Inside China’s Algorithm Registry and Its Global Implications

Over the past year, China has been conducting one of the earliest national-scale experiments in regulating artificial intelligence, with a focus on the algorithms that shape online experiences. Central to this effort is a mandatory registration system for recommendation algorithms, administered by the Cyberspace Administration of China (CAC). This registry, established under the 2022 regulation on recommendation algorithms, came into effect in March of that year and targets systems with “public opinion characteristics” or “social mobilization capabilities.”

The regulation’s scope extends beyond content curation to address monopolistic practices and labor issues linked to algorithmic dispatch systems, such as those affecting delivery drivers. It also mandates that providers ensure their algorithms do not “endanger national security or the social public interest” and that they “give an explanation” when user rights are harmed.

In August 2022, the CAC released the first batch of thirty registered algorithms from major platforms including Tencent, Alibaba, and Bytedance. Publicly, these filings were sparse—often just a page of high-level descriptions under headings like “Algorithm Fundamentals” and “Algorithm Operating Mechanism.” For example, Weibo’s “hot search” algorithm was described as combining “search popularity, discussion popularity, and dissemination popularity,” multiplied by an “interaction rate coefficient.” While accurate, such summaries revealed little about training data, model architecture, or operational nuances.

A deeper layer of the registry’s workings emerged through its online user manual, which provides instructions for companies submitting filings. Screenshots within the manual show that registrants must disclose far more to the CAC than is made public. In the “Detailed Algorithm Attribute Information” section, providers are required to list every open-source and proprietary dataset used for training, along with their specific sources. They must also indicate whether inputs involve biometric or other personal data.

Another section, “Algorithm Basic Properties Information,” requires companies to upload PDF versions of an “Algorithm Security Self-Assessment.” While these assessments are not publicly accessible, the regulation’s emphasis on information control suggests they could address issues ranging from illegal content filtering to defenses against adversarial attacks or misuse of generative models.

Additional, unrevealed sections—titled “Algorithm Strategy” and “Algorithm Risk and Prevention Mechanism”—hint at further disclosure requirements, though their exact content remains unknown. The manual thus reveals that the registry demands more detailed disclosures than outsiders had assumed, but it also confirms that the CAC does not gain direct access to source code or complete algorithmic blueprints.

Internationally, the closest parallel may be the European Union’s Digital Services Act, which introduces transparency and audit obligations for recommendation algorithms. However, the EU’s approach is still unfolding. Another analogue comes from the AI ethics community’s “model cards,” introduced by researchers at Google and the University of Toronto. Model cards summarize a model’s intended use, limitations, performance metrics, and training data. Yet, while model cards often emphasize bias detection and performance evaluation across demographic groups, China’s registry focuses on security assessments as defined by the state. Public participation in evaluating fairness or bias is absent; these determinations rest solely with government authorities.

This divergence reflects a broader question in AI governance: whether it is technically feasible to achieve meaningful transparency for complex, deep learning–based systems. Such models are often described as “black boxes,” their decision-making processes opaque even to their creators. Research into algorithmic interpretability continues, but its regulatory utility remains uncertain.

The CAC’s own capacity to interpret technical disclosures may be limited. One account described a meeting between Bytedance and CAC officials in which company representatives “had to rely on a mix of metaphors and simplified language” to explain their systems. Nonetheless, the registry marks a starting point. Before its creation, regulators lacked even a skeletal understanding of the algorithms shaping China’s information environment. Now, the CAC can identify gaps in its knowledge and progressively demand more detailed submissions.

China’s approach recalls its early attempts to regulate internet access and social media—initially clumsy, later refined into a system that served state objectives. Whether it can replicate that trajectory with algorithmic governance remains an open question, but the registry offers a rare, early look at how one government is attempting to peer inside the black box of AI.