China instituted a licensing system for online taxi companies, which requires that personal information and business data be stored and used in mainland China and not transferred outside of China. Such information should be retained for two years, except when otherwise required by other laws and regulations. The Measurement also requires that taxi companies' servers be set up in Mainland China, with a network security management system and technical measures for security protection in compliance with regulations.

According to the Map Management Regulations, online maps are required to set up their server inside of the country, and an official certificate must be required.

China's General Administration of Press and Publications agency selects which publications and audiovisual products may enter China, while the State Administration on Radio, Film, and Culture and the Ministry of Culture review various media. Additionally, China's Ministry of Culture selects which entities may import finished audiovisual products. This effective monopoly on the import and distribution of multimedia products means that China tightly restricts the import of cultural media into the country, including reading materials (e.g. newspapers, periodicals, electronic publications), audiovisual home entertainment products (e.g. video, compact discs, digital video discs), sound recordings (e.g. recorded audio tapes), and films for theatrical release. These measures have been the focus of a WTO investigation launched by the United States in 2007 (DS363). The panel ruled in favour of the complainant, deeming that China had not adequately substantiated its defence, which concerned the need to protect public morals. In total, the panel found 29 WTO violations throughout various Chinese regulations, catalogues, rules, opinions, and legal instruments. Rather than fully implementing the panel's recommendations, China and the US reached a memorandum of understanding via a negotiated settlement. Many of the associated laws remain in place, and their influence is amplified by provincial and local-level regulations that cite them.

In December 2018, the Ministry of Commerce (MOFCOM) and the General Administration of Customs issued the adjusted catalogue of used mechanical and electrical products prohibited from import, effective from January 2019. The adjusted catalogue includes video recorders, sound recorders or playback equipment using semiconductor media, disc-type broadcast video recorders, and colour LCD monitors that can be directly connected and designed for automatic data processing equipment.

Under the Cryptography Law, the import and export of commercial encryption products, technologies, and services remain subject to government approval. Commercial encryption products that may affect national security and public interest and have encryption-based protective functions can only be imported under a permit. The Ministry of Commerce, the Office of State Commercial Cryptography Administration (OSCCA), and the General Administration of Customs publish catalogues of commercial encryption products subject to the above import permit and export controls. The requirements above do not apply to commercial encryption used in products for consumption by the general population. However, the cryptography law does not define the term, leaving it unclear how this is implemented in practice.
In addition, the Cryptography Law has removed the requirement for mandatory certification and has instead established a voluntary certification scheme, which encourages manufacturers to apply to qualified agencies for the testing and certification of their commercial encryption products. The products in the Product Catalogue are no longer subject to mandatory approval requirements before launching their product. The voluntary certification provides a marking that assures customers that their commercial encryption products conform with Chinese encryption standards. The product catalogue includes smart password keys, smart IC cards, ATM application systems, security authentication, and financial data encryption machines, among others.

Since September 2014, the Chinese State Administration of Radio, Film and Television (SARFT) has tightened the regulation for foreign TV and online streaming content. According to the Notice concerning Further Implementing Regulations on the Management of Online Foreign Film and Television Dramas, online platforms have to limit foreign content to 30% of the streaming content made available online.

In December 2023, China's Ministry of Commerce (MOFCOM) and Ministry of Science and Technology (MOST), through Announcement No. 57 of 2023, published a revised Catalog of Technologies that are Prohibited or Restricted for Export, which was last updated in August 2020. Following a draft revision published for public comment in December 2022, the updated Catalog reduces the number of controlled items (requiring prior government authorizationn for export) from 164 to 134, with 34 items deleted, 4 added and 37 modified, including dual-use technologies under export control management.
The list of items prohibited for export includes technologies such as encryption and decryption software and hardware. On the other hand, among the products included in the list of restricted goods are cryptographic security technologies, countermeasure and information defense technologies, 3D and laser printing technologies, cryptographic chip design and implementation, information processing technology and basic software security enhancement technology.

It is reported that China imposes a set of export restrictions, including export duties and export quotas, on selected raw materials: graphite, cobalt, copper, lead, chromium, magnesia, talcum, tantalum, tin, antimony, and indium. Some of these raw materials (e.g. graphite, copper, tin, and indium) are used to produce smartphones and batteries. Export restrictions limit companies' access to these products outside China. In addition, a draft regulation on rare earths is pending approval to provide for total quota control over rare-earth mining, smelting, and separation, as well as the approval system for investment projects of rare earths.

It is reported that the Chinese Government is working to improve its standards system by incorporating both government guidance and market input, moving away from a solely government-led approach. Despite this progress, foreign participation in standards setting remains limited, and China often pursues unique national standards for strategic reasons. The revised standardisation Law, effective since January 2018, includes measures recognising the value of international standards and the participation of foreign-invested enterprises. However, foreign stakeholders are concerned that these measures still prioritise Chinese standards over international ones and do not ensure equal participation for foreign companies. Reports indicate that foreign companies often face restrictions in participating in China's domestic standards-setting processes, and even when participation is allowed, it is usually under less favourable terms than for domestic competitors.

China’s current certification requirements for telecommunications equipment are reported to conflict with its WTO obligations of limiting imported products to no more than one conformity assessment scheme and requiring the same mark for all products (Article 13.4.a of China’s WTO Accession).
China has three different licensing regimes: the State Radio Regulation of China (SRRC), the Network Access License (NAL) and the China Compulsory Certification (CCC). The CCC is required for a list of products that includes many types of IT products, such as video and audio equipment. The NAL is required for all telecommunications equipment in China. The NAL license requires extensive testing and support and may include network trials and review of the product by a local panel of experts, in addition to labouratory testing against China's national standards. Radio communication equipment intended to be marketed in China requires radio-type approval granted by the Ministry of Industry and Information Technology of the People’s Republic of China (MIIT)’s ‘State Radio Regulation Committee (SRRC). Specified equipment samples are tested in designated labouratories according to local Chinese standards.
Therefore, for a given piece of equipment, it can cost between USD 30,000-35,000 to test for all three licenses (SRRC, NAL, and CCC). The CCC mark is used for both Chinese and foreign products. Moreover, all testing for the CCC mark must be conducted in China, and US exporters are often required to submit their products to Chinese labouratories for additional tests.
The CCC certificate and permission to print the CCC mark must be renewed annually as part of a follow-up certification. Part of the follow-up certification is also a one-day factory audit.
China is also reported as having limitations on foreign -invested conformity assessment bodies in the country.

The Administrative Measures for the Multi-level Protection of Information Security (MLPS) require all IT systems in China to be classified into different levels of security, from one to five (with the most sensitive systems designated as level 5). In 2019, the MLPS 2.0 (composed by GB/T 22239-2019, GB/T 25070-2019, and GB/T 28448-2019) has expanded the definition of 'information systems' to broader systems, including network infrastructure, cloud computing systems, mobile application platforms, connected devices and industrial control systems.
The MLPS 2.0 requires networks of level 3 and above to adopt network products and services appropriate to their security protection levels. Companies classified as level 2 and above require the procurement and use of encryption products and services to be preapproved by the Chinese government. Under the MLPS 2.0, companies must self-assess their security management and compliance, and such assessment results must be evaluated and endorsed by the MLPS regulatory body.
The MLPS 2.0 requires companies in China to set up their cloud infrastructure, including servers, virtualised networks, software, and information systems. Such cloud infrastructures are subject to testing and evaluation by the Chinese government. Overseas operation and maintenance of Chinese cloud computing platforms must also follow Chinese laws and regulations. The national standards also state that customers' data and users' personal information processed by cloud service providers should be stored inside China, which is an additional requirement. It is currently uncertain how these national standards would be enforced, and there have not yet been reports of enforcement.

According to Art. 5 of the Provisions on the Administration of Internet News Information Services, Internet news providers are required to obtain a permit to provide Internet news information services to the social public through Internet websites, application software, forums, blogs, microblogs, public account, instant messaging tools, online live streaming and other such methods. In addition, pursuant to Art. 6 of the Provisions, the applicant’s person-in-charge or chief editor must be a Chinese citizen, and the applicant shall have a legal person legally established within the territory of the People's Republic of China. Furthermore, the applicant must separately obtain an Internet Content Provider (ICP) license or an ICP filing from telecom industry regulators. According to Art. 16 of the law, without an ICP number, a website can be shut down by the hosting provider with no notice.
Furthermore, all privately operated news services are obligated to have their operations overseen by personnel endorsed by the ruling party. Editorial staff working on these platforms need approval from national or local government internet and information offices, and their employees are required to undergo training and obtain reporting credentials from the central government. The Provisions on Administrative Law Enforcement Procedures for Internet Information Content Management set out the procedural and administrative processes for the Cyberspace Administration of China to enforce the laws and regulations relating to Internet content.

According to Art. 6 of the Interim Provisions of the People's Republic of China on the Management of International Networking of Computer Information Networks, computer information networks for direct international networking must use the international channels provided by the national public telecommunications network of the Ministry of Posts and Telecommunications. No unit or individual may establish or use other channels for international networking on their own. The public security authorities may issue a warning and impose a fine of up to RMB 15,000 (USD 2,200) on anyone who violates this provision. In addition, institutions or individuals are not allowed to use the international network to endanger national security, divulge state secrets, infringe upon national, social, and collective interests and the legitimate rights and interests of citizens, or engage in illegal and criminal activities. Institutions and individuals engaged in international networking services are required to file procedures in designated public security agencies within 30 days of the connection and accept the security supervision, inspection, and guidance of the public security authorities; for those who violate the measures, individuals and institutions can be fined in serious cases. The Provisions on Administrative Law Enforcement Procedures for Internet Information Content Management set out the procedural and administrative processes for the Cyberspace Administration of China to enforce the laws and regulations relating to Internet content.

The Circular on Clearing up and Regulating the Internet Access Service Market imposes government approval for telecom and Internet access providers to set up or rent a VPN. There are reports since 2017 that VPNs have been shut down, and individuals who set up or use VPNs have been punished.

Pursuant to Art. 21 of the Counter-Terrorism Law, providers of telecommunications, internet, and financial services are obligated to verify the identities of their customers or clients and to withhold services from those who refuse to supply such information.