China to require certain firms to undergo cybersecurity reviews before pursuing overseas listings

China’s cyberspace regulator on Tuesday said it will implement new rules from Feb 15 that require platform companies with data for more than 1 million users to undergo a security review before listing its shares overseas.

The Cyberspace Administration of China (CAC) also said such firms should apply for cybersecurity reviews before submitting listing applications to foreign securities regulators, according to statements published on its WeChat account.

Companies will not be allowed to list abroad if the review finds that national security could be impacted, it said in a statement on its official WeChat account.

The CAC first proposed the rules in July, saying that the security review will put a focus on risks of data being affected, controlled or manipulated by foreign governments after overseas listings.

New rules governing the use of algorithm recommendation technology will also be implemented from March 1, the CAC said in a separate statement.

Those rules, which were first proposed in August last year, will require companies to give users the right to switch off the service and also tightens oversight of news providers that use such technology.

China’s cyberspace regulators are imposing tighter restrictions on data collection and data storage. Authorities are also more broadly pushing for companies to list domestically.

Two new sets of rules, the Data Security Law and the Personal Information Protection Law, which cover data storage and data privacy respectively, went into effect last year.