China: TC260 adopted standard Basic Requirements for Security of Generative Artificial Intelligence Services of Cybersecurity Technology including measures on copyright protection

On 25 April 2025, the National Information Security Standardisation Technical Committee of China (TC260) adopted the national standard "Basic Requirements for Security of Generative Artificial Intelligence Services of Cybersecurity Technology". The standard outlines the requirements that providers of generative artificial intelligence (AI) services must implement during the development process, including the security of training data sources, training data content security, data annotation security, and model security. In addition, it outlines the security obligations after the system is released for public use. The standard requires providers to develop intellectual property management strategies to identify risks and establish a reporting channel for infringements. Before using data for training purposes, providers must identify potential copyright infringement risks, especially for data containing literary, artistic, or scientific works. User agreements should address intellectual property risks, and strategies must be updated regularly. Finally, the standard requires providers to publish information on the intellectual property aspects of training data and support third-party queries on data use.