 and 100,000 Yuan.
In case of violations of Article 6, Article 9, Article 12 or Article 19 of these Provisions, the national, provincial, autonomous region, or directly-governed municipality cybersecurity and informatization department, on the basis of its duties and responsibilities, is to impose punishment according to the provisions of laws, administrative regulations, and departmental rules.
Where a violation of these Provisions causes harm to other persons, civil liability is to be borne according to the law; where it constitutes an act violating public order management, public order management liability is to be borne according to the law; where it constitutes a crime, criminal liability is to be prosecuted according to the law.
Article 23: The meaning of the following terms in these Provisions are as follows:
“Ambient sound” refers to non-spoken background sound content in audio.
“Face manipulation” refers to manipulation of the facial expression of persons in images or videos.
“Posture manipulation” refers to manipulation of the physical movements of persons in images or videos.
“Three-dimensional re-modelling” refers to the use of deep synthesis technologies for data-generated or -edited three-dimensional imaging of settings.
“Training data” refers to labelled or benchmark datasets used to train machine learning models.
“Immersive virtual reality settings” refers to virtual settings generated or edited through deep synthesis technologies that may provide a participatory experience or are interactive and feel highly realistic.
Article 24: The interpretation of these Provisions is the responsibility of the Cyberspace Administration of China.
Article 25: These Provisions take effect on (day, month, year).
CHINESE-LANGUAGE ORIGINAL
The original text below includes explanatory content from the Cyberspace Administration of China's that is not translated above.
互联网信息服务深度合成管理规定
(征求意见稿)
第一条 为了规范互联网信息服务深度合成活动,弘扬社会主义核心价值观,维护国家安全和社会公共利益,保护公民、法人和其他组织的合法权益,根据《中华人民共和国网络安全法》、《中华人民共和国数据安全法》、《中华人民共和国个人信息保护法》、《互联网信息服务管理办法》等法律、行政法规,制定本规定。
第二条 在中华人民共和国境内应用深度合成技术提供互联网信息服务(以下简称深度合成服务),以及为深度合成服务提供技术支持的活动,适用本规定。法律、行政法规另有规定的,依照其规定。
本规定所称深度合成技术,是指利用以深度学习、虚拟现实为代表的生成合成类算法制作文本、图像、音频、视频、虚拟场景等信息的技术,包括但不限于:
(一)篇章生成、文本风格转换、问答对话等对文本内容进行生成或者编辑的技术;
(二)文本转语音、语音转换、语音属性编辑等对语音内容进行生成或者编辑的技术;
(三)音乐生成、场景声编辑等对非语音内容进行生成或者编辑的技术;
(四)人脸生成、人脸替换、人物属性编辑、人脸操控、姿态操控等对图像、视频内容中人脸等生物特征进行生成或者编辑的技术;
(五)图像增强、图像修复等对图像、视频内容中非生物特征进行编辑的技术;
(六)三维重建等对虚拟场景进行生成或者编辑的技术。
深度合成服务提供者,是指提供深度合成服务以及为深度合成服务提供技术支持的组织。
深度合成服务使用者,是指使用深度合成服务制作、复制、发布、传播信息的组织、个人。
第三条 国家网信部门负责统筹协调全国深度合成服务治理和相关监督管理工作。地方网信部门负责统筹协调本行政区域内的深度合成服务治理和相关监督管理工作。
第四条 深度合成服务提供者和深度合成服务使用者应当遵守法律法规,尊重社会公德和伦理,坚持正确政治方向、舆论导向、价值取向,促进深度合成服务向上向善。
第五条 鼓励相关行业组织加强行业自律,建立健全行业标准、行业准则和自律管理制度,督促指导深度合成服务提供者制定完善服务规范、加强信息内容安全管理、依法提供服务并接受社会监督。
第六条 任何组织和个人不得利用深度合成服务从事危害国家安全、破坏社会稳定、扰乱社会秩序、侵犯他人合法权益等法律法规禁止的活动,不得制作、复制、发布、传播含有煽动颠覆国家政权、危害国家安全和社会稳定、淫秽色情、虚假信息,以及侵害他人名誉权、肖像权、隐私权、知识产权和其他合法权益等法律法规禁止内容的信息。
第七条 深度合成服务提供者应当落实信息安全主体责任,建立健全算法机制机理审核、用户注册、信息内容管理、数据安全和个人信息保护、未成年人保护、从业人员教育培训等管理制度,具有与新技术新应用发展相适应的安全可控的技术保障措施。
第八条 深度合成服务提供者应当制定并公开管理规则和平台公约,完善服务协议,以显著方式提示深度合成服务使用者信息安全义务,并依法依约履行相应管理责任。
第九条 深度合成服务提供者应当依法对深度合成服务使用者进行真实身份信息认证。深度合成服务使用者不进行真实身份信息认证的,深度合成服务提供者不得为其提供信息发布服务。
第十条 深度合成服务提供者应当加强深度合成信息内容管理,采取技术或者人工方式对深度合成服务使用者的输入数据和合成结果进行审核;建立健全用于识别违法和不良深度合成信息内容的特征库,完善入库标准、规则和程序;对违法和不良信息依法采取相应处置措施,并对相关深度合成服务使用者依法依约采取警示、限制功能、暂停服务、关闭账号等处置措施。
第十一条 深度合成服务提供者应当加强深度合成技术管理,定期审核、评估、验证算法机制机理;提供具有对人脸、人声等生物识别信息或者可能涉及国家安全、社会公共利益的特殊物体、场景等非生物识别信息编辑功能的模型、模板等工具的,应当自行开展安全评估,预防信息安全风险。
第十二条 深度合成服务提供者应当加强训练数据管理,确保数据处理合法、正当,采取必要措施保障数据安全。训练数据包含涉及个人信息数据的,还应当遵守个人信息保护有关规定,不得非法处理个人信息。
深度合成服务提供者提供人脸、人声等生物识别信息的显著编辑功能的,应当提示深度合成服务使用者依法告知并取得被编辑的个人信息主体的单独同意。法律、行政法规另有规定的除外。
第十三条 深度合成服务提供者对使用其服务所制作的深度合成信息内容,应当通过有效技术措施在信息内容中添加不影响用户使用的标识,依法保存日志信息,使发布、传播的深度合成信息内容可被自身识别、追溯。
第十四条 深度合成服务提供者提供以下深度合成服务的,应当使用显著方式对深度合成信息内容进行标识,向社会公众有效提示信息内容的合成情况:
(一)提供智能对话、智能写作等模拟自然人进行文本生成或者编辑服务的,在文本信息内容的稿源说明处等位置进行显著标识;
(二)提供合成人声、仿声等语音生成或者显著改变个人身份特征的编辑服务的,在音频信息内容的合理区域以语音说明等方式进行显著标识;
(三)提供人脸生成、人脸替换、人脸操控、姿态操控等虚拟人物图像、视频生成或者显著改变个人身份特征的编辑服务的,在图像、视频信息内容的明显位置进行显著标识;
(四)提供沉浸式拟真场景等生成或者编辑服务的,在虚拟场景信息内容的明显位置进行显著标识;
(五)提供其他具有生成或者显著改变信息内容功能的服务的,在文本、图像、音频或者视频、虚拟场景等的合理位置或者区域进行显著标识。
深度合成服务提供者提供前款规定之外的深度合成服务的,应当向深度合成服务使用者提供对深度合成信息内容进行显著标识的功能,并提示深度合成服务使用者可以对深度合成信息内容进行显著标识。
第十五条 深度合成服务提供者发现第十四条第一款规定的深度合成信息内容未进行显著标识的,应当立即停止传输该信息,按照规定作出显著标识后,方可继续传输。
第十六条 互联网应用商店服务提供者应当对深度合成服务提供者提供的深度合成应用程序履行安全管理责任,依法依约核验深度合成应用程序的安全评估、备案等情况;对违反国家有关规定的,应当及时采取不予上架、暂停上架或者下架等处置措施。
第十七条 深度合成服务提供者应当建立健全辟谣机制,发现深度合成信息服务使用者利用深度合成技术制作、复制、发布、传播虚假信息的,应当及时采取相应的辟谣措施,并将相关信息报网信等部门备案。
第十八条 深度合成服务提供者应当设置便捷有效的用户申诉和公众投诉、举报入口,公布处理流程和反馈时限,及时受理、处理并反馈处理结果。
第十九条 深度合成服务提供者应当按照《互联网信息服务算法推荐管理规定》的有关规定,在提供服务之日起十个工作日内履行备案手续。
完成备案的深度合成服务提供者应当在其对外提供服务的网站、应用程序等的显著位置标明其备案编号并提供公示信息链接。
第二十条 深度合成服务提供者开发上线具有舆论属性或者社会动员能力的新产品、新应用、新功能的,应当按照国家有关规定开展安全评估。
第二十一条 各级网信部门对深度合成信息服务提供者履行深度合成信息内容管理主体责任情况开展监督检查,对存在问题的深度合成信息服务提供者及时提出整改意见并限期整改。
深度合成服务提供者对网信部门依法实施的监督检查,应当予以配合,并提供必要的技术、数据等支持和协助。
第二十二条 违反本规定第七条、第八条、第十条、第十一条、第十三条、第十四条、第十五条、第十六条、第十七条、第十八条、第二十条、第二十一条第二款规定,法律、行政法规有规定的,依照其规定;法律、行政法规没有规定的,由国家和省、自治区、直辖市网信部门依据职责给予警告,责令限期改正,改正前应当暂停相关业务;拒不改正或者情节严重的,责令暂停信息更新,并处一万元以上十万元以下罚款。
违反本规定第六条、第九条、第十二条、第十九条规定的,由国家和省、自治区、直辖市网信部门依据职责,按照有关法律、行政法规和部门规章的规定予以处理。
违反本规定,给他人造成损害的,依法承担民事责任;构成违反治安管理行为的,依法给予治安管理处罚;构成犯罪的,依法追究刑事责任。
第二十三条 本规定中下列用语的含义:
场景声,是指音频中非语音内容的背景声音。
人脸操控,是指对图像、视频中人物的面部表情等进行操控。
姿态操控,是指对图像、视频中人物的肢体动作等进行操控。
三维重建,是指利用数据生成或者编辑场景三维立体影像的深度合成技术。
训练数据,是指被用于训练机器学习模型的标注或者基准数据集。
沉浸式拟真场景,是指通过深度合成技术生成或者编辑的、可供参与者体验或者互动的、具有高度真实感的虚拟场景。
第二十四条 本规定由国家互联网信息办公室负责解释。
第二十五条 本规定自 年 月 日起施行。
关于《互联网信息服务深度合成管理规定(征求意见稿)》的说明
为了规范互联网信息服务深度合成活动,弘扬社会主义核心价值观,维护国家安全和社会公共利益,保护公民、法人和其他组织的合法权益,根据《中华人民共和国网络安全法》、《中华人民共和国数据安全法》、《中华人民共和国个人信息保护法》、《互联网信息服务管理办法》等法律、行政法规,国家互联网信息办公室起草了《互联网信息服务深度合成管理规定(征求意见稿)》(以下称《规定(征求意见稿)》)。有关情况说明如下:
一、制定的必要性
(一)贯彻党中央决策部署的重要举措。党的十九大报告提出“加强互联网内容建设,建立网络综合治理体系,营造清朗的网络空间”的任务要求。党中央印发的《法治社会建设实施纲要(2020-2025年)》提出制定完善对算法推荐、深度伪造等新技术应用的规范管理办法。落实党中央决策部署,需要统筹安全与发展,加快制定完善制度规范,促进深度合成技术依法合理有效利用。
(二)维护网络空间良好生态的现实需要。网络空间是亿万民众共同的家园,互联网信息服务深度合成活动在服务用户需求、改进用户体验的同时,也被一些不法分子用于制作、复制、发布、传播违法信息,诋毁、贬损他人名誉、荣誉,仿冒他人身份实施诈骗等违法行为,不仅损害人民群众的切身利益,甚至危害国家安全和社会稳定,迫切需要划定“底线”、“红线”,规范发展互联网信息服务深度合成活动,维护网络空间良好生态。
(三)深化互联网信息服务依法管理的客观要求。在前期已出台《网络信息内容生态治理规定》、《互联网信息服务算法推荐管理规定》、《网络音视频信息服务管理规定》等相关部门规章和规范性文件,明确对生成合成类算法和利用深度学习、虚拟现实等新技术新应用制作音视频内容等的监管要求的基础上,需要进一步厘清、细化深度合成技术的应用场景,明确深度合成服务提供者和使用者的信息安全义务,出台具有系统性、针对性和可操作性的专门管理规定。
二、起草过程
(一)开展立法调研。深入企业、科研院所、高校等单位调查研究国内深度合成技术发展、应用场景,充分研究国内外深度合成技术发展应用中存在的问题及监管情况,全面梳理互联网信息服务深度合成活动信息安全风险。
(二)组织研究论证。组织系列专家研讨会,邀请科研院所和高校技术、法律专家对互联网信息服务深度合成活动现状、问题及法律规制进行深入分析,并就《规定》体例框架、主要制度和具体内容开展论证研究。
(三)起草《规定(征求意见稿)》。坚持问题导向和目标导向,落实、细化《中华人民共和国网络安全法》、《中华人民共和国数据安全法》、《中华人民共和国个人信息保护法》、《互联网信息服务管理办法》等法律、行政法规要求,起草形成《规定(征求意见稿)》。
三、主要内容
《规定(征求意见稿)》共二十五条,主要规定了以下五个方面的内容。
(一)明确了制定目的依据、适用范围和总体要求。明确在中华人民共和国境内应用深度合成技术提供互联网信息服务,以及为深度合成服务提供技术支持的活动,适用本规定。明确深度合成技术、深度合成服务提供者和深度合成服务使用者等概念的含义。明确国家网信部门、地方网信部门的统筹协调和监督管理职责以及深度合成服务提供者、使用者的基本要求。鼓励相关行业组织加强行业自律。强调不得利用深度合成服务从事法律法规禁止的活动,不得制作、复制、发布、传播含有法律法规禁止内容的信息。(第一条至第六条)
(二)明确了深度合成服务提供者主体责任。要求建立健全算法机制机理审核、信息内容管理、从业人员教育培训等管理制度,具有与新技术新应用发展相适应的安全可控的技术保障措施。应当制定并公开管理规则和平台公约,并对使用者依法进行真实身份信息认证。加强内容管理,采取技术或者人工方式对输入数据和合成结果进行审核,并建立健全相关特征库。加强技术管理,定期审核、评估、验证算法机制机理。提供涉及生物识别信息或者可能涉及国家安全、社会公共利益的模型、模板等工具的,应当自行开展安全评估,预防信息安全风险。加强训练数据管理,确保数据处理正当、合法,采取必要措施保障数据和个人信息安全。(第七条至第十二条)
(三)明确了深度合成信息内容标识管理制度。要求深度合成服务提供者对使用其服务所制作的深度合成信息内容,通过有效技术措施添加不影响用户使用的标识,依法保存日志信息,使深度合成信息内容可被自身识别、追溯。对生成或者显著改变信息内容的深度合成信息内容,应当使用显著方式进行标识,向社会公众有效提示信息内容的合成情况;对其他深度合成信息内容,应当提供进行显著标识的功能,并提示使用者可以自行标识。发现应该进行显著标识而未显著标识的,应当立即停止传输该信息,按规定作出显著标识后,方可继续传输。(第十三条至第十五条)
(四)明确了监督管理相关要求。互联网应用商店服务提供者应当对深度合成应用程序履行安全管理责任,依法依约核验安全评估、备案等情况,对违反国家有关规定的,及时采取不予上架、暂停上架或者下架等处置措施。深度合成服务提供者应当建立健全辟谣机制,设置便捷有效的用户申诉和公众投诉、举报入口;应当按照有关规定履行备案手续、标明备案编号;开发上线具有舆论属性或者社会动员能力的新产品、新应用、新功能的,应当按照国家有关规定开展安全评估;对网信部门依法实施的监督检查,应当予以配合,并提供必要的技术、数据等支持和协助。(第十六条至第二十一条)
(五)明确了法律责任、解释部门和施行日期。违反《规定》相关规定的,由国家和省、自治区、直辖市网信部门依据职责,按照《规定》和有关法律法规规章的规定予以处理。《规定》由国家互联网信息办公室负责解释。(第二十二条至第二十五条)
