The implementation of the Measures for The Review of Cyber Security in China should ensure the bottom line of national security

2022-07-23 0 By

On February 15, 13 government departments, including the Cyberspace Administration of China and the National Development and Reform Commission, jointly issued the Measures for Cyber security Examination (hereinafter referred to as the Measures).Article 7 of the Measures clearly requires that online platform operators with personal information of more than 1 million users must report for examination when going public abroad.The China Network Security Examination Technology and Certification Center has set up a network security examination consultation window, and started to receive the examination applications of network platform operators going public abroad.The revised measures expand the scope of cyber security review, requiring online platform operators with personal information of more than one million users to report for review before going public abroad.Operators shall declare for examination and shall bear corresponding legal liability if they fail to declare.It is worth noting that the requirements of the Measures are “listing abroad”, but this does not mean that operators can ignore the corresponding network security, data security and national security risks in the process of listing in Hong Kong.According to Article 16 of the Measures, cyber products and services as well as data processing activities that members of the working mechanism of cyber security review consider to affect or may affect national security shall be examined by the Cyber security Review Office in accordance with the procedures.Operators listed abroad before the implementation of the Measures do not need to declare for examination.However, for listed enterprises to go abroad for secondary listing, dual primary listing and other cases, which are newly initiated “foreign listing” activities, those meeting the declaration requirements should take the initiative to declare and review.According to the requirements of Article 8 of the Measures, in addition to submitting declarations and analysis reports, operators should also submit IPO and other listing application documents when applying for network security review.In the answer to the question of “When to apply for online security review for listing abroad”, the official of the Cyberspace Administration of China made it clear that the application should be submitted to foreign securities regulatory authorities before listing.Based on the above information, the application time for overseas listing examination should be after the relevant listing application documents are prepared and before the listing application documents are submitted to foreign countries.Operators who have submitted listing application documents to foreign securities regulatory authorities before the implementation of the Measures but have not yet completed listing should also voluntarily report and review the personal information of more than 1 million users before listing.Subject of Reporting for Listing Review The subject of reporting for cybersecurity review for listing abroad shall be the network platform operator registered in China.For enterprises establishing overseas listing structure, the subject of declaration should be the domestic operating entity responsible for actual business operation, that is, the operator entity that collects, stores, uses and processes data through the network.It should be noted here that the measures are not limited to initial public offering (IPO), and special purpose company merger and acquisition (SPAC), reverse takeover (RTO), direct listing (DPO) and other ways of listing are also under the scope of review.Cyber security review falls within the scope of national security review. It is an important means to safeguard national security and an objective requirement to promote the stable and healthy development of the platform economy.The state encourages network platform operators to conduct financing, listing and other activities based on business development needs.In the process of development, operators should pay attention to the prevention of network security and data security risks, firmly guard the bottom line of national security, adhere to compliance operation, adhere to the equal emphasis on security and development, so that security becomes the driving force to ensure the sustainable development of enterprises.(wechat official account of “netcredit China”)