China’s cyber regulator has proposed requiring companies pursuing share listings in Hong Kong to apply for cyber-security inspections if they handle data concerning national security.
Large internet platforms planning to set up headquarters, operational or research centres abroad should also submit a report to regulators, the Cyberspace Administration of China said in the draft rules.
The document, published on the regulator’s WeChat account website, refers to public comments on internet platforms formulating privacy policies, as well as the making and amending of rules that could significantly affect user rights and interests.
Firms with more than 100 million daily active users would need to have changes reviewed by third-party agencies and obtain government approval.
Companies that provide instant messaging services should, unless they have justifiable reasons, stop restricting users from accessing other or transferring files to other Internet platforms, the regulator said.
The proposals, open to public review until 13 December, come as Beijing tightens its oversight over its technology sector with rules on how they should handle the vast troves of data they control, treat users and interact with rivals.
China, which has recently passed laws on data security and personal information protection, is looking to set up governance rules for how firms use algorithms.
It has also urged firms to stop a long-used “walled gardens” practice that prevents rivals’ links and services from being shared on their platforms.
In July the agency proposed that companies with data for more than 1 million users should undergo a security review before listing shares overseas, just days after suspending the initial public offering of ride-hailing giant Didi Chuxing over alleged data violations.