- China has come out with sweeping new cybersecurity regulations ranging from cross-border transfer of data to takeovers.
- It mandatory for tech firms going for a listing in Hong Kong to go through a cybersecurity review, as per the new rules.
- These new rules have impacted the Chinese tech firms that were planning to go public without getting approvals.
With an aim of tightening control over the information gathered by private companies, China has come out with sweeping new regulations which will make it mandatory for tech firms going for a listing in Hong Kong to go through a cybersecurity review. Prior to selling their shares in Hong Kong, the potential listings will require the necessary approvals if the authorities think that national security is under threat, as per the Cybersecurity Administration of China.
A number of regulations were released by the cyberspace regulator on Sunday, ranging from cross-border transfer of data to takeovers. These new rules have impacted the Chinese tech firms that were planning to go public without getting approvals. The American regulator are also scrutinising the new listings and are delisting the firms which aren’t opening their books to the US. From 2024, around US $2 trillion worth of Chinese ADRs would have to leave the US exchanges due to this crackdown.
The new rules are made to support China’s recently passed legislation regarding data security and internet privacy requirements. Particularly after the controversial US listing of Didi Global Inc., which raised national security concerns due to crucial information reaching foreign players, the Chinese Government has made it clear that it will play the major role in controlling the data and compliance by private companies would be obligatory.
Majority of the big IPOs in Hong Kong have vanished since July after the announcement made by the cybersecurity regulator that companies trying to get listed overseas would need to undergo a scrutinised process for regulatory approvals. The Hang Seng TECH Index stands at 6,601.15, up by 0.54% as of 15 Nov 2021 16:08 HKT.
Until 13 December, the cybersecurity regulator is calling for feedback from public regarding the new regulations.
Other rules revealed by the regulator are:
- Prior to mergers, spin-offs and restructuring, a security clearance would be needed by the internet platforms, which are engaged in collection of data that can have an impact on the national security.
- Prior to setting up of headquarters or centers for operations and R&D in overseas territories, the large internet companies need to report the cyberspace regulator.
- An annual security appraisal is to be conducted mandatorily by the companies with overseas listing that are engaged in data processing, or the companies listed in the home country that are engaged in processing of critical data. Their method of storing, sharing, and trading the data would be assessed by the regulator.
- Government security appraisals would need to be passed by the companies which are engaged in overseas transfer of data along with getting into an agreement with the foreign data recipient through a government-stipulated contract, which will also require the green light by the regulators.
- To stop illegal information from spreading overseas, a security gateway for cross-border data transactions will be created by the regulators. The infrastructure will be established in a way that no entities or individuals would be able to outmanoeuvre it.
- Government approval would be required on major updates regarding data privacy, platform operations, and user rights by all the internet platforms which have over 100 million daily active users.
- Opting out from personalized recommendations would be easily enabled for users and the data collected via these recommendations has to be deleted on request of the users.
- Security approval would be required by the companies that use advanced technologies like virtual reality and artificial intelligence.
RELATED READ: Why are tech titans pulling out of China?
Although this development in China won’t have a direct impact on the UK stocks, cybersecurity is an equally big concern in the UK as well as across the globe. Cybercriminal’s launch cyberattacks across sectors, aiming at critical infrastructure. Thus, strict regulatory measures are essential to keep an eye on individuals and companies that may prove to be a threat to national security.