China's AI Governance Strategy Is Smarter Than the West Admits

Photo: Unsplash

Uncomfortable Analysis

China's AI Governance Strategy Is Smarter Than the West Admits

Western AI governance is largely reactive and fragmented. China's approach, whatever its politics, is more coherent than critics acknowledge.

There is a comfortable story the Western AI governance world tells itself. In this story, democracies are slowly, laboriously building sensible AI regulation through legitimate deliberative processes, while China deploys authoritarian AI for surveillance and control with no meaningful governance at all. This story is comforting because it maps the governance question onto the democracy-versus-authoritarianism frame, which is familiar and allows Western institutions to feel like they’re on the right side of history regardless of their actual output.

The story is wrong. Not entirely — China does deploy AI for mass surveillance, and its governance serves the CCP’s interests in ways that are incompatible with liberal values. But the conclusion that Chinese AI governance is therefore incoherent or merely propagandistic is a mistake that leads Western policymakers to miss specific things that China is doing better.

This is an uncomfortable analysis. Do it anyway.

The intellectual error here is conflating the politics of a governance system with the technical quality of its mechanisms. A dictatorship can build good roads. Authoritarian states have historically developed effective public health infrastructure, functional tax systems, and technically sophisticated regulatory agencies — all in the service of authoritarian ends. Recognizing that a mechanism works is not the same as endorsing the system that deploys it. The US adopted the German Autobahn design as a model for the interstate highway system. Nobody thought this was an endorsement of the Third Reich.

The Cyberspace Administration of China (CAC) published its “Provisions on the Management of Algorithmic Recommendations” in January 2022, more than two years before the EU AI Act was finalized. These provisions require companies operating recommendation algorithms — meaning essentially every major Chinese tech platform, from ByteDance to Alibaba to Tencent — to register their algorithms with regulators, disclose their basic logic to users on request, provide users with an option to turn off personalized recommendations, and prohibit using algorithms to “set differentiated prices based on big data analysis.”

The anti-price-discrimination rule is specific and consequential. Pricing algorithms that charged users different amounts for the same product based on their behavioral profiles — a practice documented extensively on Alibaba and JD.com — were made explicitly illegal. The EU’s algorithmic transparency provisions in the AI Act are more limited and took two more years to reach legal force.

This doesn’t mean the Chinese rules are better in net terms. The same CAC that issued these consumer-facing rules is the agency that operates the Great Firewall, mandates real-name registration on social media, and compels platforms to censor political content. The transparency requirements exist within a broader governance architecture whose primary function is control of information, not protection of citizens. These facts coexist.

The Interim Measures for the Management of Generative Artificial Intelligence Services, issued by the CAC in July 2023 and effective August 2023, were the first national regulations governing large language models at scale. They predated the EU AI Act (which reached final form in March 2024) and the Biden executive order on AI (October 2023). The provisions required: disclosure when AI-generated content is being served, prohibition on AI-generated content that “endangers national security” or “disrupts social and economic order,” security assessments before public deployment of generative AI, and content labeling requirements.

Some of these requirements are substantively bad. “Endangers national security” in a Chinese legal context means, operationally, content the CCP doesn’t like. The security assessments required before deployment are opaque and can be used to prevent deployment of AI that is politically inconvenient. These are real problems.

But the disclosure and labeling requirements are not problematic on their face. Requiring that AI-generated content be labeled as such when it’s served to users is a reasonable consumer protection measure. The EU’s approach to deepfake labeling in the AI Act is similar in structure and reached legal force later. The US approach in 2023 was largely nonexistent at the federal level, consisting primarily of voluntary commitments from major AI companies.

The Western response to Chinese AI governance has a predictable structure. China announces a regulation; Western commentators note that the regulation serves authoritarian control; the legitimate technical content of the regulation gets discarded along with the authoritarian framing. This is throwing the analysis out with the politics.

The EU has been more willing to engage seriously with Chinese AI governance than the US has, partly because European regulators interact with CAC staff through technical working groups and bilateral regulatory dialogue. Some of the EU AI Act’s thinking on high-risk AI applications was informed by observing what China had implemented and how. This is how regulatory policy actually develops — countries observe each other and borrow what seems to work, filtered through their own political contexts.

The US has largely refused this engagement, treating Chinese regulatory output as either irrelevant (it’s authoritarian, therefore not worth analyzing) or threatening (it’s authoritarian, therefore designed to harm us). Neither response produces useful policy. The US AI governance landscape in 2024 was substantially less developed than either the EU’s or China’s — no coherent federal AI legislation, patchwork state laws (mostly California), and a set of voluntary commitments from major labs that were structurally unenforceable.

What China’s governance approach actually has is coordination coherence. The national AI strategy, the safety standards produced by the National Information Security Standardization Technical Committee, the CAC’s content regulations, and the sector-specific AI rules (for autonomous vehicles, for finance, for healthcare) are coordinated by a small set of agencies with interlocking mandates. There are disputes and bureaucratic friction, as there are in any government. But there is a single national AI governance framework with clear hierarchical authority.

The US has the NIST AI Risk Management Framework (voluntary), the AI executive orders (partly implemented, partly superseded with each administration change), the FTC’s claimed authority over deceptive AI practices, the SEC’s claimed authority over AI in financial markets, sector-specific agency rules from FDA and NHTSA, and state-level consumer protection regimes. These don’t add up to a framework. They’re a set of overlapping claims with no clear hierarchy, resulting in regulatory uncertainty that the industry navigates by lobbying each agency separately.

The practical consequence is that a company deploying an AI system in the US for a high-stakes application — medical diagnosis support, credit scoring, content recommendation to minors — has to guess which regulatory regime applies, what compliance looks like, and whether any of it will be enforced. A company doing the same in China knows exactly which agency has authority, what the disclosure requirements are, and what the enforcement history looks like. This is not an argument that the Chinese requirements are better; it’s an argument that regulatory clarity has value, and the US lacks it. Regulatory uncertainty doesn’t eliminate AI risk. It just ensures that the companies with the largest legal teams have the most flexibility in how they navigate it.

The EU’s approach — a single unified law with risk-based tiering — is structurally more coherent than the US’s, though the EU has its own implementation challenges. Both are more coherent than the US. China is at least as coherent as the EU, though operating in a very different political context with very different enforcement mechanisms.

The specific thing Western AI governance should take from Chinese experience is not the content of the rules — some of which are actively harmful — but the seriousness of the commitment to treating AI governance as a sustained regulatory priority rather than a political communication exercise.

China has standing regulatory bodies with technical staff who understand the systems they’re regulating. The CAC employs engineers, not only lawyers. Enforcement actions — against ByteDance’s recommendation algorithms, against various platforms for algorithm-related violations — actually happen. The regulatory framework is updated iteratively as the technology evolves. This is what functioning sectoral regulation looks like, as opposed to congressional hearings where senators ask AI CEOs to explain what a large language model is.

None of this makes Chinese AI governance something to admire in net terms. A governance system that protects its citizens from algorithmic price discrimination while simultaneously deploying those same citizens’ data for political surveillance is not a model to emulate. The protection and the surveillance are not separate programs; they’re both expressions of the same basic project of state management of information and behavior.

But the Western dismissal — “it’s authoritarian, therefore we don’t need to analyze it” — is an analytical failure that produces worse Western policy. The question is not whether Chinese governance is good. It’s whether Western governance is adequate, and what could make it more so. The answer to the second question isn’t “not this.” It’s a serious analysis of what works, what doesn’t, and why — conducted by people willing to look at inconvenient evidence even when it comes from inconvenient sources.

The geopolitical complication is that AI governance has become a domain of competitive signaling. Western governments want to demonstrate that democratic AI governance is superior to authoritarian AI governance — not primarily because they’ve assessed the evidence but because the narrative is useful. China wants to demonstrate that its model of AI development and governance is competitive with the West’s — not primarily because the evidence supports this but because the narrative serves CCP legitimacy claims. Both sides are more interested in the propaganda than the analysis.

The people who lose in this dynamic are the people who would benefit from better regulation in both jurisdictions. Chinese citizens who are subject to algorithmic discrimination but can’t challenge the CAC’s enforcement decisions. American and European citizens who are subject to recommendation algorithms with no transparency requirements and no regulatory body with the technical capacity to evaluate them. The competitive framing makes genuine policy learning across the divide politically impossible even when the technical learning would be directly beneficial.

The practical recommendation is mundane but important: Western AI regulators should maintain technical working groups that read Chinese regulatory outputs, translate them, assess them on their merits, and publish the assessments — without the political valence. What the CAC got right about algorithmic price discrimination, what it got wrong about content labeling, what the EU AI Act improved on, where it fell short. That kind of comparative analysis is how regulatory systems improve. It requires treating the other system as a source of data rather than a source of threat or moral failure. Currently, almost no Western regulatory body does this systematically.

Get the next live webinar in your inbox

One email a month: the upcoming live event + free recording access for subscribers. No spam, unsubscribe anytime.