China Recording Laws: Privacy Rules and Penalties (2026)

Quick Answer: China's Recording Consent Rule

China does not follow the one-party or two-party consent model used in many Western countries. Whether a private recording is lawful depends on a contextual multi-factor standard developed by the Supreme People's Court (SPC) over three decades. A participant in a conversation who records it without the other party's knowledge occupies legally grey ground: the recording may be admissible as civil evidence if it was made without fraud or coercion and does not severely infringe on the recorded person's rights, but it can simultaneously give rise to civil liability for privacy infringement under the Civil Code and to regulatory liability under the Personal Information Protection Law (PIPL) if the recording is stored, shared, or used commercially.

The state is a separate category entirely. Chinese intelligence, public security, and national security organs hold broad interception authority that is not subject to the consent and privacy protections governing private persons. Foreign nationals and multinational businesses operating in China should treat all communications as potentially accessible to state authorities regardless of encryption or corporate policy.

Jurisdiction scope: This article addresses recording law in mainland China under the People's Republic of China legal framework, including the Civil Code (2021), PIPL (2021), Criminal Law, and the National Intelligence Law (2017). It does not address the laws of Hong Kong, Macau, or Taiwan, which have separate legal systems. For US-China cross-border recording, see the dedicated section below.

The Civil Code: Privacy Rights Framework

China's Civil Code, in force since January 1, 2021, is the most comprehensive privacy statute in Chinese legislative history and the primary civil-law basis for recording-related claims.

Article 1032 establishes the right to privacy as "a natural person's private life peacefulness, as well as the private space, private activities, and private information that a person is not willing to disclose to others." No organization or individual may infringe on another person's privacy through spying, intrusion, harassment, disclosure, or publication by any means.

Article 1033 enumerates specific prohibited conduct. Without legal authorization or the rightholder's consent, no one may:

• Enter, film, or peep into a person's private space
• Film, peep into, eavesdrop on, or disclose a person's private activities
• Film or peep at a person's private body parts
• Process a person's private information

Eavesdropping and secret audio recording of private conversations fall squarely within Article 1033's prohibitions. The Civil Code does not create a blanket criminal offense for participant recording; it creates civil liability that a court balances against other factors, including whether the recording served a legitimate evidentiary purpose.

Article 1039 imposes a confidentiality obligation on state organs: state organs and their staff must keep confidential, and must not leak or unlawfully provide to others, the personal information they obtain in the course of performing their duties. This provision is notable because it places a formal legal duty on the state even as other laws give state organs sweeping access authority. The practical tension between Article 1039 and the National Intelligence Law remains a live area of scholarly debate.

Civil Remedies

Victims of privacy violations can seek multiple remedies under Civil Code Articles 179 and 995: cessation of infringing conduct, removal of obstacles, compensation for economic loss, public apology, and restoration of reputation. There is no statutory cap on financial compensation. Courts may also award damages for mental distress, making privacy claims potentially costly for defendants.

The Contextual Admissibility Standard: SPC Evidence Rules

The SPC has charted a three-decade evolution in how Chinese courts treat secretly recorded audio as evidence in civil litigation.

1995 prohibition. The SPC issued a reply in 1995 (the "No. 2 Reply") holding that secretly recorded conversations were illegal and could not be used as evidence. The rule was absolute.

2001 shift. The SPC's Provisions on Evidence in Civil Procedures (2001) reversed course. Secret recordings became admissible in civil cases provided they did not infringe on the legitimate rights and interests of others and did not violate prohibitive legal provisions. This acknowledged that parties sometimes have no realistic alternative to recording a conversation to preserve evidence of wrongdoing.

Post-2015 standard. The SPC's subsequent civil evidence interpretations, culminating in the 2019 Provisions on Evidence in Civil Procedures, refined the standard further. Under Civil Procedure Law Article 63, audio recordings are classified as "audio-visual materials" -- a recognized evidence category. A recording is now generally inadmissible only when it:

• "Severely" infringes on the legitimate rights and interests of another person
• Violates prohibitive legal provisions
• Was collected in a way that violates public order or good morals

The word "severely" is the operative threshold. Courts distinguish between recordings that embarrass a party and recordings that fundamentally violate dignity, safety, or privacy in a protected space.

What Makes a Recording Inadmissible

Courts have consistently rejected recordings in these circumstances:

• The parties agreed at the outset that no recording would be made
• The recording was obtained by fraud or coercion
• The recording was made in a private space such as a bedroom or private vehicle
• Professional surveillance equipment was used illegally
• The recording was made in a prohibited location such as a courtroom
• A third party such as a child was used to record without the subject's knowledge
• The recording was obtained through hacking, Trojan programs, or similar means

What Makes a Recording More Likely Admissible

Courts look favorably on recordings that:

• Were made personally by one of the parties to the conversation
• Clearly establish timing, location, and the identities of participants
• Capture a calm, natural conversation rather than an induced or staged one
• Focus on facts relevant to a genuine dispute
• Are preserved on the original recording device
• Have been notarized where the recording is critical to the case

Even admissible recordings typically serve as supporting evidence. Documentary evidence remains the primary form of proof in Chinese civil litigation. An audio recording alone rarely suffices to establish a disputed fact.

Criminal Law: Articles 252, 253, 253A, 254, 283, and 284

China's Criminal Law (刑法) contains six provisions directly relevant to recording and personal information. They occupy distinct roles and carry substantially different consequences.

Article 252 -- Correspondence Privacy. This provision criminalizes hiding, discarding, or destroying another person's letters or mail. While targeted at physical correspondence, courts have applied Article 252 by analogy in cases involving interception of electronic communications. The maximum penalty is imprisonment of up to one year or short-term custody.

Article 253 -- Unauthorized Disclosure by State Officials. Article 253 addresses state employees, postal workers, and telecommunications personnel who open, destroy, or disclose private correspondence without authorization. It targets actors who hold lawful access to communications infrastructure and abuse that access. The penalty is imprisonment of up to two years or short-term custody.

Article 253A -- Infringement of Citizens' Personal Information. This is the primary criminal provision for unauthorized collection, sale, or provision of personal information. Under the 2017 SPC/SPP Judicial Interpretation, "serious circumstances" (triggering up to three years imprisonment plus fine) include illegally obtaining 50 or more items of tracking or communications content data, 500 or more items of property or health-related data, or 5,000 or more items of other personal information, or unlawful gains of CNY 5,000 or more. "Especially serious circumstances" (three to seven years imprisonment plus fine) require quantities or gains reaching ten times those thresholds, or harm such as death, serious injury, kidnapping, or major economic loss. The provision applies to anyone who sells, provides, or steals personal information in violation of relevant state regulations -- not just state actors.

Article 254 -- Retaliation Against Complainants. Article 254 makes it a crime for state functionaries to retaliate against citizens who have filed complaints, accusations, or reports to state organs. Penalties range up to two years imprisonment for standard violations and two to seven years for serious cases. This provision has occasional relevance when a whistleblower's recording of a state official is followed by adverse action against the whistleblower.

Article 283 -- Production and Sale of Wiretapping Equipment. Producing or selling specialized wiretapping or hidden camera equipment without state authorization carries up to three years imprisonment, short-term detention, or controlled release, plus a fine. Serious circumstances elevate this to three to seven years imprisonment plus a fine.

Article 284 -- Illegal Use of Interception Equipment. Using specialized eavesdropping or covert photography equipment unlawfully, where serious consequences result, carries imprisonment of up to two years, short-term custody, or non-custodial supervision.

The Key Criminal Law Distinction

Articles 283 and 284 focus on specialized surveillance equipment, not ordinary smartphones or voice recorders. A participant in a conversation who uses a personal device to record without the other party's knowledge is very unlikely to face criminal liability under these provisions. The risk for ordinary participants is civil, not criminal. Criminal exposure under Article 253A arises when recorded information is sold, shared commercially, or used in ways that constitute trafficking in personal data at the thresholds described above.

PIPL and Audio Recordings

The Personal Information Protection Law (PIPL, effective November 1, 2021) is the most consequential regulatory framework for businesses that record audio in China.

PIPL defines personal information broadly as "any kind of information related to identified or identifiable natural persons recorded by electronic or other means." Audio recordings that identify a person -- through voice, name, or context -- fall within this definition. When a business records a phone call, captures a meeting, or stores audio files containing someone's voice, it is processing personal information under PIPL.

Lawful Basis Requirement

PIPL Article 13 sets out the lawful bases for processing personal information. Consent is the primary basis in most commercial contexts. Consent under PIPL must be:

• Freely given and not coerced
• Specific and informed as to purpose, retention period, and third-party sharing
• Explicit, not implied by silence or pre-ticked boxes

Pre-ticked consent boxes or consent bundled into lengthy terms of service do not satisfy PIPL's standard.

Sensitive Personal Information: Voice Biometrics

PIPL Article 28 defines sensitive personal information as data that, if leaked or misused, could easily damage personal dignity or cause harm. Voice biometrics and audio identifying characteristics fall under this category. Processing sensitive personal information requires separate, explicit consent and stricter technical security measures under Articles 28 and 29.

Notification Obligations

Before recording, organizations must notify individuals of: the purpose for which the recording will be used, the retention period, and whether it will be shared with third parties. The national notice and consent standard, effective December 1, 2023, divides notification into three modes -- general, enhanced, and prompt -- calibrated to data sensitivity and collection context.

PIPL and Employment

PIPL Article 13 permits employers to process certain employee information without consent when it is necessary to perform or execute a labor contract or for HR management. This exemption does not extend to audio recording of employee conversations. Courts have held that secretly recording employees without prior notice very likely constitutes unlawful personal information processing and privacy infringement. Employers must disclose all monitoring or recording activity in the employment contract or internal policies before such activity begins.

PIPL Compliance Audit Measures (2025)

A significant new compliance requirement took effect May 1, 2025: the Measures for Personal Information Protection Compliance Audits, issued February 14, 2025 by the CAC. The specific thresholds are: processors handling the personal information of more than 10 million individuals must conduct at least one audit every two years; processors handling information on more than 1 million individuals must appoint a Data Protection Officer responsible for conducting audits. Organizations with large-scale audio recording operations -- call centers, AI transcription services, meeting platforms -- fall squarely within these obligations. The audits assess whether processing activities have a lawful basis, whether notice and consent procedures are correctly implemented, and whether data minimization and retention policies are followed.

PIPL Administrative Penalties

PIPL Article 66 establishes a two-tier administrative penalty structure.

For general violations, regulators may order corrections, issue warnings, confiscate unlawful gains, and impose fines up to CNY 1 million on the organization. Directly responsible managers and staff face personal fines of CNY 10,000 to CNY 100,000.

For serious violations, provincial-level or higher authorities may impose fines up to CNY 50 million or 5% of the prior year's annual revenue, whichever is greater. Regulators can also suspend or shut down the business, revoke licenses, and prohibit responsible individuals from serving as directors or officers.

PIPL Article 67 requires that violations be recorded in China's social credit system and disclosed publicly, adding reputational consequences beyond the financial penalty.

Enforcement Precedents

The CAC fined DiDi Chuxing CNY 8.02 billion in 2022 for illegally collecting user personal information. In 2023, the CAC fined academic database CNKI CNY 50 million for unauthorized collection. In May 2025, Shanghai public security authorities imposed the first publicly disclosed administrative penalty specifically targeting unlawful cross-border personal information transfer: a European luxury brand's Shanghai subsidiary had transferred user personal data to its French headquarters without completing any of the three required cross-border mechanisms (security assessment, standard contractual clauses, or personal information protection certification). The specific penalty amount was not disclosed, but Article 66 permits fines up to CNY 50 million for such violations.

Phone Call Recording

There is no statute in China that specifically governs phone call recording the way California Penal Code Section 632 or Florida Statutes Section 934.03 govern it in the United States. The same contextual civil law framework applies.

A participant in a phone call who records the conversation for legitimate purposes -- without fraud or coercion and without intent to publish or exploit the recording -- occupies relatively safe legal ground under the SPC's evidence admissibility standards. The recording may later be used as civil evidence if the conditions above are met.

However, storing and sharing a recorded call triggers PIPL obligations. Every recorded customer call must be backed by a lawful basis under PIPL Article 13. The standard commercial compliance approach is to play an automated disclosure at the start of the call stating that the call may be recorded, the purpose, and the retention period. This satisfies the notification requirement. Whether it constitutes valid consent depends on how the disclosure is structured: passive notice ("this call may be recorded") meets notification but does not necessarily constitute explicit consent.

For cross-border calls between China and other countries, see the dedicated section below.

In-Person and Meeting Recordings

Recording in-person conversations follows the same contextual SPC standard. A participant in a conversation may record it for personal evidence purposes if the recording does not severely infringe on the other party's rights and is not made by fraud or coercion.

Recording in a private space -- home, hotel room, or private vehicle -- carries substantially higher legal risk. These spaces receive heightened privacy protection under Civil Code Article 1032. Courts have consistently treated recordings made in private domestic spaces as more likely to "severely" infringe on privacy rights, making them more likely to be ruled inadmissible and more likely to generate civil liability.

Recording someone who is not a party to the litigation in which the recording will be used is explicitly disfavored in SPC guidance. The recording party's participant status is a factor courts treat as a prerequisite, not merely a preference.

Filming Government Officials and State Authorities

Recording or filming police officers and government officials in the performance of their duties sits in a legally distinct space from private-party recording.

China's Ministry of Public Security has formally acknowledged the public's right to film law enforcement. The Ministry's guidance states that officers should "consciously accept and be accustomed to this supervision by camera" and must not forcibly interfere with filming, provided the filming does not obstruct normal law enforcement activities.

In practice, the gap between legal right and ground-level enforcement is wide. Individual officers frequently prevent filming, citing confidentiality or operational grounds. Journalists face additional restrictions: foreign media operating in China require accreditation and are subject to content controls that do not apply to domestic citizens filming for personal use.

Caution: Recording a government official during an encounter that subsequently triggers a national security, espionage, or counter-terrorism investigation is a qualitatively different situation. The Counter-Espionage Law (revised 2023) gives national security authorities broad authority to seize devices and data. If a recording is deemed to capture material related to "national security and interests" -- a deliberately broad statutory category -- the recorder may face investigation regardless of whether the recording was originally made for innocent purposes. Foreign nationals are at elevated risk in this scenario.

The Counter-Espionage Law's 2023 revision expanded the definition of espionage to include stealing or illegally providing documents, data, or materials related to national security and interests, beyond formally classified state secrets. The law permits national security authorities to inspect personal belongings, examine electronic devices, and retrieve documents and data from individuals under investigation. This authority is not subject to judicial pre-authorization requirements comparable to a US warrant.

Freedom House rates China's internet freedom score at 9/100 (Not Free) as of 2025. Reporters Without Borders ranks China 172nd out of 180 countries in its 2025 World Press Freedom Index. These third-party assessments reflect documented patterns of journalist detention, device seizure, and prosecution for recording or publishing materials that authorities characterize as threatening national security.

Voyeurism and Secret Camera Offenses

China addresses voyeurism, hidden cameras, and unauthorized peeping through a combination of administrative and criminal law. The framework was meaningfully updated in 2025.

Public Security Administration Punishments Law (2025 Revision)

The Standing Committee of the National People's Congress adopted a revised Law on Public Security Administration Punishments on June 27, 2025. The law takes effect January 1, 2026. Two articles are directly relevant to recording and surveillance:

Article 50 prohibits "peeping, secretly photographing, eavesdropping, or spreading others' personal privacy." The penalty structure is:

• Up to 5 days administrative detention or a fine of up to CNY 1,000 for standard violations
• 5-10 days administrative detention with a concurrent fine of up to CNY 1,000 for more serious circumstances

Article 70 targets those who "illegally install, use, or provide devices for eavesdropping and spying." Penalties:

• Up to 5 days administrative detention or a fine of CNY 1,000-3,000 for standard violations
• 5-10 days administrative detention with a concurrent fine of CNY 3,000-5,000 for more serious circumstances

Criminal Escalation

Where voyeurism involves distribution of obscene material for profit, criminal charges may apply. Under Criminal Law provisions on obscene material, monetization exceeding CNY 5,000 can result in charges carrying substantial prison terms. Distribution of material involving minors triggers mandatory enhanced penalties under the 2025 PSAPL revision.

The April 1, 2025 Regulations on Public Security Video Imaging Information Systems reinforce these prohibitions by expressly banning the installation of cameras in hotel guest rooms, private dining compartments, student dormitories, public bathrooms, washrooms, changing rooms, and fitting rooms. Business operators in these sectors are required to conduct regular inspections of sensitive areas for unauthorized devices.

The Criminal/Administrative Divide

A recurring criticism of China's voyeurism framework is that covert recording of private individuals -- without specialized equipment or distribution -- has historically been treated as an administrative offense rather than a criminal one. The 2025 PSAPL revision tightens the administrative response but does not create a standalone criminal voyeurism offense comparable to those in many Western jurisdictions. Escalation to criminal liability generally requires distribution, profit, or use of specialized surveillance equipment under Articles 283 or 284 of the Criminal Law.

State Surveillance and Interception Powers

China's state surveillance apparatus operates under a separate legal regime from the consent and privacy protections governing private recording.

National Intelligence Law (2017, amended 2018)

The National Intelligence Law gives state intelligence organs broad authority to compel cooperation. Article 7 requires all organizations and citizens to support, assist, and cooperate with national intelligence efforts. Article 14 permits intelligence organs to demand that organizations and individuals provide support, assistance, and cooperation as needed for intelligence work.

The practical implication: citizens and businesses can be compelled to provide access to communications, devices, and data without a judicial warrant process comparable to a US court order. There is ongoing scholarly debate about the scope of Article 7. Writing for China Law Translate in 2024, legal analyst Jeremy Daum noted that "it is far from clear that [Article 7] was ever intended to require active participation in information gathering or sharing" and that the provision lacks an explicit enforcement mechanism. This contested interpretation does not alter the fact that the legal obligation exists in text and that no court has narrowed it.

Cybersecurity Law (2017, amended effective January 1, 2026)

The original Cybersecurity Law required network operators to store data within China and cooperate with public security and state security authorities on demand, including providing access to user communications data.

The October 2025 amendments, effective January 1, 2026, materially strengthen the law in three areas relevant to recording and communications:

• Penalties for content-related violations increased to fines up to CNY 10 million for organizations (a twentyfold increase over the prior CNY 500,000 cap)
• Extraterritorial reach expanded to cover overseas organizations and individuals who endanger China's network security
• AI governance provisions added, including state support for AI-driven cybersecurity tools and enhanced security obligations for AI systems

The fundamental data localization and state access obligations remain unchanged.

Counter-Espionage Law (Revised July 1, 2023)

The Counter-Espionage Law revision expanded the definition of espionage to include stealing or illegally providing documents, data, or materials related to "national security and interests" -- a deliberately broad category exceeding formally classified state secrets. The law permits national security authorities to inspect personal belongings, examine electronic devices, and retrieve documents and data from individuals under investigation without a separate judicial authorization step.

For foreign companies, this means communications stored on China-based servers are potentially accessible to state authorities without notice. Data localization requirements under the Cybersecurity Law reinforce this exposure. The consent and privacy protections in the Civil Code and PIPL do not constrain state actors exercising national security functions.

Deep Synthesis Provisions and AI-Generated Audio

Two regulatory instruments specifically govern AI-generated voice and audio recording contexts.

Deep Synthesis Provisions (Effective January 10, 2023)

The Administrative Provisions on Deep Synthesis in Internet-Based Information Services, jointly issued by the CAC, Ministry of Industry and Information Technology, and Ministry of Public Security, took effect January 10, 2023. "Deep synthesis" encompasses any technology that uses generative or synthetic algorithms -- including deep learning and virtual reality -- to produce text, images, audio, video, or virtual scenes.

For audio specifically, the provisions impose two main obligations:

Consent for biometric editing. Service providers and technical supporters that offer functions to edit a person's voice or other biometric information must require users to notify the individuals whose information is being edited and obtain their specific, separate consent before the editing occurs.

Mandatory labeling. Voice synthesis services must add clear labels at appropriate positions in the audio -- beginning, end, or middle -- so that recipients know the content is AI-generated. Implicit technical labels must also be embedded in file metadata.

These requirements apply to platforms that offer voice cloning, voice dubbing, AI customer service voices, and similar services.

AIGC Labeling Standards (Effective September 1, 2025)

On March 14, 2025, the CAC released mandatory national standard GB 45438-2025 (Cybersecurity Technology -- Labeling Method for AI-Generated Content), which took effect September 1, 2025. The standard covers all AI-generated text, images, audio, and video distributed on Chinese platforms.

For audio content, service providers must add voice or audio rhythm labels at the beginning, end, or at appropriate points during the audio. Two label types are required:

• Explicit labels: audible or visible indicators informing the listener that the content is AI-generated
• Implicit labels: technical markers embedded in file metadata that are not readily perceptible to users

The practical implication for businesses: any service that generates or distributes AI-synthesized voice in China -- including AI meeting transcription that reads back text in a synthesized voice, or AI call center agents -- must implement both visible disclosure and embedded metadata labeling. Failure to label is a regulatory violation addressable by the CAC.

2026 Draft Rules: Anthropomorphic AI and Digital Virtual Humans

The CAC published draft Interim Measures for the Management of Anthropomorphic AI Interactive Services on April 10, 2026, with a public comment window that closed May 6, 2026. The draft governs AI chatbots, AI companions, and AI customer service agents that simulate human personality and communication. Key provisions relevant to audio and recording:

• Providers must disclose AI identity at all interaction points; they may not allow AI systems to deny being AI when sincerely asked
• Explicit consent required before using a user's likeness, voice, or personal interaction data to create or train AI representations
• Enhanced protections for minors and elderly users, including tighter controls on emotional and interaction data
• The draft is not yet in force; expected effective date is July 15, 2026

Cross-Border Recordings: US-China Calls

Recording a phone call between a party in China and a party in the United States implicates two separate legal regimes simultaneously.

The US Side

Under the federal Wiretap Act, 18 U.S.C. Section 2511(2)(d), a party to a telephone communication may record it without the other party's consent and without criminal liability under federal law. This is the federal one-party consent baseline. Many US states impose stricter requirements: California (Penal Code Section 632), Florida (Statutes Section 934.03), Illinois (720 ILCS 5/14-2), Massachusetts (General Laws ch. 272, Section 99), and several others require all-party consent. A US-based party calling China from a two-party consent state must obtain consent under their state's law even if Chinese law does not require it.

The China Side

The Chinese party's recording of the call is governed by the contextual SPC admissibility standard and PIPL. If the Chinese party is an individual recording for personal evidence purposes, the civil-law framework applies. If the Chinese party is a business recording a customer call, PIPL Article 13 requires a lawful basis; the cross-border transmission of that recording to the US triggers additional obligations.

Cross-Border Transfer of Recorded Data

The October 2025 Measures for Certification of Cross-Border Transfer of Personal Information (effective January 1, 2026) require businesses transferring personal information out of China -- including recorded call data sent to overseas servers -- to use one of three approved mechanisms:

1. Security Assessment filed with and approved by the CAC
2. Standard Contractual Clauses (SCC) registered with the CAC
3. Personal Information Protection Certification issued by a CAC-recognized body

The first publicly disclosed enforcement action for unlawful cross-border transfer occurred in May 2025, when Shanghai authorities penalized a European luxury brand's Shanghai subsidiary for transferring user data to France without any of the required mechanisms. This confirms that cross-border data flow enforcement is active, not merely theoretical.

Practical Risk for Businesses

A multinational with Chinese employees or Chinese customers recording calls for quality assurance, training, or compliance purposes faces layered risk:

• PIPL notice and consent obligations before recording
• Cross-border transfer mechanism requirement before sending recordings to overseas servers
• CSL data localization requirements (recordings of Chinese users may need to remain on China-based servers)
• State access risk: recordings stored on China-based servers are accessible to state authorities under the NIL and CSL

The asymmetry of obligations -- US federal law permits one-party consent; Chinese law imposes PIPL notice, consent, and cross-border restrictions -- means that a recording that is fully compliant on the US side may simultaneously violate PIPL on the China side.

Business Compliance Summary

Organizations recording audio with a China nexus should address the following:

Before recording:

• Identify the lawful basis under PIPL Article 13 for each recording use case
• Provide clear, specific notice of the recording purpose, retention period, and third-party sharing before or at the start of any recorded interaction
• Obtain separate, explicit consent where the recording involves voice biometrics or other sensitive personal information under PIPL Articles 28 and 29
• For employee monitoring, disclose all recording activities in the employment contract or internal policies before monitoring begins

During and after recording:

• Retain recordings only as long as necessary for the stated purpose; document retention schedules
• Implement technical security measures including encryption and access controls
• Do not share recordings with third parties without a separate lawful basis
• For AI-generated or AI-synthesized audio, apply AIGC explicit and implicit labels as required by GB 45438-2025 (effective September 1, 2025)

Cross-border transfers:

• Complete the required cross-border transfer mechanism under the October 2025 Certification Measures before sending recordings to overseas servers
• Assess whether data localization requirements under the CSL require recordings to remain on China-based servers
• Document the consent obtained specifically for cross-border transfer, which must be separate from processing consent under PIPL

If using recordings as evidence:

• Preserve the original recording device and original file
• Ensure the recording was not obtained by fraud or coercion
• Be prepared to demonstrate that the recording does not severely infringe on the other party's privacy rights
• Consider notarizing critical recordings before litigation

AI and deep synthesis:

• Obtain separate consent before using any person's voice for AI synthesis or editing
• Apply explicit (audible) and implicit (metadata) labels to all AI-generated audio before distribution
• Monitor the CAC's Anthropomorphic AI draft measures, expected to take effect July 15, 2026

Disclaimer: This article provides general legal information about China's recording laws as of May 2026. It is not legal advice and does not address your specific situation. Chinese law and regulatory guidance in this area are subject to frequent change. For advice on compliance with Chinese privacy law, recording obligations, or cross-border data transfer requirements, consult a lawyer licensed to practice in the People's Republic of China.