Alex has written on Chinese affairs for The Economist, The Financial Times, and The Wire China. He was based in Beijing from 2019 to 2022, where his work as Culture Editor and Staff Writer for The World of Chinese won two SOPA awards. He is still recovering from zero-Covid.
During a visit to the United Nations in September, Chinese Foreign Minister Wang Yi launched a new international plan for AI development that focused on what has come to be called the “global south.” It was China’s resolve, Wang Yi announced, to work with other countries on data sharing and security, the production and supply of AI tech, building joint AI laboratories, educational exchanges, and creating an “open-source AI community.”
The release of the “AI Capacity Building and Inclusiveness Plan” (人工智能能力建设普惠计划) came on the heels of a UN resolution to strengthen international cooperation on AI tabled by China and a “core group” of partner states — and it positioned China as an alternative to the industry’s current leader, the United States.
In his speech on the plan, Wang emphasized that AI should be an inclusive and accessible technology. This was a not-so-subtle jab at the US, whose restrictions on high-tech exports have frequently been characterized in Chinese state media as a means not just to target the PRC but to assert its dominance over all other nations. “AI should not become a tool for maintaining hegemony or seeking advantages,” Wang said.
But the PRC’s actions suggest it may have ambitions of its own, grand if not hegemonic. The official People’s Daily newspaper has boasted that Wang’s AI plan “demonstrates China’s vision and responsibility as a major AI power.” Government rhetoric draws a direct line between AI exports and existing initiatives to expand China’s influence overseas, such as Xi Jinping’s signature Belt and Road Initiative (BRI) and Global Development Initiative (GDI). In this case, the more influence China has over AI overseas, the more it can dictate the technology’s development in other countries.
Open-Access Development
Wang Yi’s speech, like other speeches on AI from Chinese representatives to the UN, echoed Xi Jinping’s directions on how the technology should be applied globally. In October, Xi launched the Global AI Governance Initiative at a high-level BRI meeting. In his speech, Xi framed the Initiative as an outgrowth of the BRI, and another means to create what he calls a “community of shared destiny for mankind.” The accompanying policy document outlines how AI should be “people-oriented” (以人为本) and a form of “intelligence for good” (智能向善). In other words, AI should be used to benefit humanity. It should offer solutions for global problems like social inequality and climate change, and must be kept out of the hands of malign actors.
The document also says that AI must not be used to interfere in another country’s internal affairs — language that the PRC has invoked for as long as it has existed, both to bring nations of the global south on board in China’s ongoing efforts to seize Taiwan and to deflect international criticism of its human rights record. The document also emphasizes that all countries should be able to harness the power of AI for their own development. AI, therefore, should be open access and free to all, with every country afforded equal opportunity to access the technology.
As Fu Cong, China’s special envoy to the UN, put it in his opening speech to the “Group of Friends” nations in November, AI must not “become a game for rich countries and rich people.” This is not just about the US versus China, in other words, but the West versus the rest.
China’s decision to co-launch its AI Capacity Building plan with Zambia also had a symbolic element. PRC state media reported that the African nation was the recipient of thousands of Chinese workers and hundreds of millions of RMB in loans in the 1960s, making it the beneficiary of one of China’s earliest overseas infrastructure projects — another thread connecting the latest in AI cooperation with China’s long-held ambitions to lead the developing world, even as it becomes a superpower in its own right. In a 2018 meeting with the Zambian president, Xi said they must jointly “safeguard the common interests of developing countries.”
AI Allies
There are a few possibilities for how this latest iteration of China-Global South cooperation could look on the AI front. One is through Large Language Models (LLMs). China is currently leading the way in open-source foundational LLMs — AI models that can be copied and altered for free by software developers, then used as the groundwork for them to build their own apps. Not only are Chinese LLMs cheaper than their Western equivalents, but they have also been reported by users to be more adept at handling East Asian languages and coding.
Taiwanese computer scientist Kai-Fu Lee said at a recent industry summit that China can lead from a position of strength by mastering “large-scale model pre-training.” SOURCE: Wikimedia Commons.
Leaders in China’s tech industry know that dominating this key software puts them in the pole position going forward. The founder of Chinese AI company 01.AI, Kai-Fu Lee, said at a recent industry summit that China can lead from a position of strength by mastering “large-scale model pre-training.” As long as their models are “good enough and cheap enough,” China will be positioned to determine “the bottom line of safety and controllability.” That could mean that, wherever they are in the world, they will have to conform to the CCP’s political redlines.
In some ways, this process has already begun. Egypt, one of the core members of the “Group of Friends,” has been expanding its AI program since at least 2019, collaborating with a number of different overseas companies to develop its AI capacity. In May, Huawei launched a public cloud service for the country, as well as the world’s first specialized Arabic LLM, which Huawei says uses “the world’s largest” Arabic dataset. In September 2022, Saudi Arabia also signed a joint venture agreement with Chinese AI company SenseTime (商汤) to create a localized AI lab.
As the strategic rivalry between the US and China draws much of the world into competing camps, AI is one key battleground in which the PRC is not merely “seeking advantage,” as Wang Yi put it in his high-minded speech at the United Nations, but has already found it.
Through 2024, China’s international communication centers (ICCs) have mushroomed at the local and provincial level all over China, tasked with innovating and disseminating propaganda for foreign audiences. According to our research, they now number over 70.
Such numbers could give the impression that the initiative has been a success. But a recent report from Young Journalists Magazine (青年记者杂志), drawing on interviews with ICC staff, points to problems in the system. These include a shortage of talent — both overseas hires who can better tailor the message to what foreign audiences would want to hear, and Chinese trained overseas with native-level language skills.
Even cosmopolitan Shanghai has struggled to fill positions for its ICC, where staff blamed costs and unnamed difficult “policies” surrounding foreigners. “After the epidemic,” an employee told the Young Journalist, “there has been a huge loss in overseas talents, and everyone’s difficulties are similar.” This could be a serious problem for the centers going forward. The report goes on to mention that many ICCs lack an understanding of foreign perspectives, and may tell stories that interest locals but are utterly irrelevant to international audiences. Finding ways to connect with the outside world, especially through foreigners or foreign-educated Chinese, could well help this problem along.
Some ICCs don’t understand local stories won’t interest international audiences, as seen in this Instagram post from an ICC in Jinan, Shandong, which assumes foreign audiences will be “excited” by a new stretch of the city’s subway track.
Xi views the ICC system as an integral part of China’s external propaganda strategy. So how are the centers trying to get around this talent dearth?
Young Shoots at the Grassroots
By their very nature, ICCs require knowledge and experience of overseas cultures to better communicate with them and pinpoint ways to build audiences. Most ICC jobadverts available online require advanced foreign language skills from journalists, executives and editors. Some demand more: Zhejiang’s ICC requires at least three years of bilingual experience, while the Western International Communication Center in Chongqing says it will prioritize candidates with over 2 years experience living in the UK or US.
Although it is hard to gauge how much interest these job postings earned, or how easy they were to fill, available evidence indicates they appeal to only a small number of job seekers. Zhejiang’s job posting was read just 195 times on WeChat. The maximum number of reads for an international communication job posting we found on the platform was from Chongqing, which was around 1,600 times.
Some ICCs are squaring up to the challenge with quick fixes. The report from Young Journalists Magazine says that some are drawing from their local area’s pool of international students, in the hope they can be more easily relatable to foreign audiences. ICCs in Anhui and Jiangxi, among others, tapped foreign students studying in their region to become “communication officers.” The end result of this approach was usually videos on X where students spoke about why they came to China and related their experience of traditional Chinese culture.
Hangzhou’s ICC signed a cooperation agreement with one local university in April, promising to work together to promote traditional Chinese medicine abroad — using the college’s international students as “ambassadors” to tell China’s story well.
China’s foreign language universities are also a potential resource. Henan’s ICC signed a cooperation agreement with the foreign languages school of one local university, hiring its teachers as experts as “intellectual support” and promising to give their foreign language students “internship and practice opportunities.”
Some of these universities have strong pre-existing ties to the outside world, which ICCs leap to harness. In May, the Nottingham-Ningbo University (which the UK’s Nottingham University says is its “China campus”) signed an agreement with Zhejiang’s ICC to “utilize its international platform to foster cultural exchange and enhance global understanding of China.” While Chinese institutions and local governments see such utilization of student resources as unproblematic, formal cooperation of this kind — structured around what are clearly party-state agendas over educational ones — could potentially violate the obligations universities have to their students.
According to the principles openly affirmed by the University of Nottingham, its goal is to "support students to develop the skills to engage critically with new ideas." The university’s governance language is clear: “Freedom of speech and the free exchange of ideas are central to the University of Nottingham’s mission of advancing truth, knowledge, and understanding.” How is such a commitment compatible with a memorandum of understanding for strategic support on international communication that commits the Ningbo campus (the University of Nottingham “China campus”) to using students to “raise the appeal of the China story” (中国故事感召力)? The clear danger of such a formal arrangement is that students and faculty feel obligated — in violation of the principle of the free exchange of ideas — to serve broader state agendas that should fall outside the purview of the student-university relationship.
Tapping Into “Gen Z”
Recruiting from among young people is also an advantage on which the ICC system hopes to capitalize. They are tapping into a demographic willing to work for little to rise up the career ladder, at a time when China’s job market is in the doldrums. Not only that, but this also feeds into a broader trend in Chinese propaganda of targeting the world’s young people. A 2023 paper in the journal International Communication (对外传播), published by the CCP's Central Propaganda Department, explains getting the attention of “Generation Z” is key to external communication.
Formal cooperation [between foreign universities and ICCs] structured around what are clearly party-state agendas over educational ones could potentially violate the obligations universities have to their students.
There are other ways the ICCs can kill two birds with one stone. Shandong’s Weifang Bohai ICC has simultaneously solved the talent problem and enacted the government’s “AI+” policy. The ICC was able to use a collaboration with China Daily to take the likeness of one of their Western journalists, turning it into a virtual anchor deployed for regular broadcasts.
The need for foreigners and foreign perspectives for ICC work can also speed up the process of ICCs going out into the world. Last week, Chongqing’s ICC announced plans to establish ten branches around the world, recruiting 30 foreign creatives and technicians to win hearts and minds abroad. The city is keen for foreign exchanges to bolster its economic development, but perhaps they’ve come to the conclusion that building overseas bases and recruiting foreigners is the best means to that end.
It makes sense that ICCs, under pressure to deliver on Xi’s new plan to beef up international communication, are experimenting with ways to work around the enduring set of problems that have historically troubled “external propaganda” work — including wooden and monolithic messaging, and a lack of audience understanding and responsiveness. So far, as China’s new ICC network finds its feet, the results are uneven. Some ICCs have sought a stronger overseas presence, while others have focused on drawing in young people, rolling out AI solutions, or tapping into existing educational exchanges. But one thing is certain: At the heart of this push from the center to enlist provinces and cities in the national project of global influence is a drive for new and innovative approaches. Whether this happens will depend on the politics, but also on the people.
International communications centers, or ICCs, are sprouting up all over China. These centers, a crucial piece in the leadership’s bid to remake its external propaganda matrix, have opened in nearly every province and dozens of cities nationwide. Their spread has been expansive — but far from even. One province, coastal Zhejiang, now hosts 16 “local international communication centers” (地方国际传播中心) at the municipal level or lower — five times the national average.
Zhejiang is one of China’s wealthiest provinces, but this alone cannot account for its surge in new ICCs. Even wealthier provinces, like neighboring Jiangsu and Fujian, have not experienced similar growth. So why has Zhejiang become home to so many ICCs?
Act Globally
As we have detailed in previous research, provincial-level ICCs are spearheading efforts to “innovate” foreign-directed propaganda under a new province-focused strategy, responding to instructions issued by Xi Jinping in 2018. The idea is for central powers to mobilize the peripheries to contribute more actively to the work of what Xi calls “telling China’s story well.”
Since 2021, when Xi Jinping held a collective study session of the Politburo on external communication, there has been a renewed push to strengthen the PRC’s “discourse power” abroad and to shore up what it calls “external propaganda” (外宣), by building a network of provincial and city-level ICCs. In June 2023, provincial and city-level ICCs created a mutual association to better coordinate work nationwide. The process of integrating the ICCs, both horizontally and vertically, including with central state media, has begun to emerge as a core strategy in China’s efforts to remake its infrastructure for global media and public opinion influence abroad.
ICCs, which deliver content to overseas audiences who do not pay for it, are not money-making ventures. “Their operations cannot be separated from the financial support of government bodies like the Propaganda Department,” writes one researcher for Young Journalists Magazine (青年记者杂志). The same article quotes an ICC employee in Chongqing who says that this lack of commercial viability, coupled with irregular government funding, has held back their work. Demand for international communication at the municipal level, they say, “still needs to be cultivated.”
Think Locally
The same does not appear to be true a thousand kilometers to the east. Local governments in Zhejiang are flush with cash to spend on “culture, travel, sports, and media.” Looking at media reports on the province’s ICCs, there also seems to be a perception that money spent on ICCs will be returned through increased trade and tourism — that apart from making the political goals set by Xi, they will act as publicity bureaus for the localities where they are based. In Xianju county, local officials have tasked their ICC with turning the undeveloped region, known as a natural beauty spot, into “a world-class travel destination.” In Hangzhou’s Yuhang district, a local ICC was launched to spread awareness of the neolithic Liangzhu culture it once nurtured.
Compared to inland Chongqing, Zhejiang is deeply plugged into the global economy: from “world capital of small commodities” and New Silk Road terminus Yiwu to tech hub Hangzhou — home to e-commerce giant Alibaba and a mecca for online influencers — and thriving sea ports like Ningbo-Zhoushan, the world’s busiest port by cargo tonnage and home to its own ICC. At the launch ceremony for Yiwu’s ICC, emphasis was less on inspiring affection for the Chinese government abroad and more on “enhancing economic and trade exchanges” with other countries. Other cities like Wenzhou also have strong connections with diasporic communities worldwide. The President of the Chinese Association in Italy — which is home to a thriving community of migrants from Wenzhou — was present at the launch for the city’s ICC. When provincial capital Hangzhou’s ICC was unveiled, speakers hailed Zhejiang as both a crucial node for international trade and a “major overseas Chinese affairs province” (侨务大省) — meaning that a larger proportion of Zhejiang natives are living, working and trading outside the country.
The answer to the question of why Zhejiang has launched so many more ICCs than any other province defies easy explanation. It is likely a combination of the various factors: more funds, more extensive overseas connections — and perhaps even the fact that Xi Jinping spent three and a half years as a top leader in the province. But the rapid spread of ICCs in Zhejiang suggests that while the top-down mandate to remake international communication is a factor, their setup is more than just a response meant to accommodate central government demands. Across the board, the centers promise to bring real, tangible benefits, suggesting they are not just performative political stunts but potential business opportunities. Whatever the balance of these factors may be, they are a reminder that even in China’s push for greater global influence, it continues to be local conditions and opportunities that matter the most.
Aligning artificial intelligence with ethics and social values is a global challenge. But in China, there is a further dilemma as AI becomes more powerful and pervasive: how to ensure that large language models (LLMs), the building blocks of AI, adhere to the country’s rigid Communist Party orthodoxy.
As the leadership’s redlines on public discussion are ever-shifting, one answer to this dilemma could be “Easy Write” (写易), a new AI text generation tool launched by the CCP’s flagship newspaper People’s Daily (人民日報). Unlike other LLMs, it uses only Party-vetted sources to generate writing for an intended user base of state media staff and other government employees.Users can choose between information drawn from People’s Daily archives, Xi Jinping’s “important speeches” (重要讲话), or both.
The People’s Daily describes the tool, released early this year around the time of the annual Two Sessions political meetings in Beijing, as a “mainstream values LLM.” The word “mainstream” refers, in this context, not to generally accepted ideas but to the consensus political view as determined by the Chinese Communist Party (CCP) and Party-state media.
The software is the brainchild of the State Key Laboratory of Communication Content Cognition (传播内容认知全国重点实验室), a research laboratory under People’s Daily and the Ministry of Science and Technology that is responsible for improving the reception and dissemination of Party propaganda online — including through AI. The People’s Daily says it was created to “better inspire” the daily reading and writing skills of Party organizations, state-owned enterprises, and official media outlets. A how-to instruction guide on the platform notes the LLM can also help “promote Xi Jinping’s thought” online.
But with AI results are never so simple. And our test drive of Easy Write suggest that in some cases it could make things difficult.
Agree to All Terms
In the months since Easy Write dropped, state media have been trying to work out how to integrate AI into their newsrooms. In early November, representatives from various media met in Beijing for a forum on this very question. These concerted efforts came after the announcement of Premier Li Qiang’s “AI+” policy at the Two Sessions, aimed at bringing AI into every industry in China. Easy Write is an illustration of how they want the Party, too, to be AI-powered.
Prompts pinned on the application’s search bar ask if users want to write a “party branch work summary.” When we tasked it with writing such a work review for a Party cadre in Sichuan province, instructing it to highlight how they were boosting “new quality productivity” (发展新质生产力), the model generated an appropriate speech. It included statistics from People’s Daily and mentions of actual development projects currently in the pipeline, like the Chengdu-Chongqing Special Economic Zone.
Faced with this task, the LLM listed exactly what has been cited from People’s Daily and Xi Jinping’s speeches. It was also able to write convincing articles explaining the origins and concepts behind key ideas in Xi Jinping’s political thought, such as the “Two Creates” (两创).
A work report generated by Easy Write.
Eats Shoots and Hallucinates
But when we asked it to create a speech in the style of Xi Jinping about “my favorite cat” — something innocuous but which it was unlikely to have been trained on before — it veered between talking about cats and pandas. The latter, of course, is an animal Xi has frequently invoked as a symbol of Chinese soft power. Since the two share a Chinese character, the algorithm may have been confused and tried to steer back into familiar territory. Since CCP takes eliminating hallucinations very seriously, though, such flights of fancy in a tool dealing with Xi’s own words could be embarrassing — even dangerous.
Text generation isn’t Easy Write’s only trick. It also has a proofreading function that scans copied-and-pasted text for spelling mistakes, grammatical errors, and — uniquely — politically sensitive terms, allowing users to course-correct before they touch any redlines. Researchers at People’s Daily have said that it edited the newspaper’s coverage of the Two Sessions earlier this year, becoming a “powerful tool” for news editing. But this function, too, had some obvious shortcomings. We input this year’s Double-Ten National Day speech by Taiwan’s President Lai Ching-te, which at the time prompted vigorous condemnation from across the Strait and even renewed military drills encircling the island. Yet Easy Write was nonplussed. It flagged mentions of the war in Ukraine and Taiwanese opposition heavyweight Han Kuo-yu, but it did not wince at Lai’s assertion that Taiwan and China were not subordinate to each other and that Beijing could not represent Taiwan — something that PRC state media lambasted him for.
Screening Taiwan President Lai Ching-te’s National Day speech through Easy Write.
These glitches may explain why state media have been reticent to report on Easy Write, despite the People’s Daily nod. No other official outlets have published any coverage of the software, and the People’s Daily itself has not devoted promotional space to promoting it — something they have done with their other work, including other AI projects. Most statements from the People’s Daily about the tool have been presentations on what they have been doing to implement “AI+” or improve AI security. At a time when AI is all the rage in China, the reluctance to promote Easy Write stands out.
Yet as the director of the State Key Laboratory of Communication Content Cognition’s academic committee has said, AI is still in its infancy, meaning that problems like controllability and security “cannot be completely solved in the short term.” So why try to do so, with something as demonstrably unreliable as Easy Write?
As the AI trend is pushed strongly by China’s leadership, the simplest answer may be the need for developers at the People’s Daily to demonstrate that they are working conscientiously to make their own contributions. But as Easy Write itself shows, creating an AI tool that can keep pace with the latest technology and the latest Party line is no easy task.
After several months of radio silence, Hu Xijin (胡锡进), the once outspoken former editor-in-chief of China’s state-run Global Times tabloid, last week resumed posting on his influential Weibo account.
The combative commentator is known for his fiery rhetoric praising Xi Jinping and lambasting the West. He is often considered to have close links to CCP inner circles as well, and has been looked to as a bellwether for where the leadership wishes to guide public opinion. But Hu’s normally incandescent social media channels went dark in July after he offered an apparently unsanctioned interpretation of the Politburo’s Third Plenum decision.
Hu’s latest Weibo posts are much the same as before, a months-long gap between timestamps the only sign of something amiss. He has not addressed his absence, but a post last week offered some clue as to how he has spent the intervening months of silence. On November 1, Hu wrote on Weibo that “over the recent period” he had traveled by car through Henan and Shanxi, and “I have never so carefully scrutinized our country, especially the central plains.”
Hu Xijin poses before a monument to the Eighth Route Army in Pingxingguan, Henan.
In perfect keeping with the dominant discourse of the moment, he cooed about the “special spirit” of the Chinese people and “the 5,000 years of Chinese civilization.” He searched through the Henan countryside for the tombs of Chinese philosophers like Dong Zhongshu (董仲舒), who in the 2nd century BC was a proponent of Confucianism, and who laid down early rules for determining the legitimacy of monarchs. Unable to locate the tomb of the Eastern Han dynasty warlord Cao Zhi (曹植), he got his bearings from an official in the local village committee, he said.
He visited Erlitou (二里頭), the site in Henan of an early Bronze Age society. And of course, he visited “red tourism” (红色旅游) sites along the way, like Pingxingguan (平型關大捷), where the CCP’s Eighth Route Army is said to have won its first battle against the invading Japanese in September 1937.
Even though Hu has not said much so far, Weibo users have noticed. Thousands of his fans piled into the comments to welcome Hu back. More skeptical netizens know him as “Frisbee Hu” (飞盘胡), a dog running whichever way his masters throw the Party line. But in recent years Hu’s stands against the worst excesses of online nationalism — like defending CCP-favored author Mo Yan when a blogger tried to sue him for disrespecting Chairman Mao — have made him sound like a relative voice of reason.
“Your opinions may not all be correct, but you are objective, fair, calm, and positive,” read one upvoted comment. But others have not forgotten his reputation for obedience: “Old Hu is back! That’s great! I can walk and play with my dog every day again!” reads the most-liked comment.
Perhaps Hu’s comeback should have been expected. His “Hu Says” column in the Global Times has been quiet since July, but was never removed from its prominent position on the newspaper’s homepage, suggesting his spell in the wilderness was always expected to be brief. However, Hu still has not posted on his blue-check X account. Perhaps the former editor still needs to prove that he can be trusted with a VPN again.
Before Twitter became X, the social media platform was scrupulous in labeling the accounts of media outlets from around the world that had connections to foreign governments. “State-affiliated media” labels were applied, according to the platform, to “outlets where the state exercises control over editorial content through financial resources, direct or indirect political pressures, and/or control over production and distribution.” For outlets like China Daily — run directly by China’s central government — labels had a real impact in driving down user engagement.
These days, labels on what was once Twitter are too opaque to be of much use. After first antagonizing public media like NPR in 2023 by slapping them too with the “state-affiliated” label, despite clear policies and procedures on independence, billionaire Elon Musk had his platform apply cryptic gray check-marks, indicating that accounts like that of China’s Ministry of Foreign Affairs are “government or multilateral organization account[s].” Confusing things even further, unmistakably state-affiliated accounts — like that of the CCP’s official mouthpiece, the People’s Daily — can simply override any stigma by purchasing a blue check-mark from X — leaving them simply, like millions of others, “verified.”
But even as labeling has largely become a practice of the past for social media platforms — TikTok, in fact, being the only one to actively label accounts as “China state-controlled media” — Chinese state-affiliated accounts have learned to bypass transparency efforts by using cloaked accounts or brands, masking their connections to China’s government bodies. These accounts, which interact on social media platforms as though they were independent entities, are sometimes capable of reaching millions, and even pay to amplify their messages.
Examples of such accounts are legion. “Hi, this is GBA” looks like just a social media influencer on X with more than 85,000 followers, as does “Daily Bae,” which has 1.1 million followers on Facebook. Both are external propaganda brands run by Guangdong province, and clearly identified as such in official media reports.
As Xi Jinping speaks of “building a more effective international communication system,” part of the message he conveyed this week during a collective study session of the Politburo, accounts like these, run not just by state media but by provincial and city-level international communication centers (ICCs), are a critical part of the strategy.
How do these accounts operate? We took a deep dive into one of them to get a closer look.
Who’s Speaking?
At first glance, the account “China Says” looks unassuming enough. It has a blue check and nearly 190,000 followers on X. On Facebook, it has 3.9 million followers, and its posts sometimes get millions of views. The bio section for “China Says” on X claims that the account offers “exclusive insights” into China’s foreign policy. At times, these insights appear as paid ads in X feeds like yours and mine. Much of the content on “China Says” focuses on the innocent promotion of local cuisine. But at times the account takes a sharp turn into the political. It regularly hosts explainers, for example, on China’s view of the international political system.
A tweet from ‘China Says’ explaining why BRICS is so popular, with an ‘Ad’ sign at the top-right showing it has been given paid promotion.
One recent explainer, an interview with Danish photographer Jan Oberg, who has featured frequently (and almost exclusively) in Chinese state media reports, was framed with the loaded question: “Is China’s approach to global peace the antidote to Western militarism?” Another post features “Quotes from Xi Jinping” that urge “global governance reform.” Yet another, a program called “Diplomacy Talk,” again portrays China as an enlightened force in the global South: “China offered hope when the West labeled Africa ‘hopeless,’” it begins.
The nature of this content, and the account name “China Says,” might offer a clue as to origins. But exactly who is speaking here?
In fact, “China Says” is operated by the Chinese Internet News Center (中国互联网新闻中心), an institution directly under China’s State Council Information Office (SCIO). The SCIO is essentially the same office as the Chinese Communist Party’s Central Propaganda Department — which means that this “news and media website,” as it is labeled on Facebook, is speaking from the very center of the Chinese party-state. And yet, quite unlike the account forChina Daily, also under the SCIO, the account bears no “China state-controlled media” label.
“China Says” is one cloaked party-state account on X that has made good use of the platform’s marketing system. X Ads offer any account paid promotion for their content over a fixed period of time, allowing posts to maximize exposure — acquiring followers and engagement more quickly. The tool also allows campaigns to target audiences, according to which country they are in and if they have followed certain Twitter accounts.
According to Twitter’s Ads Repository, which logs advertisements created by companies, “China Says” has taken out 109 ads so far this year, some of which have been promoted to targeted audiences continuously for over half a year. We categorized the accounts into those dealing with cultural topics, the economy, and politics. Categorizing topics allowed us to spot the more recent trend toward political, and geopolitical, issues over culture.
According to the data, the account’s initial posts were merely promotions of Chinese culture and tourism sites. But from July this year, the ads for “China Says” were placed by a company identified as “Shanghai Yangzhi Marketing.” This company name appears to match the Chinese name of Socialydia (上海洋芝市场营销策划有限公司), a private marketing firm that focuses on “overseas social media platform operations” with a wide range of clients, including the publicly-listed Chinese automaker BYD.
Categorizing topics allowed us to spot the more recent trend toward political, and geopolitical, issues over culture.
Under Shanghai Yangzhi’s remit, the ads for “China Says” became much more professional, and the number of ads taken out in September tripled from January numbers. Their content shifted in tone as well. At the beginning of the year, the only ads the account took out featured beautiful Chinese landscapes and tributes to Chinese traditional culture. But by September, 70 percent of the ads were rather blunt statements on China’s economic and geopolitical successes, indistinguishable from the state media’s usual self-congratulatory fare.
The target audiences defined in X Ads changed too in July as Shanghai Yangzhi Marketing came onboard. Before July, the audience tags were unimaginative China-themed words like “Shanghai” or “China.” From that point on they were more ambitious and far-reaching. The account now systematically lists every country in the world as its target audience. The list of those to target also includes anyone following a long list of Chinese X accounts, including the Ministry of Foreign Affairs, the Ministry of Commerce, the People’s Daily, CGTN, China Daily, The Paper — and even Hong Kong’s South China Morning Post, which in 2015 was bought by Alibaba Group.
As we mentioned earlier, there are many cloaked accounts like “China Says” — hundreds if not thousands. So how many are making use of X Ads to boost their visibility and engagement?
We checked eight other cloaked accounts that push Chinese government messages, including those operated by provincial-level international communication centers like WuhanPlus and iChongqing. None of these had so far invested in ad campaigns. But “China Says” demonstrates how such tactics can be applied successfully as international social media platforms turn a blind eye and users are offered no information about who these accounts actually are. It also offers a clear look at how these accounts transform over time from innocuous posts about beautiful skylines, migrant birds and autumn colors, to promotion of China’s foreign policy and the hyping of US aid to Africa as “empty promises.”
China Says is also a concrete case study on what Xi Jinping meant when he spoke about the "pattern reconstruction of international communication," and about "innovative online external propaganda." As grandiose as those ambitions sound in the specialized discourse of the Chinese Communist Party, the idea in terms of the delivery of China's official messaging is deceptively simple — to use existing global communication platforms, including Facebook, YouTube, X and Instagram, in ways that engage and build audiences while camouflaging the hand behind.
Be ready for stunning views of stony Tibetan peaks, followed by soft and playful pandas, and then a serving of anti-Western propaganda. It could come at you from anywhere.
Earlier this month, the People’s Daily astonished millions of online readers in China by weighing in on a petty dispute between two celebrities. The article, which accused an actress of grabbing publicity by slandering her ex-boyfriend, was an odd change of character for the Chinese Communist Party mouthpiece. Speculation raged about what this aberration could mean.
There was just one problem — the article was a complete fake. And within hours, a new question loomed: How did this happen?
In fact, convincing as it was — with an apparently genuine People’s Daily Online URL, look and layout — the piece wasn’t written by People’s Daily at all. The next day, the media group weighed in to disavow the article, saying it was a “copycat” (套牌) that had cloned its news pages. It went on to say this was not an isolated incident, and voiced concern that the impersonation of official news outlets, apparently a rather widespread phenomenon, could “trigger a crisis of trust” in the country’s Party-run news outlets.
In fact, the issue has little or nothing to do with trust — and everything to do with power. The lesson: monopolize access to speech and information, and those eager to be heard will find a way to borrow your privilege.
To Fake It, Officially Make It
In this case, the actors doing the borrowing seem to have been “fan circles” (饭圈), or “fandoms,” a repeated source of trouble on China’s internet. These fan groups can become tribal in their devotion to the celebrity figures they have rallied around, and go to great lengths to defend them. In July 2020, after two fandom camps started a disruptive online war, the government really did step in, the Cyberspace Administration of China (CAC) promising to stop fan circles “tearing each other apart.”
The fake article appearing online in China on October 3, 2024 — shown here with a “fake” label — was indistinguishable from a real People’s Daily Online post.
This time, the trigger seems to have been a trivial matter of a celebrity couple splitting up, the woman alleging her partner had cheated on her multiple times. In a post on Weibo, the woman accused her partner’s fan circle of being behind the fake People’s Daily article, trying to get revenge for her accusations.
When investigating these accusations, a reporter from TheBeijing News (新京报), one of the country’s most-read commercial newspapers, unearthed a thriving underground industry where clients could pay for a clone of any website they wanted — and noted that 200,000 clones of Chinese websites were found in 2020 alone.
As some of these pages are hosted on servers outside China, there is not much the authorities can do, apparently, to remove them. The reporter found multiple fake websites of official government platforms, including one based in Singapore posing as a Hubei government portal. The site (which is still active) looks similar enough to the real thing to fool people.
In an official commentary, The Beijing News went on to say that websites of government institutions and official media “have become the hardest hit” by counterfeit websites, given their position of authority within China’s information flow. They don’t seem to be wrong. The CAC’s “Joint Rumor Refutation Platform” (联合辟谣平台) documented eight cases of netizens forging official government websites or documents to release false information in September, and five so far for October.
Guiding Pains
In China’s news environment, the copycat phenomenon risks damaging a carefully curated system, official media say. “At worst, they undermine the credibility of authoritative institutions and disrupt the public opinion ecology,” explains The Beijing News, an outlet that, while commercial in outlook, is also directly under Beijing’s propaganda office.
An October 4 commentary — this time real — at People’s Daily Online targets the fake People’s Daily Online article appearing the day before.
For decades, the Chinese Communist Party has taken great pains to shape the country’s public opinion ecology so that it is the only authority for information (and, as in the case of the joint rumor refutation platform, gets to dictate what is and is not accurate information). The party also set the tone for how events are to be viewed — and how they are subsequently covered by domestic media. In the case of the stabbing of a Japanese child in Shenzhen this September, for example, state media waited until the Ministry of Foreign Affairs MFA) spokesperson had passed judgment on the incident — dismissing it, essentially, as having any systemic cause in government-fueled anti-Japanese sentiment — before directly parroting the statement.
The Chinese government is known itself to peddle misinformation, or to allow it to thrive online, if it suits their domestic or geopolitical agenda. As official outlets are still considered a source of (at least official) truth by many Chinese, their words are an effective tool to sway public opinion — a textbook definition, in fact, of how the leadership has defined the media’s role since 1989.
When Ministry of Foreign Affairs spokespeople and official news outlets alleged in 2020 that Covid-19 had originated from the US-run Fort Detrick (in reaction to accusations Covid had originated from a lab in Wuhan), this was taken on faith as fact by many ordinary Chinese citizens.
Given the increased reliance on official sources as the core of information flow in China, it only makes sense for netizens to tap into this source of authority — which has taken the place of genuine trust. How can netizens not resort to official copycats when this is the most surefire way of being taken seriously and having an impact?
So long as the confusion of power and trust is endemic in China, with the CCP defined as the only possible source of truth, the problem of official copycatting will likely persist.
For its part, the People’s Daily, the victim of the fraud in this latest instance, remains in self-denial about the fact that what it calls “trust” is actually power — and that this is the root of the problem. “Once this kind of trust crisis is there,” the outlet said ominously the day after the spoof went viral, “it will be difficult to go back, and there will be long-term negative impacts on the network ecology.”
To many, 2024 is the Year of Democracy, a time when billions of people will go to the polls in over 65 elections across the world, giving us the biggest elections megacycle so far this century. To others, it’s the Year of AI, when the rapidly developing technology truly went mainstream. And for autocracies like China, some worry it could be both — a year of unbridled opportunities to use AI to manipulate the outcomes of some of the world’s most consequential elections.
“Generative AI is a dream come true for Chinese propagandists,” wrote Nathan Beauchamp-Mustafaga, Senior Policy Researcher at RAND, in November last year. He predicted the PRC would quickly adopt AI technology and “push into hyperdrive China’s efforts to shape the global conversation.” A few months later, AI-generated content from China attempted to influence Taiwan’s presidential elections by slandering leaders of the ruling Democratic Progressive Party, which champions Taiwan’s autonomy and separate identity.
Since then, China’s AI capabilities have been rapidly developing. Tech firms have rolled out an array of video generation tools — freely available, easy to use, and offering increasing levels of realism. These could allow any actors, government-affiliated or private, to generate their own deepfakes. But despite concerns about the potential for AI-generated fake news from China, there has been little investigation into what is currently possible.
At CMP, we tried to generate our own deepfakes to find out. In the end, we found that the process is simple and fast — with results that, while imperfect, suggest the potential implications of AI for external propaganda and disinformation from China are immense.
Working Out the Fakes
We gave ourselves a few caveats. Firstly, these tools had to be free and simple to use. This would cater to the lowest common denominator: an ordinary Chinese netizen without coding skills or funding, just a desire to spread disinformation. It’s likely that government-affiliated groups would be far more professional — assigned a budget, VPN, higher-quality tools, and technical expertise — but we wanted to determine how low the bar currently is. Our question: What is possible in China today with the minimum amount of effort and resources? This is also why we limited ourselves to tools available on the Chinese internet, within the Great Firewall.
With US presidential elections just around the corner, we set out to create a video of Republican candidate Donald Trump announcing that, if elected, he would withdraw the US from NATO.
Screenshot of an early attempt at a script, which included Donald Trump recognizing Taiwanese nationhood.
For the script, we turned to Zhongke Wenge (中科闻歌), an AI company chaired by a member of the National Development and Reform Commission. The platform has a setting that generates scripts for short videos. We soon had a minute-long script, including lines for our fake Trump.
We then turned to ElevenLabs, an AI voice generation company, to narrate the script. Despite being a US platform, ElevenLabs is available within China, according to Chinese firewall database GFWatch. It’s not far-fetched at all to combine Chinese and non-Chinese tools: social network analytics company Graphika identified one pro-China influence campaign as using AI-anchor tools from UK company Synthesia, whose tools are also available within China.
For Trump’s voice, a search on Chinese video streaming platform Bilibili yielded a video on voice cloning websites. This led us to Fish Audio, a website available in China has a ready-made Trump voice cloner. All we had to do was write out what we wanted Trump to say.
For the video footage, we experimented with several tools, but were dissatisfied with the vast majority. In the end, we chose Chinese AI startup Minimax’s “Hailuo AI” (海螺AI), partly because it generated the most realistic video clips but also because the company seems to be angling it towards professional creators, providing guides on how to produce ads with their software. We bookended the video with template title and end cards from FlexClip, an open-access website also available over the Firewall. Finally, we stitched the footage and audio together using Jianying (剪映), the Chinese version of ByteDance’s CapCut video editing app.
And here it is, our end result. We estimate the total time spent to be an hour at most.
The Results Are In
We set out to create footage of Trump announcing his intentions to withdraw from NATO and to recognize Taiwan as an independent country. Videos have been doing the rounds on Douyin that use voice and lip-synching technology to make him sing songs in Chinese. But this is still complex, requiring knowledge of developer tools and access to more sophisticated technology. Quality is also an issue. Many Chinese video generation websites — including Vidu, Kling, and cogvideoX — generated hallucinatory, unusable footage. When we attempted to animate images of Joe Biden or Donald Trump using Vidu and cogvideoX, their faces transformed completely. Hopefully, this still feels fake enough that most viewers would not be fooled.
Chinese companies have put a number of safeguards in place for AI-generated video, but these are easy to get around. New standards proposed by the government in September rule that any AI-generated content has to have a prominent visual watermark, and Chinese experts have argued this is an effective way to combat AI disinformation. But circumventing this is easy. All one has to do is to screen-record the video, cropping out the watermark. Another question we have over the medium to long term is whether the new standards will apply at all in cases where AI-generated content is intended for China’s own state-backed disinformation. Will China abide in practice to the spirit of its Global AI Governance Initiative?
Censored words can also be overridden with some creative thinking. Although Hailuo AI refuses to generate videos that have “Donald Trump” in the prompt, it decided that our prompt for “President of the United States” meant Trump, and generated footage of him. It also refused to generate content for “Taiwan” but allowed the island’s historic name, “Formosa.”
Sensitive terms, however, are constantly being updated. The video was quickly removed from our Hailuo AI account, and when we tried to use “Formosa” again a few weeks later, it was refused.
The work itself was tedious. Five seconds of video from Minimax required five minutes to generate, so a news bulletin of one minute would therefore require at least an hour of button-pressing — assuming you were happy with the footage that resulted. The same prompt generates different results each time, so simple things like continuity between shots were problematic. In our video, Trump looks slightly different in each shot and the backgrounds behind him and the journalists do not match. Sometimes prompts using “President of the United States” generated videos of Barack Obama instead of Trump.
This echoes what the director of the state-affiliated Bona Film Group said in July about a series of short films the group had generated using AI. She lamented the difficulty of maintaining continuity between shots: “The most difficult thing in real-life shooting happens to be the easiest thing for artificial intelligence, and the most difficult thing for artificial intelligence happens to be the easiest thing in real-life shooting.”
Although we initially planned for a minute-long video, the amount of tedium involved — endlessly pushing buttons, writing prompts, waiting five minutes, and checking the results — would be enough to tempt an ordinary netizen working in their free time to cut corners.
Whether or not our endeavor impresses you, these videos represent only the possibilities at this moment in time. China’s AI is advancing at an incredible speed. Hailuo was released just over a month ago, and already the state-run China Central Television (CCTV) has used it — alongside Vidu and Kling — in a video marking this month’s National Day. If Chinese AI software is nearing standards for national broadcast, this suggests it is approaching a level of believability suitable for deepfakes.
So, could a Chinese netizen produce a believable deepfake with relative ease? Our experiment suggests the answer is yes — but with a lot of caveats. As AI tech improves, however, the list of drawbacks will surely shorten. In a matter of months, the tools available to deepfakers, including those backed by determined states, could be sufficiently sophisticated to have impacts that are all too real.
The brutal killing of a Japanese schoolboy in the Chinese city of Shenzhen last week has made headlines across the world. The wider context of the tragedy — that it happened on the anniversary of the “Mukden Incident” that began Japan’s invasion of China nearly a century ago, and just months after another nearly deadly attack on a Japanese mother and her child in another city — raises serious questions about how it might be linked to decades of anti-Japanese education, entertainment and cultural conditioning in China.
But these are serious questions China’s media are not asking, or cannot ask.
How the media in China have reported the incident domestically (or not) is an unfortunate reminder not just of how stringent controls have become, but also how detrimental this atmosphere has been to discussion of the darker undercurrents of contemporary Chinese society.
From the early stages of the incident, key details were missing. The police report from Shenzhen did not mention the boy’s nationality, age, or where the attack took place. Instead, news filtered into China through overseas media. Some of the earliest reporting of the response from the Japanese government inside China came from the WeChat account of Nikkei Asia. Several reports published on the day of the incident that noted the statement from Japan, including from Caixin and from Shanghai’s Guancha, have been scrubbed from the internet, yielding 404 errors. Another report from the news portal NetEase, which seemed to have included some on-the-ground reporting from Shenzhen, was also taken down.
Screenshot of the Caixin website on September 18, with a notice saying that the webpage “does not exist or has been deleted.”
In all likelihood, reports from outlets like the above were removed by the authorities because they jumped the gun, not waiting for an official news release (通稿) from Xinhua News Agency. Generally, for such sensitive stories, more compliant media know that protocol demands that they wait for official word. State media, therefore, kept silent on the issue until after Lin Jian (林剑), a spokesperson for China’s Ministry of Foreign Affairs (MFA), held a press conference late on September 18, and again on September 19.
During the second press conference, journalists from Nikkei Asia linked the Shenzhen attack to the June attack against the Japanese mother and her son in Suzhou, widening the context of the Shenzhen case. Lin insisted, however, that this was an isolated incident. “According to the information we have so far, this is an individual case,” he told reporters. “Similar cases can happen in any country.”
That China’s foreign affairs ministry was out in front of Xinhua pointed to the sensitivity of the story, and its possible international impact. State media could now follow up on the story, but they limited themselves entirely to the MFA remarks. Hunan Daily, for example, the official mouthpiece of the provincial CCP leadership in the province, quoted Lin Jian verbatim, offering no additional details or context. The same was true of Shanghai’s The Paper, published by the state-owned Shanghai United Media Group, and other provincial-level dailies such as Guizhou Daily.
A more detailed report from local newspaper Shenzhen Special Zone Daily (深圳特区报), published on September 20 and shared by Yicai and other online outlets, illustrated another time-worn propaganda approach — the single-minded focus on official action and heroism. The report focused on the valiant attempts by the emergency services to rescue the boy. There was again no link made to the previous stabbing attempt in Suzhou. The attack, as they stated prominently at the top of their report — closely following the MFA line — was an “isolated case.”
The only touch of compassion in the report came in the form of a few quotes from locals laying flowers at the school. “No matter where the child’s nationality is,” one note at the scene reportedly read, “since he lives and studies in Shenzhen, he is a child of Shenzhen.”
Silencing Hints of Humanity
In fact, signs the public was interested and willing to discuss the broader context of the killing, as well as its causes and implications, were evident early on. Articles on WeChat linking the Shenzhen and Suzhou cases, as well as mentioning that images of the Japanese school’s entrance had been circulating on social media before the attack, were removed from the popular platform.
While such nuanced voices were stopped in their tracks, posts that urged online caution about the sensitivity of the September 18 anniversary were allowed to go viral. One example was an article on Baidu about netizen outrage over an internet vlogger who had her account suspended for allegedly disparaging the anniversary by calling it “June 18.”
A silence about context was enforced the day of the killing, state-affiliated media outlets readied the next, predictable phase — the demonizing of context itself. A commentary posted by Guancha on September 19 said that any netizens blaming the attack on patriotic education or “hate propaganda” would “produce a destructive effect” on society.
The Shenzhen attack is a sensitive story on a number of fronts for China. For starters, the government — which has touted increasing foreign visits as a mark of economic turnaround — is wary of frightening away foreign tourists, businesspeople, and investors. The attack, the third high-profile assault on foreigners in China in recent months, risks undermining the leadership’s message that China is open and ready to engage again with the world following the pandemic downturn.
The attack also risks undermining the simplistic narrative, advanced by state media, that China is fundamentally a society encouraging tolerance among civilizations — which has lately been a key pillar of what the leadership calls “Xi Jinping Thought on Culture.” The case tells us that despite China’s rhetoric of civilizational tolerance, the country has its own share, like perhaps any country, of individuals capable of violent xenophobia.
But the most sensitive aspect of this story, the most dangerous question that can be asked, is why. Why is China experiencing such violent attacks, and against the Japanese in particular? The answer to that question is no doubt complex. And yet, as netizens made clear in their early, stillborn conversations on the Shenzhen attack, the role of China’s officially-encouraged culture of xenophobic ire — a culture of “toxic nationalism” — is a serious issue that needs to be addressed.
The brutal truth behind this savage attack is that this problem will not go away until the antipathy at its root, present in the media discourse of the state as much as in the heart of the attacker, can be faced head on.
Matt Sheehan is a Fellow at the Carnegie Endowment for International Peace, specializing in China’s AI safety and governance. His latest paper highlights concerns within China’s government about regulating Artificial Intelligence. In July, he appeared on a panel at Shanghai’s World AI Conference (WAIC), a meeting of China’s top AI entrepreneurs, engineers, and lawmakers that was heavily publicized by state media. Alex Colville spoke with Matt to take the temperature of China’s AI industry and discuss the PRC’s current positions on AI safety and deepfakes.
Alex Colville: What is the current discussion on AI safety among PRC elites?
Matt Sheehan: There’s been a huge change in the last 18 months or so. If you’d asked me two years ago “How salient is AI safety in China’s AI industry and policy?” I would have said that it’s something you’ll hear people talk about in private sometimes, but it’s very much not in mainstream policy discussion and it’s not even very well represented in the mainstream scientific technical discussion. From, say, 2021 through mid-2023, AI regulation was a public opinion management issue, implemented at the department or ministry level, particularly the Cyberspace Administration of China. Before the rise of ChatGPT, the only part of the government making reference to safety issues was the Ministry of Science and Technology, which had made explicit references to the loss of human control over AI systems. But then over the course of 2023 we started to see AI safety rise to prominence,especially in the elite scientific community.
We’ve seen a number of public statements from China’s most prominent computer scientists saying they share a lot of the international concerns about catastrophic risks from loss of control of unaligned AI systems. The question has been if that elite scientific conversation has been making its way into the elite levels of the CCP. Beginning with the Interim Measures for Generative AI [regulations issued by the CAC to monitor AI-generation service, in effect since August 2023], AI governance has becomesomething the Politburo and the Central Committee want to be more directly involved in. They’ve shifted away from viewing AI governance as primarily a public opinion management issue that can be left to the CAC, and now view it as an issue of national power, and geopolitical positioning.
I think this past couple of months we’re starting to see some of the strongest indications AI safety is getting a hearing at this level. In the recent Third Plenum Decision, a section on public security and public safety included the call for creating an “AI safety supervision and regulation system.” This is the first time we saw a direct reference to AI safety — used in reference to public safety rather than content safety — appear in this high level of a policy document. It’s up for debate what exactly that supervision and regulation system might look like.
AC: How have China’s views on AI safety evolved compared to the views of the US and EU?
MS: In the past when the CCP has talked about “safety” (安全) as it relates to AI, they mostly have been talking about ideological security, political stability, content security, and content safety. What’s happening now in the last year is that we’re starting to see them use the term “AI safety” (人工智能安全) in a way that does seem more aligned with Western usage of the term, more tied to potential catastrophic risks. In both the Third Plenum Decision and some of the explainer documents released afterward, they tend to include AI safety in a category of large-scale industrial safety or use terms that in the past used to refer to large-scale industrial accidents. So whereas for a while I’d say China and the West were talking about fundamentally different things even when we appeared to be using the same language of “safety,” there’s now this emerging area where our scientific communities might be talking about the same thing.
AC: When we say elite levels of the CCP, we’re talking about a group of socially conservative men in their mid-60s, only a few of whom have been educated abroad or have STEM-related educations. What do you think is their understanding of AI and its capabilities?
MS: The answer is we don’t really know. You can learn a little bit by who they are talking and listening to. For example, Andrew Yao is probably the most respected computer scientist in China. He personally received a letter from Xi Jinping congratulating him on his 20 years working in China. He won the Turing Award in the United States and returned to China around 2000. He has this class called the “Yao Class” (姚班), which a lot of the major AI scientists or entrepreneurs in China went through.
Andrew Yao. Source: Wikimedia Commons.
I’d say he’s one of the most important and listened tocomputer scientists within the halls of government. He’s become a very vocal proponent of AI safety being a serious issue that needs to be acted on. I haven’t seen his name in one of the Study Sessions of the Politburo, but I would not be at all surprised if he presents at those kinds of levels. We have to infer whether or not those messages are getting from him into the higher levels of the Chinese government, but at least circumstantially we can see some evidence of that.
MS: The only full study session of the Politburo dedicated just to AI, back in 2018, was done by Gao Wen (高文), who’s another relatively elite scientist who has also been talking more about AI safetyand alignment recently. Peking and Tsinghua University professors have definitely been consulted on the regulations. There are also the heads of state-sponsored AI labs: Zhang Hongjiang of the Beijing Academy of Artificial Intelligence (张宏江) and Zhou Bowen of the Shanghai AI Lab.
AC: Watching Chinese reactions to the EU’s new AI Act has been interesting. An article from China’s AI Industry Alliance (AIIA) has one consultant talking about how Chinese laws will be “small incisions” (小切口法) versus the “horizontal legislation” (横向立法) in the EU’s Act. How do the EU and China differ in the way they create AI legislation?
MS: I think how the regulatory architecture is built out is one of the biggest differences between China and the EU. From the start, the EU went for one large horizontal regulation that’s supposed to cover the vast majority of AI systems all in one go, and within that you just tier them by risk. The Chinese approach has been not to have a comprehensive law, but to try to attack it quickly at the departmental level with targeted application-specific regulations, specifically for recommendation algorithms [in effect since March 2022], deep synthesis [in effect since January 2023], and the generative AI interim measures. They didn’t start from the technology, they started from a problem as they saw it. They thought recommendation algorithms were threatening the ability to dictate the news agenda, while deep fakes and generative AI would threaten social stability. So they worked backwards from the problem to create regulations specifically targeted toward it.
AC: China’s own AI Law has been in unofficial draft form since August 2023. Do you think this is something the leadership is still pursuing?
MS: A move towards a national AI lawwould be more aligned with the EU, but it’s unclear if they’re going to end up pursuing that. Policymakers often say their approach to AI should be “small, fast, flexible,” (小快灵).They’re worried about some long process that ends up being immediately out of date. The EU did a lot of work on their AI Act, but then in the final stages ChatGPT came out, and they needed to do some significant rethinking of how to deal with foundation models. China released its deep synthesis regulation five days before ChatGPT came out, and ChatGPT totally shook up what was in that regulation. So they just went right back to the drawing board and a few months later, had their generative AI regulation.
It’s very up in the air how specific, binding, and constraining the AI law would be if it came out. I think for a little while there was a lot of momentum and the thought was we have a push for this law very quickly. But it seems like the government has pumped the brakes a bit. They’ve got three different AI regulations already and currently want to be more pro-innovation — maybe they think they don’t need to roll out an entirely new national law on this right away. That makes sense from a number of perspectives: do you want to codify things in a law when the technology changes quickly? I think it’s most likely we won’t see the AI law text itself for another two years, maybe more, but they could surprise us on this.
Meanwhile, they’re also going to apply targeted standards to different industries, helping compliance with current regulations or to quickly integrate AI into different industrial processes. There are compliance standards about how to implement the generative AI regulation, exactly how to test your generative AI systems, and what performance criteria they need to meet in order to be compliant.
AC: We’ve been finding a lot of variance on how closely current regulations are followed, for example on putting digital watermarks on AI-generated videos and whether models can create deepfakes of politicians. How standardized is the field at the moment, and is there going to be any pushback for not following standards and regulations?
MS: It seems like classic Chinese regulation, where they throw a lot down on paper, but then selectively enforce it to achieve their ends, and maybe one day have a big crackdown on non-watermarked content. [Note: Since this interview, the CAC has released a draft standard fleshing out the Interim Measures for Generative AI, listing in detail where and how watermarks should be used.] I don’t think a national AI law necessarily solves that.In a lot of ways, I think their management of AI-generated content is going to be like the broader never-ending game of whack-a-mole that governs the CAC’s relationship with big internet platforms, where they constantly go to companies and tell them how to cover an event they’re worried about. The rules require conspicuous watermarks on content that might “mislead the public,” and the point of the watermarks is to make sure that you’re not having people deceived in ways that are criminal or harmful to the party’s interests. There’s going to be a lot of AI-generated content that is not really that harmful, so you don’t actually need visible watermarks on every piece of AI-generated content. Maybe the CAC will choose to selectively enforce this, where if a company allows a misinformation or disinformation video to go viral on the platform, that company will be punished in line with the generated AI regulation requirements for not having a watermark. But if you just have online influencers choosing to replicate themselves so they don’t have to record new videos every day, that might not be something the CAC sees as a problem.
Deepfakes would not fall under the AI safety (人工智能安全) concept we’re seeing in policy documents or discussed at the International Dialogues on AI Safety, which is quite specifically referring to AI escaping human control or very large-scale catastrophic risks from the most powerful AI models. So that’s a much more forward-looking and speculative set of concerns the elite level of politicians are worried about, which is pretty different from complying with the generative AI regulations. To them, being able to generate deepfakes from one diffusion model but not another sounds like a compliance issue for the CAC. Maybe one company is either not as good at detecting unacceptable content, or they’re not putting much effort into it.
Matt Sheehan speaking on a panel at WAIC with AI policy scholar Zhang Linghan (张凌寒). Image courtesy of Matt Sheehan and Tsinghua University’s I-AIIG.
AC: We noticed you spoke at a panel for this year’s World AI Conference in Shanghai. What was that like?
MS: WAIC was a massive event. It’s always a big production, but this year was really the return to pre-Covid form, and you could see there was a concerted effort by organizers to use the event as a way of saying “we’re back.” They wanted foreigners to be there. They really wanted to tell the outside world that China is open, China is responsible with AI, and China is leading in some areas.
AC: Were there any moments that stood out for you?
MS: I was talking to some of the entrepreneurs who were impacted by the Interim Measures for Generative AI and how intensively it is still enforced. Prior to going to WAIC, it looked to me like the CAC had decided to be much more accommodating for AI companies. They really watered down the text of the generative AI regulation, between the drafting and finals, to make it more favorable to businesses. That was because they got pushback from other parts of the bureaucracy, who have an eye on the economy and competing with the US, saying “we cannot sacrifice our AI industry entirely at the altar of censoring what comes out of language models.”
In general, I think the CAC’s in a bit of an awkward position because the zeitgeist has shifted so much from the time of the tech crackdown [late 2020 – late 2023] to a focus on economic development, getting AI companies to thrive. So prior to the WAIC, I expected them to be a little bit more hands-off with AI companies when it comes to implementing the regulation. But being there and talking to folks I realized that this is all relative. Yes, they’ve eased up a bit from early 2023, but they’re still very, very hands-on with constantly testing the models, and re-adjusting every day, every week, what is unacceptable content.
AC: How much hype do you think there is in China’s presentation of its home-grown AI?
MS: Hype is not China-specific, and every AI company in the world has been overhyping their products for the most part. Maybe in China there’s a little bit of an extra layer of showmanship just because it’s their tendency when it comes to these types of business products. I think in some ways, 2023 was all about catching up with Large Language Models once ChatGPT came out. Everyone was just competing on these performance metrics, making money wasn’t hugely necessary. Now there’s an increasing sense of needing to find a way to sell this service, to create applications that can make money. That’s probably going to be a little bit less grandiose in some ways, but it might actually put the industry on more stable footing going forward. I think the industry in China faces tons of problems with financing. There’s a very good chance we’re in the midst of a big AI bubble (or at least a large model bubble) that’s going to pop, with a lot of the biggest and best AI startups today going bankrupt in a few years. But that’s not unique to China, it might just be more acute in China than in other places.
