In recent years, generative AI, characterized by its multimodal content generation, emergent capabilities, heightened autonomy, and adaptive learning capacities, has led to ethical risks that exhibit trends of ubiquity, increasing complexity in causation, integration of governance values, and the emergence of extreme risks. The ethical risks of generative AI are transmitted from the R&D end to the application end. In essence, this transmission either infringes on people’s fundamental rights and freedoms or undermines the social relationships between people, as well as between humans and machines. Therefore, taking the main harmful consequences as the criterion, the application of generative AI has given rise to typical ethical risks such as impacts on human subjectivity, exacerbation of prejudice and discrimination, privacy violations, abuse of personal information, and ambiguity in responsibility attribution.However, current ethical governance approaches suffer from limitations such as ill-defined hierarchical classification rules, disconnects between institutional and technological governance, and contentious allocation of rights and obligations among relevant stakeholders. As these methods struggle to achieve desired outcomes, it is imperative to advance ethical risk governance through a dual approach: internally, via embedded “governance-by-design” measures, and externally, through robust institutional safeguards. In terms of specific measures, it is recommended to establish a two-tier governance mechanism and risk thresholds: only strengthen supervision over severe ethical risks, while retaining room for error tolerance for general risks. Leverage benchmark evaluation of large models to enhance the practical implementation of internalizing ethical guidelines into technology, and reasonably define the rights and obligations of different entities to clarify responsibility assumption.