On June 10, 2025, the Cyber Rule of Law Forum, part of the 2025 China Cyber Civilization Conference, convened in Hefei, Anhui Province. Co-organized by the Bureau of Cyber Rule of Law and the Bureau of Cyber Law Enforcement and Supervision of the Cyberspace Administration of China (CAC), in collaboration with Beijing Normal University (BNU), the forum was hosted by the BNU Law School, the China Cyberspace Security Association, and Legal Daily. Under the theme "Build a Clean Cyberspace with Good Laws and Governance," participants engaged in in-depth discussions on the intersection of the rule of law and cyber civilization. Distinguished attendees included Yang Jianwen, Deputy Director of the CAC; Zhang Xueqiao, Deputy Procurator-General of the Supreme People's Procuratorate; Tian Yunpeng, Secretary of the Party Leadership Group and President of the Anhui Higher People's Court; and Wei Wei, Deputy Party Secretary of Beijing Normal University, all of whom delivered keynote speeches.
Centered on the theme "Build a Clean Cyberspace with Good Laws and Governance," the forum aimed to foster the exchange of achievements and best practices in cyber civilization. It sought to collectively explore pathways to refine the cyber legal framework and innovate governance models, while addressing the legal challenges posed by artificial intelligence. By building consensus on sound legislation and effective governance, the forum endeavored to integrate the rule of law into the digital landscape, establish a civilized, secure, and orderly cyber ecosystem, and create a safer, more enriching spiritual homeland for the hundreds of millions of netizens.
During the speeches, Wei Wei, Deputy Party Secretary of BNU, emphasized the university's commitment to serving national strategic imperatives. He highlighted BNU's dedication to advancing legal scholarship and practice, fostering interdisciplinary research, and establishing a world-class, internationally influential hub for legal studies. The BNU Law School has continuously broadened its research horizons, assembled top-tier academic teams, and established specialized research centers focusing on frontier issues such as data protection, AI governance, and cybercrime. These efforts provide robust intellectual support for enhancing China's distinct cyber rule of law system. Furthermore, the university actively collaborates with various sectors of society to promote a multi-stakeholder governance mechanism and advance the culture of the rule of law. Wei Wei expressed his hope that the forum would synergize the strengths of government, industry, academia, and society to build consensus and pool collective wisdom. He affirmed BNU's readiness to work alongside all sectors to contribute to the rule of law in cyberspace governance, striving toward a community with a shared future in cyberspace that is "more inclusive and prosperous, more peaceful and secure, and more equal and equitable."
The keynote speech session on "The Rule of Law Escorting the Construction of Cyber Civilization" was moderated by Professor Liang Yingxiu, Dean of the Law School of Beijing Normal University.
Professor Lin Wei, President of Southwest University of Political Science and Law, delivered a keynote speech titled "Promoting Civilization and Progress through Cyber Rule of Law." He proposed that cyber civilization is a new form of human civilization. The rapid development of digital information technologies represented by the internet, big data, and artificial intelligence is fundamentally transforming the modes of production and life as well as the operational logic of human society, giving rise to cyber civilization as a brand-new form and stage of human civilization. China's cyber rule of law construction in the new era has established the foundational institutional framework for governing cyberspace in accordance with the law, built comprehensive and multi-layered legislative safeguards targeting cyberspace, data, and subjects, and developed innovative and distinctive Chinese solutions in areas such as comprehensive cyber ecosystem governance, algorithm governance, and platform governance, providing experience and intellectual contributions for the rule of law in global cyberspace governance and cyber civilization construction. To achieve a higher level of digital justice, the following relationships should be properly addressed: First, correctly handle the relationship between the new and the old brought about by digital-intelligent iteration. Highly intelligent systems inevitably challenge existing legal theories and legal institutions, creating an urgent need to develop new behavioral norm models, new types of legal relationships, and new forms of attributing and bearing responsibility. Second, correctly handle the relationship between the virtual and the real brought about by digital twins. How to evaluate the significance of actions in the virtual world and build norms for addressing digital virtual spaces involves fundamental challenges such as the redefinition of social spatial attributes and the reassessment of human modes of existence. Third, correctly handle the relationship between the internal and the external brought about by data flows. This requires strengthening the coordination between domestic and foreign-related rule of law in the cyber domain, balancing internal security with external security, and building a more just and reasonable global digital governance framework.
Professor Shi Jianzhong, Director of the Institute of Data Rule of Law at China University of Political Science and Law, shared his insights on key issues surrounding the rule of law in data governance. He observed that while policies and laws pertaining to digital security are largely comprehensive and sound, legislation related to development lags relatively behind. This imbalance is specifically manifested in several ways: local legislation is highly active while central legislation remains sluggish; the scope of data processing activities is inconsistently defined, with corresponding legislation falling behind; and the scientific rigor of data rights allocation needs to be strengthened. Furthermore, administrative monopolies persist in the opening and operation of government data, highlighting an urgent need to reinforce the rigid constraints of fair competition reviews. The conceptual system surrounding government data also remains disordered. Shi emphasized that the purpose of government data sharing should not be confined to enhancing the government's digital governance capacity and service efficiency, but should instead aim for full openness to empower economic development. Ultimately, he posited that the rule of law in data-related social relations is an inherent requirement for the unified development of a Digital China and a Rule of Law China, necessitating the introduction of legal relation paradigms into the construction of data legal systems.
Wu Shenkuo, Associate Professor and Doctoral Supervisor at the Law School of Beijing Normal University, delivered a keynote speech titled "China's Rule of Law Practice on Artificial Intelligence." He emphasized that the effective advancement of rule of law practice hinges first on clear, scientific top-level design guided by explicit and stable core values. The principle of "people-centered and AI for good", the core tenet of the 2023 Global AI Governance Initiative, has been interwoven throughout China's AI rule of law practice from the very beginning. Second, regarding rule construction, China has exhibited distinct characteristics of pragmatism and innovation. In 2025, the State Council incorporated "advancing legislation for the healthy development of artificial intelligence" into its annual legislative plan. This move effectively aligns with the broader deployment outlined in the Standing Committee of the National People's Congress's three-year legislative work plan, signaling that the development of a systematic and comprehensive national AI legal framework has entered the fast track. Finally, the vitality of rule of law practice lies in the exploration and innovation of mechanisms. In AI governance, China places particular emphasis on regulatory flexibility and systemic synergy. The goal is not only to establish safety baselines through rigorous rules but also to fully unleash the vitality of technological innovation by ensuring regulatory clarity and predictability. In terms of governance architecture, China is committed to building a multi-stakeholder collaborative system involving the government, enterprises, research institutions, social organizations, and the public. Looking ahead, China will continue to deepen its exploration and innovation in AI rule of law, and with an increasingly open posture, actively participate in and strive to lead the global process of shaping AI governance rules.
Professor Zhu Qing, Dean of the Law School of Anhui University, delivered a speech titled "Privacy Rights Protection in the Context of Data Power Expansion." He argued that the game between data power and privacy rights exhibits distinct phased characteristics, with the continuous expansion of data power compelling privacy rights to shift from sporadic responses to universal resistance. The relationship between data power and privacy rights can be explored through the classical philosophical concept of the inseparability of "Qi" (instrument) and "Dao" (principle). The "Qi" of data power has undergone significant changes in the big data era, manifesting as decentralized modes of production, pervasive dominance, and emergent forces. The "Dao" of privacy protection is also undergoing a profound awakening, shifting from technical patching to value innovation. The concept of privacy protection has been internalized as the underlying logic of data processing activities, driving the evolution of governance models toward a paradigm of collaborative governance integrating technology, law, and ethics. "Qi" and "Dao" exhibit a spiral upward relationship of "Qi changes → Dao awakens → Dao guides → Qi corrects"—that is, technology changes first, concepts awaken in response, concepts then guide technological correction, and technology becomes more compliant. The core of building a closed loop of technology governance and value guardianship lies in the mutual reinforcement of "Qi" and "Dao." At the data collection stage, emphasis is placed on boundary control and tiered authorization, with clear definition of collection scope, conditions, and differentiated permissions. At the data use stage, risk control is strengthened to prevent improper data use. At the data dissemination stage, the unity of order and controllability is pursued. The wisdom of the traditional Chinese philosophy of "Qi and Dao mutually reinforcing" demonstrates that technological tools and value standards complement each other and are inseparable. No matter how technology evolves, the core should always return to a simple yet profound principle—technology should serve humanity, not lord over it.
During the roundtable discussion, Gao Huandong, Vice President of Lenovo Group, noted that the widespread application and promotion of AI has brought new data compliance governance challenges to enterprises. Regarding the challenge of lawful and compliant sources of training data, training data mainly comes from three channels: direct collection, external procurement, and internet crawlers. Different sources require different compliance obligations, necessitating the construction of a differentiated compliance management system. Currently, global regulatory policies and new regulations on cross-border data transfers have been introduced one after another, with regulatory requirements and standards constantly being updated, bringing compliance challenges for data cross-border transfers in the use of AI. The challenge in privacy protection lies in the delineation and definition of compliance responsibilities among multiple parties in complex application scenarios spanning across intelligent agents and devices. Under the "Smarter AI for All" strategy, Lenovo has demonstrated its commitment to data security and privacy protection through its data compliance governance practices in the AI era, and has made efforts in the following three areas: First, organizational talent. Lenovo has established a Data Security and Privacy Protection Committee and an AI Compliance Committee, coordinating with various business and functional departments to promote compliance governance from the top down. It has also cultivated over a hundred "Data Compliance Officers" from the front lines of business operations. Second, processes and systems. Lenovo has not only set up data compliance review processes based on business scenarios and data processing scenarios, but has also issued data privacy compliance guidelines for AI scenarios, carrying out AI data compliance governance at two levels: providing AI services or products externally and using AI tools internally. Third, technical tools. While developing a data asset classification and grading platform, Lenovo has also developed intelligent tools for identifying personal information or sensitive personal information, ensuring that personal information does not leak in internal AI governance.
Huang Zhimin, Vice President and Chief Compliance Officer of ZTE Corporation, noted that the data compliance risks and challenges faced by Chinese enterprises in expanding into international markets mainly stem from the following aspects. First, the varying data compliance legislative requirements across countries increase the difficulty and cost of compliance for enterprises. Second, the rapid changes in external legislation and increasingly strict law enforcement test enterprises' adaptability. In addition, the complex and diverse business scenarios of enterprises, combined with the need to fully and comprehensively implement legal and regulatory requirements without omission, place high demands on corporate compliance management capabilities. Finally, considering management costs and the efficiency losses caused by data compliance management, enterprises need to strike a balance between compliance risk management and business development. Huang Zhimin shared ZTE's experience in data compliance construction: First, changing mindsets by explicitly making data compliance system construction a key component of corporate strategy; second, designing corporate data compliance systems with both robustness and adaptability; third, using digital means including AI as the key pathway for implementing system construction, thereby optimizing management costs.
Diao Yunyun, Vice President of Legal Affairs at Tencent Group, stated that the healthy development of the film and television industry is crucial to the overall economy and the future of innovation. China's digital content industry has surpassed the milestone of 1.6 trillion yuan in total scale, demonstrating vigorous vitality and tremendous growth potential, and has directly driven the technological development of AI in areas such as technological innovation, talent cultivation, and industrial chain extension. Some domestic premium film and television dramas have reached hundreds of millions of viewers through online platforms, and with their excellent production quality, have won numerous film and television awards in South Korea, Japan, and other countries, serving as a powerful vehicle for the international dissemination of traditional Chinese culture. A clean cyberspace and a healthy social and cultural ecosystem call for more high-quality film and television content. Diao Yunyun believes that the greatest challenge facing the healthy and sustainable development of the film and television industry in the AI era is copyright protection. Infringing platforms exploit algorithms and aggregate pirated content to reap huge illegal profits, leading to sustained losses for film and television enterprises. The key to breaking this predicament lies in effective copyright protection. To continuously produce high-quality AI content, it is essential to build a healthy online ecosystem and a comprehensive copyright system that aligns with international standards. Platforms such as short video, search engines, and browsers should strengthen their principal responsibilities. On one hand, they must strictly prohibit pushing or diverting traffic to infringing content through algorithmic recommendations, search rankings, and other means. On the other hand, they should actively employ technical means, establish rapid response mechanisms, and effectively prevent and control infringing content. Through the synergy of technology and law, a virtuous cycle of "quality content - legitimate consumption - innovation rewards" should be formed to continuously produce high-quality AI content.
Ding Daoqin, Head of Legal Research and Cooperation at Douyin Group, held the view that strengthening the coordination of AI governance and "global dialogue," and improving the accessibility of AI technology have become a global consensus. Looking at the world's major countries, the United States focuses its AI governance on encouragement and promotion, while the EU has shifted toward simplified regulation. Asian countries such as South Korea, Japan, and Singapore have shown obvious "promotion-oriented law" characteristics in their relevant legislation and policies. China has also introduced numerous encouraging policies, but there are still some legal ambiguities in the development of artificial intelligence. First, domestic laws on copyright and personal information protection impose strict restrictions on the access to and use of publicly available data, resulting in a shortage of high-quality training data. Second, the category of generative AI service providers is very broad, and there is a need to reasonably define the rights, obligations, and responsibilities of all parties. Third, domestic AI enterprises face constraints in computing power and insufficient funding in the development of large models, and the industry is calling for a reduction in the R&D costs of AI computing and training to stimulate innovation by market entities. The governance and legislation of AI need to face the multiple variables of the technological revolution and the great uncertainties brought by industrial iteration. In order to better unleash the productive force attributes of artificial intelligence, institutional arrangements that promote the development of the AI industry can be added to the existing legislation.
Xu Qianhua, Deputy Secretary-General of the Cyberspace Administration of China, stated that the AI Security Governance Committee primarily functions as an advisory body and a bridge, tasked with coordinating across industries and sectors to advance AI security governance. The Committee organizes exchanges, promotes research, disseminates achievements, advocates for standards, and builds industry consensus to pool collective strength for AI security and development. Over the past year, the Committee was among the first nationwide to initiate the construction of a Chinese language corpus. In early 2025, it officially launched the "Chinese Internet Corpus Resource Platform" for large model pre-training. The platform has garnered positive social feedback and serves as a benchmark for the quality development and security standards of AI corpora. By providing free access to academia, SMEs, and developers, it effectively lowers the threshold for R&D, fills coverage gaps left by commercial corpora, and ensures that data in niche fields is not marginalized. The Committee encourages a public-welfare model of data co-construction and sharing, urging entities across the AI industry, academia, research, and application sectors to actively participate in building the Chinese internet corpus. To promote the development of an AI rule of law ecosystem, the Committee has taken multi-pronged actions. In terms of legislation, it has organized legal experts to conduct legislative research on emerging AI fields, focusing on cutting-edge topics such as algorithm governance and cross-border data flows. Regarding industry self-regulation, the Committee has formulated and released self-governance conventions, advocating for enterprises to establish a full-chain legal supervision system covering technology R&D, product certification, and market access. It also promotes an innovation paradigm of "leadership by leading enterprises with chain-effect transmission" across the industry. In terms of legal education and publicity, the Committee has integrated resources from the entire industrial chain, including internet companies, cybersecurity firms, research institutes, and law firms. This has fostered a collaborative innovation model uniting government, industry, academia, research, and application sectors, while exploring pathways for the coordinated implementation of technical standards and management systems.
Huang Chengqing, Vice Chairman of the Internet Society of China, stated that internet applications have generated massive amounts of data, and thanks to the foundation laid by big data development, artificial intelligence has become a new milestone in the network field. As a global infrastructure, the internet has seen countries around the world dedicated to internet governance and rule-making. The United Nations has proposed building a people-centered, inclusive, and universally beneficial internet, striving to eliminate the digital divide and achieve information accessibility. These principles have pointed the way for network legislation and technical support. China leads in internet applications, and thanks to the development of the internet, China's network governance is at a leading level. However, network governance still faces certain difficulties. The openness of the internet makes every individual both an information disseminator and an information receiver, thereby creating demands for the governance of harmful information and information security. AI governance is more complex than network governance, and should uphold the principles of being people-centered, AI for good, and sustainable development, safeguarding the interests of all relevant parties.
Responsible Editor: Shi Tianyu