fbpx

Type to search

China May Order Firms to Hand Over Control of Data Before US IPOs

China is considering several options as it strives to prevent the data of firms listing in the US from falling into foreign hands


Japan's NICT says it has created a new record speed for relaying data.
Japan's Digital Affairs minister has acknowledged that rules calling for data to be stored on floppy disks are outdated and need to be changed. File photo: Reuters.

Chinese regulators are considering requiring firms to hand over management and supervision of their data to third-party firms if they want to list in the US, sources said.

The regulators believe bringing in third-party information security firms, ideally state-backed, to manage and monitor IPO hopefuls’ data could effectively limit their ability to transfer Chinese onshore data overseas, one of the people said. That would help ease Beijing’s growing concerns that a foreign listing might force such Chinese companies to hand over some data to foreign entities and undermine national security, one of the sources said.

The plan is one of several proposals under consideration by Chinese regulators as Beijing tightened its grip on the country’s internet platforms in recent months, including looking to sharpen scrutiny of overseas listings.

Investor Sentiment

The crackdown, which has smashed stocks and badly dented investor sentiment, has particularly targeted unfair competition and internet companies’ handling of an enormous cache of consumer data, after years of a more laissez-faire approach.

A final decision on the IPO-bound companies’ data hand over plan is yet to be made, said the sources, who declined to be identified due to sensitivity of the matter.

The regulatory officials have discussed the plan with capital market participants, said one of the sources, as part of moves to strengthen supervision of all Chinese firms listed offshore.

IPO advisers are hopeful a formal framework on the data handover issue could be delivered in September, the source said.

The China Securities Regulatory Commission (CSRC) and the Cyberspace Administration of China (CAC) did not respond to faxed requests for comment.

Chinese regulators have recently put companies’ overseas listing plans, particularly in the United States, on hold pending new rules on data security.

Last month, the CAC proposed draft rules calling for companies with more than a million users to undergo security reviews before listing overseas.

Tougher Supervision

Beijing’s data handover plan come as US policymakers are raising concerns that Chinese firms are flouting US rules requiring public companies to disclose to investors a range of potential risks to their financial performance.

A total of 37 Chinese companies have raised $12.6 billion via American IPOs so far this year, according to Dealogic, nearly double the $6.6bn raised over the same time last year.

The plans to step up supervision of Chinese companies listed overseas came days after Beijing launched a cybersecurity investigation into ride-hailing giant Didi Global Inc on the heels of its $4.4 billion US stock market listing.

Didi is now in talks with state-owned Westone Information Industry Inc to handle its data management and monitoring activities.

Under the plan being discussed, Westone would be able to access Didi’s servers across the country to track the latter’s data collection, usage and transfers – which could effectively prohibit the company’s data from falling in the hands of a foreign entity, according to the report.

Didi Template

Didi at that time had said media reports about handing over control of data was untrue.

The restrictions proposed to be implemented on Didi could become a possible template for other data-rich Chinese companies that look to go public in the United States, one of the people said.

Beijing’s increasing sensitivity about the collection and usage of onshore data comes as the top legislative body on Friday passed a new law designed to protect online user data privacy. It will implement the policy starting on November 1.

In September, China is also set to implement its Data Security Law, which requires companies that process “critical data” to conduct risk assessments and submit reports to authorities.

The government has in recent years increasingly seen user data as key to the country’s financial and social stability and pushed tech giants including Ant Group, Tencent and JD.com to share consumer loan data to prevent excess borrowing and fraud, as reported in January.

Ant is also in the process of spinning off its consumer-credit data operations, as part of the business revamp to revive its public share sale.

  • Reuters, Mark McCord

 

Also on AF

Evergrande Says it Will Fix Debts After Rebuke From Worried Regulators

This story was updated with additional details and a new headline

Mark McCord

Mark McCord is a financial journalist with more than three decades experience writing and editing at global news wires including Bloomberg and AFP, as well as daily newspapers in Hong Kong, Sydney and Melbourne. He has covered some of the biggest breaking news events in recent years including the Enron scandal, the New York terrorist attacks and the Iraq War. He is based in the UK. You can tweet to Mark at @MarkMcC64371550.