Blockchain technology is becoming increasingly prominent in Chinese judicial proceedings and legislative developments are beginning to reflect this trend. However, the government's growing concerns about certain aspects of blockchain have triggered a number of recent regulatory responses. For example, in June 2018 the government learned of a vaccine scandal in which improper wording was allegedly uploaded to Ethereum (a type of blockchain). Amidst this backdrop, on 19 October 2018 China's internet watchdog, the Cyberspace Administration of China (CAC), released the draft Provisions on the Administration of Blockchain Information Services for public comment. The provisions comprise 23 articles, which are intended to govern all entities that provide blockchain-based information services in China and are the first step towards regulating blockchain-related technology at the government level. Based on the current draft, it seems that the CAC is not taking any radical steps forward, but rather is testing the waters. However, some of the issues addressed by the draft will carry important ramifications for the operations of various enterprises in China.
Article 2 of the Provisions on the Administration of Blockchain Information Services stipulates that the provisions apply to blockchain-based information services that are provided to the public in mainland China. The term 'blockchain-based information services' may give rise to confusion where narrowly misinterpreted as referring to IT services. However, the second paragraph of Article 2 further clarifies that 'blockchain-based information services' will be defined as services providing information to the public which are developed based on blockchain technology and presented in the form of a website or app.
The third paragraph of Article 2 further clarifies that:
- 'blockchain service providers' are "the entities or nodes that provide blockchain-based information services to the public as well as organizations or institutes that provide technical support to the aforesaid entities"; and
- 'blockchain service users' are organisations or natural persons that use such services.
Thus, the draft provisions could be understood to regulate not only information service providers based in China, but also overseas blockchain technology providers which support China-based information service providers. This would mean that the draft provisions include extraterritorial elements to a certain extent.
Filing requirement The draft requires blockchain service providers to complete a blockchain information service registration form through the CAC's online system within 10 working days of providing the service. If a service provider changes or cancels its service items or website address, it must complete the change or cancellation procedure within five working days.
Annual verification Service providers must perform annual verification procedures by logging in to the CAC's system at the time specified by the CAC and its provincial branches.
Pre-approval for special industries When service providers provide information relating to, among other things, newspapers, publishing, education, healthcare, medicines and medical devices, they must obtain pre-approval from the relevant competent authorities before registering with the CAC.
Identity authentication Service providers cannot provide services to users that they cannot identify via the user's ID number or mobile phone number.
In the past two years, the Chinese authorities have successively put forward mandatory requirements for media, telecoms and social communication platforms regarding ID authentication of personal users. Service providers must also carry out such authentication under the regulatory measures.
Requirements for internal control of technology As mentioned above, the CAC has adopted a cautious approach to the technology-related issues addressed by the draft provisions and has therefore proposed only basic principles to regulate service providers from a technological standpoint:
- Service providers must be able to immediately address illegal content.
- The management rules for blockchain service platforms must be transparent.
- To cope with users that illegally use blockchain information services or violate service agreements, service providers can take measures such as issuing warnings, restricting use and deregistering user accounts. Further, service providers must eliminate and prevent the spread of illegal information and report such instances to the authorities. However, this clause is subject to some confusion regarding the requirement to eliminate illegal information. This is because blockchain technology is predicated on its ability to keep a permanent incorruptible record by which data cannot be changed, modified or erased, meaning that the above regulatory requirement contradicts the logic for adopting such technology in the first place. It remains to be seen whether this clause will be adjusted before the final version of the provisions is released.
- Service providers must record user posts and logs for at least six months and must provide them to the enforcement agencies when requested.
- Any new products, applications or functions must be reported to the CAC and its provincial branches to conduct a security assessment in advance.
According to the draft Provisions on the Administration of Blockchain Information Services, violations of the provision will face a maximum fine of Rmb30,000, provided that a crime has not been committed. However, the possible penalty of being ordered to cease providing a service is expected to be more of a deterrent.
In general, the draft provisions symbolise the government's first step towards blockchain regulation and demonstrate China's positive attitude towards standardising and promoting the development of blockchain technology. The regulators may make further improvements to their policies in future in order to keep up with the development of the blockchain industry and technology.
Although the draft provisions do not address all issues relating to blockchain, they send a notable message to enterprises that operate in China or provide overseas technological support to Chinese companies. As such, companies should review or update their internal compliance programmes in order to address compliance risks stemming from the increased monitoring of relevant content and the CAC's regulations.
For further information on this topic please contact Stephanie Wu Yuanyuan, Ying Song or Philip Wei at AnJie Law Firm by telephone (+86 10 8567 5988) or email ([email protected], [email protected] or [email protected]). The AnJie Law Firm website can be accessed at www.anjielaw.com.
This article was first published by the International Law Office, a premium online legal update service for major companies and law firms worldwide. Register for a free subscription.