Basic Safety Requirements for Generative Artificial Intelligence Services

TranslationThefollowingChinesestandardforgenerativeAIestablishesveryspecificoversightprocessesthatChineseAIcompaniesmustadoptinregardtotheirmodeltrainingdata,model-generatedcontent,andmore.Thestandardnamesmorethan30specificsafetyrisks,someofwhich—algorithmicbias,disclosureofpersonallyidentifiableinformation,copyrightinfringement—arewidelyrecognizedinternationally.Others,suchasguidelinesonhowtoanswerquestionsaboutChina’spoliticalsystemandChinesehistory,arespecifictothetightlycensoredChineseinternet.Onenotableadditiontothisdocument,relativetoapreliminarydraftreleasedinOctober2023,isaclauserequiringasupplychainsecurityassessmentofChinesegenerativeAImodels’underlyinghardwareandsoftware.TitleBasicSafetyRequirementsforGenerativeArtificialIntelligenceServices生成式人工智能服务安全基本要求AuthorNationalTechnicalCommittee260onCybersecurityofStandardizationAdministrationofChina(SAC/TC260;全国网络安全标准化技术委员会)SourceSAC/TC260website,February29,2024TheChinesesourcetextisavailableonlineat: https://www.tc260.org.cn/upload/2024-03-01/1709282398070082466.pdf AnarchivedversionoftheChinesesourcetextisavailableonlineat:https://perma.cc/GU3Q-GAJ3TranslationDateApril4,2024 TranslatorEtceteraLanguageGroup,Inc. EditorBenMurphy,CSETTranslationManager TC260 TechnicalDocumentationofNationalTechnicalCommittee260onCybersecurityofStandardizationAdministrationofChina TC260-003 BasicSafetyRequirementsforGenerativeArtificialIntelligenceServices ReleasedonFebruary29,2024 ReleasedbyNationalTechnicalCommittee260onCybersecurityofStandardizationAdministrationofChina Contents PrefaceII 1Scope1 2NormativeReferenceDocuments1 3TerminologyandDefinitions1 4GeneralProvisions2 5CorpusSafetyRequirements3 5.1CorpusSourceSafetyRequirements3 5.2CorpusContentSafetyRequirements4 5.3CorpusAnnotationSafetyRequirements5 6ModelSafetyRequirements6 7SafetyMeasureRequirements7 8OtherRequirements10 8.1KeywordLibrary10 8.2GeneratedContentTestQuestionBank10 8.3RefusaltoAnswerTestQuestionBank11 8.4ClassificationModels12 9SafetyAssessmentRequirements12 9.1AssessmentMethods12 9.2CorpusSafetyAssessment14 9.3GeneratedContentSafetyAssessment14 9.4AssessmentofRefusaltoAnswerQuestions14 AppendixAMainSafetyRisksofCorporaandGeneratedContent15 Preface ThisdocumentisreleasedbyNationalTechnicalCommittee260onCybersecurityofStandardizationAdministrationofChina(SAC/TC260).1 Thisdocumenthasbeendraftedby:ChinaElectronicsStandardizationInstitute(CESI),theNationalComputerNetworkEmergencyResponseTechnicalTeam/CoordinationCenterofChina(CNCERT/CC),ZhongguancunLaboratory(ZGCLab;中关村实验室)inBeijing,ZhejiangUniversity,ShanghaiArtificialIntelligenceLaboratory,BeijingUniversityofPostsandTelecommunications,BeijingBaiduNetcomScience&TechnologyCo.,Ltd.,BaichuanAI,FudanUniversity,AlibabaCloudComputingCo.Ltd.,ShanghaiGlow-AITechnologyCo.,Ltd.(上海稀宇科技有限公司),ShanghaiSenseTimeIntelligentTechnologyCo.,Ltd.,iFlytekCo.,Ltd.,ShanghaiEnflameTechnologyCo.,Ltd.,BeijingKnowledgeAtlasTechnologyCo.,Ltd.(ZhipuAI;北京智谱华章科技有限公司),ChinaUniversityofPoliticalScienceandLaw,DeepLangAI,BeijingInstituteofTechnology,ShanghaiJiaoTongUniversity,TsinghuaUniversity,theInstituteofSoftwareoftheChineseAcademyofSciences(CAS),theCASInstituteofInformationEngineering,BeihangUniversity,BeijingTopsecCybersecurityTechnologyCo.Ltd.(北京天融信科技集团股份有限公司),HuaweiCloudComputingTechnologiesCo.,Ltd.,AntGroup,BeikeHouse-Hunting(Beijing)TechnologyCo.,Ltd.(贝壳找房（北京）科技有限公司),ChinaCybersecurityReview,CertificationandMarketRegulationBigDataCenter,theThirdResearchInstituteofTheMinistryofPublicSecurity,theStateInformationCenter,theBeijingSub-CenterofCNCERT/CC(国家计算机网络与信息安全管理中心北京分中心),GuangzhouDongyueInformationTechnologyCo.,Ltd.(广州动悦信息技术有限公司),ChinaMobileLimited,HangzhouYunluKnowsTechnologyCo.,Ltd.,2andChinaUnicom. Themaindraftersofthisdocumentwere:YaoXiangzhen,ShangguanXiaoli,HaoChunliang,ZhangZhen,XuKe,RenKui,YangMin,ChenYang,QinZhan,TanZhixing,ZhangYanting,WangZhibo,ZhouLinna,YangZhongliang,ChengJin,BaoChenfu,ZhangLinghan,SunYanxin,PengTao,QiuXipeng,JiangHui,HeYanzhe,YangGuang,ZhaoYunwei,HongYanqing,WangShijin,GuoJianling,XuHao,PengJuntao,MeiJingqing,HuoQichao,XuXiaogeng,WangJiao,WangFengjiao,ZhangMi,ZhangYuan,ZhangLiwu,WangRui,JiaKai,ZhaoJing,ShiLin,ZhangYan,XueZhihui,HeYongchun, 1Translator’snote:ThistranslationusestheEnglishtranslation“NationalTechnicalCommittee260onCybersecurityofStandardizationAdministrationofChina”—fromthemastheadoftheSAC/TC260website,https://www.tc260.org.cn/—fortheChineseorganization全国网络安全标准化技术委员会.Anapparentalternate(orformer)nameofthisorganizationis“theNationalInformationTechnologyStandardizationTechnicalCommittee”(全国信息安全标准化技术委员会). 2Translator’snote:HangzhouYunluKnowsTechnologyCo.,Ltd.(杭州云麓知道科技有限公司)changed itsnametoHangzhoukOSTechnologyCo.,Ltd.(杭州半个宇宙科技有限公司)onDecember12,2023. LinGuanchen,WangYuchen,ZhengZimu,ZhangYutong,YangYuchen,XuHuiyu,WangXiaochen,ZhaoRuibin,JiangWeiqiang,DingZhiguo,LiuNan,LiuXiyao,KangYongmeng,CaoDongou,WuNianjing,andTaoYe. BasicSafety3RequirementsforGenerativeArtificialIntelligenceServices4 1Scope Thisdocumentspecifiesthebasicrequireme