Beijing has issued draft rules for tech platform firms seeking to go public in foreign markets as part of ongoing regulatory tightening following the Didi debacle.
Companies with technology platforms containing the personal data of 1 million users or more must apply for a review if they plan an initial public offering in foreign markets, according to draft rules over the weekend for China’s national cybersecurity review.
The review will be conducted by the Cyber Security Review Office, a group backed by 12 Chinese ministries.
Cybersecurity Review
The draft regulations are particularly concerned about data risks involving foreign powers like governments.
The review covers data security risks, including the possibility of illegal transferal abroad, theft, leakage or destruction of data. It will also consider national security risks such as whether or not critical and personal data is being affected, controlled or maliciously used by foreign governments after listing.
The draft rules will be open for feedback until July 25.
1 Million Threshold
The threshold of 1 million users is a relatively commonplace achievement for tech platforms competing in a market with almost 1 billion internet users.
The threshold also matches the Investment Risk Review Modernization Act in the U.S. which requires approval for deals involving personal data of 1 million or more American individuals.
Didi Debacle
The draft rules follow the recent Didi debacle which saw the ride-hailing giant’s app removed from China’s marketplaces as part of a cybersecurity probe revealed shortly after a $4.4 billion IPO in the U.S.
In the latest development, officials from the Cyberspace Administration of China (CAC) suspected the listing was a «deliberate act of deceit», according to an «SCMP» report citing unnamed sources.
The report called Didi’s move «yang feng yin wei» – a Chines term described as publicly complying while privately defying – adding that it had already met CAC officials during the seance quarter for discussions with no written records.