China has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

China has signed but not ratified the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

China has adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

The Chinese consumer protection framework is set out in the Law of the People's Republic of China on Protection of Consumer Rights and Interests. The law applies to all consumers purchasing and using commodities or receiving services for daily consumption and to business operators, in their supply of commodities produced and sold by them or services provided to consumers.

According to Art. 53 of the Personal Information Protection Law, personal information processors outside the territory of the People's Republic of China as specified in the second paragraph of Article 3 of this Law shall set up specialized agencies or designate representatives within the territory of the People's Republic of China to be responsible for handling personal information protection related matters, and shall submit the names, contact information, and other information of the agencies and representatives to the departments with personal information protection duties.

According to Art. 5 of the Internet News Information Service Management Regulations, Internet news providers are required to obtain a permit to provide Internet news information services to the social public through Internet websites, application software, forums, blogs, microblogs, public accounts, instant messaging tools, online live streaming, and other such methods. Pursuant to Art. 6 of the regulations, the applicant’s person-in-charge or chief editor must be a Chinese citizen. In addition, the applicant must separately obtain an Internet Information Service license or file procedures with the telecommunications authorities in accordance with the law. In addition, according to Art. 6 of the law, to apply for an Internet news information service license, to have places, facilities, and funds suitable for the service is required. Furthermore, the Regulations on Administrative Enforcement Procedures for Internet Information Content set out the procedural and administrative processes for the Cyberspace Administration of China to enforce the laws and regulations relating to Internet content.
These provisions broadened the definition of “internet news information services” to “services of collecting, editing, and releasing internet news information; reposting such news information; and providing a platform to spread such news information.” They also broaden the definition of “news information” to include relevant reports and commentaries on politics, the economy, military affairs, foreign affairs, and other public affairs, as well as relevant reports and commentaries on social emergencies.

It is reported that the de minimis threshold, that is the minimum value of goods below which customs do not charge duties, is USD 8 in China, below the 200 USD threshold recommended by the International Chamber of Commerce (ICC).

In 2012, there has been a WTO dispute about China’s rules governing access to its domestic electronic-payments market which do not provide equal treatment to foreign credit-card and debit-card issuers. China said at the time it would assess the decision, but it has been slow to change its market-access rules in response. Currently, it is reported that China UnionPay Co. has a near monopoly on processing and clearing yuan-denominated payments made via bank cards and credit cards. The state-controlled firm has close ties to China’s Central Bank. China’s Central Bank has at times moved against the upstarts in ways that seem to benefit UnionPay.

In 2020, Mastercard was reported to received approval from the People's Bank of China (PBOC) to begin formal preparation to set up a bank card clearing institution in China. Mastercard set up a joint venture with NetsUnion Clearing Corp., a clearing house for online payments whose stakeholders included the PBOC, and received approval for its application in 2020. Furthermore, it is reported that American Express received preliminary approval in 2018 to undertake clearing services of credit card payments in China and AMEX's application to clear and settle payments domestically by way of its JV with Amex’s Chinese partner LianLian Group was also accepted in January, 2020.

The approvals are part of the US-China phase one trade deal that started in January 2020, which required Beijing to accept and review payments firms' applications in a timely manner. Specifically, it is reported that applications from firms wanting to become bank card clearing houses in China had to be accepted within five business days and responded to within 90 days of acceptance. However, the deal expired in December 2021.

China's first comprehensive legislation regulating e-commerce came into effect in January 2019. According to Art. 9 of the law, it applies to all "e-commerce operators," including all individuals and legal entities engaged in the business of selling goods and/or providing services on the Internet or other information networks. This includes operators of e-commerce platforms, sellers of goods and services on the e-commerce platforms of others, and those who operate their own websites or through other network services. The law is reported to extend to non-traditional shopping channels, including social media and messaging services, such as WeChat, and streaming sites, such as Douyin. In addition, according to arts. 10-14 of the law, all e-commerce operators are obliged to obtain business licenses and register with the tax authorities, as well as to ensure that information on their business and administrative licenses related to their business services is displayed online in a clearly readable form at all times.

Without a sales certificate provided by the China’s National Commission on Encryption Code Regulations (NCECR), it is illegal to sell products using Commercial Encryption Codes (CEC). It is also prohibited to use CEC products not certified by the NCECR. The public promotion and/or exhibition of CEC products must be reported to and approved by the NCECR in advance.
To obtain the certificate, the company must fulfill three requirements:
- They must be staffed with personnel who are knowledgeable in CEC product information and capable of providing post‑sales services;
- They must be able to provide full sales services and be equipped with safety regulations;
- They must also have the rights of an independent juridical unit.

According to Art. 51 of the Postal Law of the People's Republic of China, a specific license is needed for express delivery business. It is reported that the administrative licensing for express delivery services is non-transparent and burdensome, preventing competition. It is reported that as companies are required to apply to each city where there is a postal administration department, they need to go through at least 350 review and approval processes if they want to operate at the national level.

The Ministry of Industry and Information Technology (MIIT), in concert with the State Encryption Management Bureau, informally announced in early 2012 that only domestically developed encryption algorithms, such as ZUC, would be allowed for use in the network equipment (mobile base stations) and mobile devices comprising 4G TD-LTE networks in China. In addition, an industry analysis published by MIIT suggests that burdensome and invasive testing procedures threatening companies’ sensitive intellectual property could be required.
Although a globally accepted standard (3GPP) already exists, ZUC is de facto often required in order to enter the Chinese market, along with invasive testing requirements (source code review). These requirements are potentially violating bilateral commitments with the US and a commitment that China made to its trading partners in 2000 stating that China would permit the use of foreign encryption standards in IT and telecommunication hardware and software for commercial use and that it would only impose strict “Chinese-only” encryption requirements on specialized IT products whose “core function” is encryption.

A locally developed encryption standard (WAPI) is required to be used in all wireless equipment despite existing international standard IEEE 802.11i.

The National Security Law foresees the rollout of a “secure and controllable” internet infrastructure. Under the National Security Law, the State can establish national security review and oversight management systems and mechanisms, conduct national security review of foreign commercial investment, special items and technologies, internet information technology produces and services, projects involving national security matters, as well as other major matters and activities, that impact or might impact national security.

Imported and exported encryption products must be certified by the Office of State Commercial Cryptography Administration (OSCCA). The use of encryption products without OSCCA certification is prohibited, regardless of public, commercial or individual nature of use.However, it is reported that, in practice, only Chinese or Chinese-owned companies are eligible for OSCCA certification to sell, produce and carry out R&D for encryption technology in China, as well as to gain product licensing. Foreign or foreign-owned companies, even if based in China, are excluded. In 2007, OSCCA started to consider products such as Trusted Platform Module (used in computers) or smartcards (used in banking, insurance, health, transport, etc.) as core encryption products. As a result, such products could no longer be produced or sold by foreign or foreign-invested companies.
Under the Cryptography Law, import and export of commercial encryption products, technologies and services remains subject to government approval. Commercial encryption products that may affect national security, public interest and have encryption-based protective functions can only be imported under a permit. The Ministry of Commerce together with the OSCCA and the General Administration of Customs will issue catalogues of commercial encryption products that are subject to the above import permit and export controls. The aforesaid requirements will not apply to commercial encryption used in ""products for consumption by general population"". However, the Cryptography Law does not define the term leaving it unclear as to how this will be implemented in practice.
The Cryptography Law has removed the requirement for mandatory certification and has instead established a voluntary certification scheme, which encourages manufacturers to apply to qualified agencies for the testing and certification of their commercial encryption products. The products set out in the Product Catalogue will no longer be subject to mandatory approval requirements before launching their product in the market. The voluntary certification will provide a marking which will serve to assure customers that their commercial encryption products conform with Chinese encryption standards. Products included in the product catalogue are smart password key, smart IC card, ATM application system, security authentication, financial data encryption machine etc.