China plots tougher cyber scrutiny for tech firms in Hong Kong IPOs

China could force companies to carry out a cyber security review should they seek an IPO in Hong Kong as it looks to implement new laws on data security management, regulating network data processing, and protecting individuals in cyber space. The Cyberspace Administration of China (CAC) released a draft document named “Regulations on Network Data Security Management” which is open for feedback until 12 December. The document stipulates that when data processors go public in Hong Kong, which affects or may affect national security, they will have to apply for a network security review in accordance with national regulations.

A number of Chinese tech firms were planning to launch an IPO in Hong Kong after US regulators have been applying greater scrutiny to new listings and are moving forward with plans to delist stocks whose auditors refuse to comply with US oversight, as reported by Bloomberg. This could force around £2 trillion worth of Chinese listings to move out of US exchanges from 2024, as tensions between the two countries continue to grow. This wasn’t the only rule put forward by CAC, it is also looking to ensure internet platforms amassing data relevant to national security and public interest seek security clearance before spin-offs, mergers, and restructuring.

Plus, large internet companies will need to report to regulators before setting up overseas headquarters or centres for operations and R&D.

Related Resource

Why faster refresh cycles and modern infrastructure management are critical to business success

The connection between modern server infrastructure and business agility

Free download

Additionally, companies that process important data or those that process data and list overseas must carry out an annual security review on how they share, store, and trade data. Platforms with over 100 million daily active users also need to obtain approval on major updates to platform operations, data privacy, and user rights. CAC said it is implementing these regulations in order to implement other laws on data security management, regulating network data processing activities, and protecting individuals and organisations in cyberspace.

These laws are the 2017 Cybersecurity law, and this year’s Data Security Law and the Personal Information Protection Law (PIPL). PIPL was passed at the start of November and stipulates how data can be collected and used in the country while governing the actions of companies hoping to move data out of the country. It regulates personal information processing activities in China, as well as any activities carried out by state agencies.

It also applies to foreign organisations that process personal data overseas.

Featured Resources

Why faster refresh cycles and modern infrastructure management are critical to business success

The connection between modern server infrastructure and business agility

Free download

Four traits of leaders at connected companies

Creating more meaningful work experiences for employees

China plots tougher cyber scrutiny for tech firms in Hong Kong IPOs Download now

Modernise the data stack to transform the data experience

Next generation business intelligence and analytics

China plots tougher cyber scrutiny for tech firms in Hong Kong IPOs Free Download

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

China plots tougher cyber scrutiny for tech firms in Hong Kong IPOs Free download

Leave a Reply

Your email address will not be published. Required fields are marked *