On 23 May 2024, the National Information Security Standardisation Technical Committee of China (TC260) opened a public consultation on the draft national standard "Basic Requirements for Security of Generative Artificial Intelligence Services of Cybersecurity Technology" until 22 July 2024. The draft outlines the requirements that providers of generative artificial intelligence (AI) services are required to implement during the development process regarding the security of training data sources, training data content security, data annotation security, and model security. In addition, it outlines the security obligations after the system was released for public use. The draft requires providers to develop intellectual property management strategies to identify risks and establish a reporting channel for infringements. Before using data for training purposes, providers would be required to identify potential copyright infringement risks, especially for data containing literary, artistic, or scientific works. In addition, user agreements should address intellectual property risks, and strategies should be updated regularly. Finally, the draft would require providers to publish information on intellectual property aspects of training data and support third-party queries on data use.
Original source