China to make some firms undergo a data security review before listing overseas
From next month, China will require some companies with large amounts of user data to get approval from regulators to list overseas.
The network security review process, which was first proposed last year, will be implemented by the increasingly powerful Cyberspace Administration (CAC) of China on Feb. 15 as the country continues to tighten regulation on its domestic technology sector.
Internet platforms holding personal information of more than 1 million users must apply for a network security review with the regulators before carrying out an initial public offering (IPO) abroad.
The rules are aimed at companies that carry out data processing activities which could affect national security, the CAC said.
If the regulator finds that a company’s data processing activities do not endanger national security, then an overseas listing can proceed.
Beijing has introduced a slew of new regulation on the tech sector over the past year as it looks to reign in the power of the country’s giants and stamp out anti-competitive behavior.
Data has been a key focus for the government. Last year, China passed its first major data protection law.
The country also opened its first cybersecurity review last year in a probe into ride-hailing giant Didi just days after its IPO in the U.S. The company reportedly drew the ire of regulators by listing in the U.S. without carrying out a review first. In December, Didi said it would delist from the New York Stock Exchange and target a listing in Hong Kong instead.
Hong Kong has become a popular destination for Chinese technology IPOs amid increasing regulation and uncertainty around the ability for Chinese firms to list overseas.