China to review deals involving foreign capital in data and M&As on security grounds

Chinese authorities will impose a strict review of data processing, cross-border data transfers, and mergers and acquisition (M&A) activities involving foreign capital that could affect national security, as Beijing moves to safeguard what it considers as sensitive information. That approach forms part of new policy guidelines to boost the country’s data market, while addressing issues such as data rights and trading profit distribution. The release of the guidelines follows last year’s passage of China’s Data Security Law, which treats some domestically generated information as a matter of national security and proposed a review requirement, but did not provide specific guidance. China had earlier set up a process for initial public offerings (IPOs) overseas to go through a security review if the business involves the data of more than one million Chinese consumers.

Other measures that the guidelines cover include taking part in formulating international rules and technical standards in areas like digital currencies. The guidelines aims to lay the groundwork for what Beijing calls a “fundamental data system”, which will cover areas such as defining the data rights of different entities, management and supervision of information, and trading and profit distribution in the data market. A detailed mechanism for defining data rights will be established for public, corporate and personal information, according to the new guidelines. It provides three main types of data rights. These are the right to hold data resources, the right to process and use data, and the right to manage data products.

The guidelines reflect how Beijing has been ramping up its efforts to boost the country’s digital economy by applying commercial rules to data, which the central government regards as a new production factor that is in the same category as land, capital and human labor. Data exchanges have already been launched in major cities across China. In November, trading kicked off at the state-run data exchange in Shenzhen, allowing companies to buy and sell data like regular commodities. Despite that push, the government has not allayed the concerns of businesses in terms of higher compliance costs in handling data and an inadequate trading framework that remains vague on data ownership and other relevant rights.

Multinational companies may be encouraged by the guidelines’ goal to promote China’s digital economy, particularly at a time when the domestic economy is in need of stimulus, according to Alex Roberts, Counsel for technology, media and telecommunications at international law firm Linklaters in Shanghai. Roberts, however, said the review requirement related to national security remains worrisome. “The emphasis on implementing ‘national security reviews’ may be worrying given the current uncertainty about review processes under existing data rules,” he said, as reported by the South China Morning Post.