Wednesday, September 15, 2021

[Diplomat] The Downfall of Hong Kong’s Privacy Law

Instead of protecting citizens’ privacy, Hong Kong’s latest privacy law amendment is all about anti-doxxing. How did we get here?

Doxxing – exposing previously private personal information to the public without consent, often over the internet – has become a familiar but harmful and irreversible tactic by groups holding a grudge against one another. During the 2019 Hong Kong protests, both sides engaged in doxxing to inflict harms on the other: protesters against the police and their families, and pro-government supporters against the protesters and their supporters.

Complaints from both sides were lodged to the Office of the Privacy Commissioner for Personal Data (PCPD), Hong Kong’s privacy regulator. But in most cases, as most of the exposed content was placed on servers or services outside of Hong Kong, the regulator lacked the extraterritorial jurisdiction to order takedowns.

So, on July 21, the Hong Kong government tabled amendments to the Personal Data (Privacy) Ordinance (PDPO) to deal with doxxing. The bill is expected to be passed by October.

But the reactions from global “big tech” players were quick and negative. The Singapore-based Asia Internet Coalition – an industry group representing major American tech players such as Apple, Amazon, Facebook, Google, LinkedIn, and Twitter – wrote to the Hong Kong government to express its concerns about the law “putting their staff at risk of criminal investigations or prosecutions” for what their users post online. Media headlines flashed around the world that these companies threatened to leave Hong Kong should the new law be passed.

While a complete pull-out is highly unlikely, these companies’ reaction was high-profile enough that the privacy commissioner met with their representatives in an online meeting shortly afterwards in order to assuage their concerns. However, Hong Kong Chief Executive Carrie Lam took a tougher stance, insisting the companies’ worries were unwarranted, and they would be “proved wrong” as the new law takes effect, just as “the national security law did not lead to situations as described by people who smeared it.”

From First to Last

Hong Kong’s PDPO was first passed in 1995, and took effect from December 1996, shortly before the territory’s handover to China. It was proudly one of Asia’s earliest comprehensive privacy protection laws. The establishment of an independent regulator ensured its regulatory decisions would be made at arms’ length from the administration.

This independence was evident in an early investigation into the Xinhua News Agency, China’s de facto representative in Hong Kong prior to the handover. Right after the law’s enactment, an opposition legislator, Emily Lau, requested Xinhua to disclose any records it kept on her. The agency ignored her beyond the legally required period of 40 days to respond. The PCPD investigated, and only then did Xinhua send Lau a one-line reply, claiming that it kept no records on her.

Remarkably, in February 1998, just over half a year after the handover, the PCPD referred the case to Hong Kong’s secretary for justice for possible prosecution, although the secretary decided not to prosecute. That was 23 years ago. At least the regulator seemed to have tried.

Over Two Decades of Inaction

Hong Kong’s government has a tradition of introducing new laws with a “gradual progress” approach, being light-handed at first and refraining from harsh punishments in order to allow those affected, especially the business sector, to “have time to adjust.” The PDPO was no exception. The law lacked a mandatory breach notification requirement; fines for data breaches were low to non-existent, and the regulator had insufficient power to investigate and prosecute.

In the first version of the law, in case of a data breach incident, the regulator could only issue an “enforcement notice,” which directed the entity involved to take remedial steps. If it happened again, all the regulator could do was to issue yet another enforcement notice.

It was only almost 15 years after the law’s first passage, in 2010, that the government proposed and later passed a law imposing a fine of HK$50,000 (US$6,410), or up to two years’ imprisonment, if a firm were still found in violation of the data protection principles after the first enforcement notice had been served. It was still too little and too late.

Other suggestions for updating the law were rejected, including a mandatory breach notification and the introduction of a “sensitive personal data” category – such as biometrics – to enable stricter protection. Instead, to occupy public attention, an “opt-in” procedure against the relatively minor though irritating practice of direct marketing was introduced, with fines for failure to comply. Still, nothing was done about the more serious issue of data breaches, however large in scale.

Hong Kong Left Behind

As Hong Kong fiddled around, other Asian countries passed privacy laws and even updated them, including mandatory breach notifications in Singapore and Australia for certain critical infrastructure providers or government agencies. In 2018, the European Union’s General Data Protection Regulation (GDPR) came into effect. Even China has just passed its Personal Information Protection Law, said to be among “the strictest in the world,” going into effect on November 1, 2021.

It is ironic that Hong Kong firms will have to follow much stricter global and Chinese laws, with their extraterritorial jurisdiction, but can get off easily at home. That means dubious protection for Hong Kong’s citizens.

One of most glaring deficiencies of Hong Kong’s privacy law is its Section 33. Back when the law was passed in 1995, this section on “data residency” – which would limit the transfer of personal data of Hong Kong subjects to outside of its territory – was included, but not enacted. It is quite incredible that after more than 25 years, this section exists “on paper” but is not yet in effect. Hong Kongers’ personal data can still flow to other countries or mainland China with virtually no restrictions.

Then, in 2018, Cathay Pacific, Hong Kong’s flag-carrying airline, lost the personal data of 9.4 million customers to hackers. A huge public outcry ensued. In a hearing in the legislature, legislators including myself lamented that, under the existing law, even if the airline was to be hacked again and fined, the maximum penalty would cost them less than a single business class ticket to the other side of the world.

By comparison, in March 2020, the U.K.’s Information Commissioner’s Office levied Cathay Pacific with a penalty of 500,000 British pounds, the maximum under their law, as the breach affected 111,578 British subjects.

So, finally, the Hong Kong government promised to update the law, and after some delay, in January, 2020, in a paper to the legislature, it made a list of proposed amendments, including establishing a mandatory data breach notification mechanism, introducing an administrative fine linked to the annual turnover of the company whose data was breached, formulating a clearer data retention period for personal data collected, clarifying the regulation of data processors and intermediaries, and updating the definition of personal data.

Sadly, all these suggestions have now just disappeared in the amendment bill, leaving one single issue remaining: doxxing.

Privacy Protection Is More Than Anti-Doxxing

Doxxing is wrong and should not be heralded for any purpose. But, without clear safeguards allowing for the free flow of information, anti-doxxing laws may severely limit journalism, whistleblowing, and the public’s right to know. Equating privacy regulation with anti-doxxing alone, and ignoring everything else needed in a modern data protection regime, is just as irresponsible as doxxing itself. The government may only want to weaponize the privacy law to arm itself with yet another tool against expression of dissent, rather than genuinely protecting people’s privacy.

Also, under the amendment bill, the PCPD will suddenly be transformed from a “toothless tiger” to an agency with unchecked power. A summary offense of disclosing personal data without the subject’s consent will be punishable by a maximum fine of HK$100,000 (US$12,820) and two years’ imprisonment. The higher tier offense of doxxing that causes a broad yet vague list of “specified harms” – “harassment, molestation, threats, intimidation, and physical and psychological injury which could cause a victim to be concerned about their safety or damage to their property” – to the subject or their family members can result in a maximum fine of HK$1 million (US$128,200) and five years’ imprisonment.

The PCPD may conduct searches on service providers’ electronic equipment and order arrests without a warrant, using “reasonable force.” It can request that content be removed from websites hosted outside Hong Kong. If a firm fails to comply, it and its local representatives may face up to HK$100,000 in fines and two years’ imprisonment.

Global tech platforms are right to be concerned. They have seen similar threats elsewhere, like in India, where threats were made about arresting their executives. But smaller local information providers, telecommunications firms, journalists, or just about any average internet users will have even fewer resources to fight the government.

The chilling effects will be immense, leading to even more self-censorship and further erosion of Hong Kong’s freedom of expression. It will not only be another brick in the territory’s new great firewall of internet censorship, but also leave Hong Kong’s privacy protection regime further behind the rest of the world.

Published by The Diplomat, September 15 2021

Saturday, August 21, 2021

[FNF] More than a Tech Crackdown, It’s Farewell to China’s Economic Reform

It started with China’s Big Tech sector – and continues throughout all other sectors. This crackdown clearly focusses on the private sector, and chimes in the end of Deng Xiao Ping’s Economic Reforms that helped to turn China into the economic powerhouse it is today. The resulting disruption on China’s economy, the nation’s innovative drive and its private firms may become ultimately a price too high to pay analyses Charles Mok for

Less than two months into the crackdown season on China’s tech sector, starting with the sanctions and investigations targeted against Didi Chuxing on July 2, two days after the U.S. initial public offering of its parent Didi Global, the ferocity of the campaign has only intensified, with its scope widened to more and more sectors, with no end in sight.

What was initially perceived by the media and the public as a campaign against Big Tech had turned out to be much more than that. Surely many leading tech companies were involved, going back to the “first blood” with Ant Financial’s forced cancellation of its IPO in Hong Kong in November 2020, to Didi Chuxing, and spreading to other giants like Tencent, then onward to many other sectors, through multiple legal and administrative means.

The crackdown is rolling on, leaving no sector untouched?

Here are some examples of recent actions against a wide range of sectors:

- Social media: The Haidian People’s Procuratorate, in an administrative district in the city of Beijing, filed a public interest lawsuit against Tencent, alleging the “youth mode” of its WeChat social media platform failed to comply with laws to protect minors.

- Online games: Singling out Tencent and its popular online game Honor of Kings, state-owned newspaper Economic Information Daily published an article criticising electronic games as “electronic drugs” and “spiritual opium,” only to remove that article from its website shortly afterwards.

- Online music: Tencent Music Entertainment Group’s plan to for a US$5 billion IPO in 2021 will be halted, even though the plan was for a listing in Hong Kong, not the U.S. This came after its chief Chinese competitor, Netease’s Cloud Village, also decided to delay its Hong Kong IPO for US$1 billion.

- Online streaming: The National Radio and Television Administration, the country’s media regulator, launched a month-long review on online variety shows, cracking down on their “rampant commercialization,” hypes and extreme behaviors from idol-worshipping fans, by targeting online streaming platforms owned by Tencent and iQIYI. Separately but along the same line, the Cyberspace Administration of China removed 150,000 pieces of “harmful online content” and punished more than 4,000 fan club related online accounts, leading to the shutdown of some social media services such as Weibo’s “Star Power Ranking List,” and many fan clubs themselves. In addition, the Ministry of Commerce initiated a consultation on further regulations for the online streaming e-commerce platforms to prevent frauds or inaccurate product claims, so as to better protect consumers.

- Karaoke: The Ministry of Culture and Tourism issued a directive to establish a national karaoke content screening mechanism to censor certain musical content that might be deemed to be against national unity, racial harmony, national religious policies, or concerning other illegal activities. This new system will be effective by October 1 this year.

- Ride-hailing: Didi Chuxing’s troubles in China is far from over, besides the ongoing investigation of its U.S. IPO. It is facing numerous investigations from all government levels, on concerns ranging from the vetting of drivers to vehicle safety and local licensing. The latest order concerning all ride-hailing platforms is a review of the industry’s pricing, commission setting, and employment practices, to better protect the wellbeing of the consumers and the drivers, in a multi-departmental effort led by the Ministry of Transport.

- Education: After the State Council and the Chinese Communist Party issued a statement on July 24 requiring education companies to become nonprofit organizations, forbidding them from raising capitals or going public, it thereby effectively terminated a vibrant business sector that included large enterprises such as TAL Education Group, New Oriental Education & Technology Group, that combined for over US$126 billion in market capitalization on domestic and foreign exchanges. Wall Street English, an Italian company specializing in English training, reportedly would announce the bankruptcy of its Chinese branch, becoming the first casualty of the crackdown on the education sector. Also, the city of Shanghai announced that it would no longer require local primary schools to administer final exams for English from the third to fifth grade, leaving only Chinese and mathematics as compulsory subjects.

- Food Delivery: The Administration for Market Regulation (SAMR), the country’s anti-trust regulator, is said to be ready to impose a US$1 billion fine on Meituan, an online marketplace for restaurants and the largest food-delivery provider, for abuse of its dominant market position.

- Property: The SAMR initiated a review of a general offer by Blackstone Group, a U.S. private equity firm, for the control of SOHO China, China’s largest prime office property developer — a deal worth over US$3 billion. Although this review is a necessary legal step in the takeover process, the market is mindful of the effect of the SMAR’s strict enforcement of the anti-trust law on its decision in this case, at this point in time.

Insurance: The China Banking and Insurance Regulatory Commission (CBIRC) issued instructions to order insurance companies to review any of its “improper marketing and pricing practices” as well as its customer privacy protection, or risk facing “serious punishment.”

- From all these examples, it can be observed that despite the picture being painted by the media and the public of a “tech crackdown” — due to the high-profiled attention on the cases involving Ant Financial and Didi Chuxing — it is indeed much more than that. The commonalties among those sectors being targeted appear to be, first, those which may gather substantial customer data; second, those with an ideological influence on the public, especially the younger generation, and their values; and, third, those that are prone to be dominated by a small number of influential market players.

No part of government wants to be left behind

These regulatory actions will certainly continue in the near future and even escalate in their force and expand in their scope. The State Council along with the Chinese Communist Party’s Central Committee just jointly published a blueprint document to call on the government at all levels to “improve and enhance anti-monopoly law enforcement” in its upcoming Five Years Plan for 2021 to 2025. The SAMR also issued a set of draft regulations on August 17 for consultation that would further strengthen rules against unfair competition, illicit trade practices, and restricting misuse of customer data.

In additional to the Data Security Law (DSL), which will go into effect by September, a new Personal Information Protection Law (PIPL), now in the third review stage at the Legislative Affairs Commission of the People’s National Congress Standing Committee, is expected to be launched in China in 2021. Provisions will be included to halt practices such as mobile apps that collect excessive personal data, algorithmic discrimination that involves differential and unfair pricing, and so on.

Not to be outdone, in addition to the cross-sectoral regulators on competition, securities, online services, data and privacy, many other government agencies are getting in the act. In addition to those mentioned above, such as the media regulator and the ministry for culture, transport, commerce, etc., the Ministry of Industry and Information Technology (MIIT) also announced a six-month probe to gather violations over “improper antitrust and consumer protection practices.” As part of that effort, the MIIT just announced a directive ordering 43 mobile apps, including Tencent’s WeChat and video app, iQIYI’s streaming app, Ctrip’s travel booking app etc., to rectify their illegal use of users’ phone book and locational data, as well as the use of pop-up windows that caused user annoyance. Such micro-managing of apps and services from a wide range of sectors, based on relatively broad but vaguely defined principles with tough enforcement power vested to the authorities, is increasingly the norm in China. 

Such a pervasive campaign will be difficult to coordinate. Overlapping investigations and enforcements with unclear demarcation of jurisdiction will result in unintended and undesirable consequences, adding to the overall market confusion. Other potential pitfalls may also include higher than necessary costs of compliance by firms, thereby undermining their competitiveness and innovativeness, with potentially irreversible consequences.

Ideological control is paramount

Let’s go back to the most basic question: why do the Chinese government and the Chinese Communist Party have to do all this now?

To be fair, many of these big tech titans do have a lot of problems with their trade practices, monopolistic behaviors, unchecked use of customer data and so on. However, part of that comes from a lack of clearly defined regulations to follow, and a general atmosphere of “experiment first, regulate later” which was arguably condoned and even encouraged by the authorities and regulators themselves. Indeed, it was not too long ago when the unbridled use of data in China by online firms was celebrated as a competitive advantage in developing artificial intelligence applications and data science over the west, where the use of such data had been regulated more stridently.

And it is also true that the big tech companies in China, with their rapid and unrestrained growth toward domination in the last couple of decades, have come to develop the kind of corporate cultures that can only be described as arrogant and misogynist, and the work ethics demanded of their employees is increasingly seen as unconscionably excessive. In recent years, public sentiments quickly turned against these tech billionaires, many of whom were admired as idols of success even up to a couple of years ago. This change in the mass mentality in China is especially evident under the unpredictable economic outlook in China now, due to slowing growth and the uncertainties and changes brought on by COVID-19.

It is therefore not surprising that Chinese President Xi Jinping has found this populist cause to “rein in the big tech” as both timely and right on the spot. With the relentless campaign to right the wrongs of the private industry, in order to protect the interests of the consumers, the welfare of the workers, the wellbeing of the children (against the exam cram culture and excessive online gaming), all the right chords are struck for the paternal state, allowing the Party a chance to impose further ideological control by rectifying education in a outwardly most benevolent manner, and to regain the economic control over its richest private firms and individuals after a couple of decades of runaway “get rich” capitalism.

Unexpected allies for Xi -but for how long?

And it is here where Xi seems to have also found an unexpected ally in the Chinese youth: In a period of slower economic growth, social uncertainty and more global isolation for China, the public and especially the young are increasingly frustrated with issues such as workers’ rights as well as educational and economic inequities. So when the government comes in to “get tough on the businesses,” it becomes music to the ears of the people. However, for such populist campaigns to be sustainable and not just a diversion of attention, the economic and social issues must be handled with positive results. More opportunities and jobs must be created, which may be an even bigger challenge now that the private sector is under strict scrutiny and may not be as entrepreneurial and risk-taking as before. Consequentially, hirings will slow.

Likewise, it is equally doubtful how sustainable the young people’s support for the authorities’ control over online game content and playing time, as another example, would also be in the long run quite doubtful, to say the least. While many parents may dislike the cram exam culture, it is also many of these and other parents who send their children to tutoring in order to score well in public exams in order to get into one of the top universities. In the end, it is the government itself that runs the public examinations and controls all the universities, and ultimately, builds the economy that may create the good jobs. Blaming the current problems on the cram schools can only go so far.

Most recently, Xi even started to openly advocate for “common prosperity,” seen as a call to return to the communist philosophy for a redistribution of wealth in Chinese society, when he spoke at the 10th meeting of the Central Committee for Financial and Economic Affairs, a top-level strategy body that he chaired. Calling for the need to “strengthen the regulation and adjustment of high income, protect legal income, reasonably adjust excessive income, and encourage high-income groups and enterprises to give back to society more,” Xi did insist that this was not “equal distribution.” As populist and attractive as it may sound to the masses, it is still uncertain how such a strategy will be welcomed by the people who have had a taste of capitalism in the last several decades. Beyond the populism and nationalist zeal, it will be a great challenge for Xi’s regime to sustain China’s success in continuously improving the economic wellbeing of all levels of society, especially the new middle class.

Under Xi Jinping, the slogan and gradual revision toward 國進民退 (“the state enterprises advance, the private sectors retreat”) has gained huge ground over the previous reformist emphases on market liberalization and entrepreneurship.

Economic control on capital with central planning and digital service restructuring

Besides ideology, the current campaign also serves to allow authorities to regain the total control of the economic structure of the country. In many ways, it symbolizes a reversal of the “capitalism with communist characteristics” formula and economic reform strategy of the past more than forty years, brought forward by the late Deng Xiaoping. Under Xi Jinping, the slogan and gradual revision toward 國進民退 (“the state enterprises advance, the private sectors retreat”) has gained huge ground over the previous reformist emphases on market liberalization and entrepreneurship.

Critical to Xi’s economic philosophy is the central economic planning for all key sectors in China. Thereby, the government is taking back control from the rich and influential tycoons and their webs of connections and circles of influence developed in the last several decades. This particularly relates to those making their fortunes from the Internet and technology sector mostly through domestic and international public listings. Coupled with the trend in the U.S. to adopt securities and other legislations to enforce financial and customer data disclosure over foreign companies listed in the U.S., the Chinese government is understandably increasingly wary of such foreign investments and listings. The central government’s narrative to “contain disorderly expansion of capital” since late 2020, later documented into a policy goal in early 2021, is evidently a move to limit China’s perceived exposure from such capital exercises undertaken by the red hot China tech sector with great speed and scale.

Also, the central government is clearly working toward redefining the Chinese industry through more central planning. The previously heavily promoted strategy initiative of “Made in China 2025,” issued since 2015, unfortunately had to confront a hostile U.S. president Donald Trump from 2016 to 2020 and his “trade war,” ending up largely under-achieving. With the emerging and likely protracted “technology war” between China and the U.S., China can be expected to refocus its effort on high technology manufacturing, especially in the areas of semiconductors, electronics and other key technology components, as well as research and development in critical scientific fields such as advanced artificial intelligence and quantum computing.

One of the possibly welcome side effects of the current campaign may be the redirection of the nation’s collective efforts and manpower toward these critical technology areas and deep sciences, away from the “digital economy” type of service-oriented business models that dominated both investments and manpower consumption in the past twenty years, while creating a host of problems in consumer interests, privacy, and monopolistic trade practices.

Such an industry redirection strategy may be laudable, but its success is not guaranteed. Over the last several decades, the Chinese semiconductor and electronics sector has continued to lag behind competitors from the west as well as Taiwan and Korea in the higher end of the market. Those sectors in China had already been receiving massive state support and subsidies. Yet, they domestically still lagged behind the private digital economy and service sector, led by private companies and entrepreneurs, in terms of investments, financial returns or even the number of jobs created. Most certainly, reining in commercially successfully companies in some sectors will not necessarily make companies in other laggard sectors more likely to succeed because of central planning, which did not work well before anyway.

For those digital economy and service sector companies, which have built some of the most successful and prevalent platforms around the world, such as AliPay and WeChat, in addition to the current regulatory campaigns of which they are the targets, the central government will gradually aim to redefine the marketplace structure to be dictated and led by the government. An example is the central bank digital currency (CBDC) development in China, widely regarded as the global leader, where the commercial e-wallets and payment service providers will be greatly diminished to a secondary and supporting role, as the core transactions and data will be largely controlled by state-owned player, in this case the People’s Bank of China. It is not inconceivable that the central government will try to replicate such marketplace restructuring to maximize its stranglehold on private firms in other digital service verticals.

It’s easy to start a fire, but hard to put one out

Moreover, other administrative measures to ensure further control over private firms are also taking shape. Recent reports indicated that Bytedance, the Chinese owner of TikTok, had sold 1% of its stake to a state-owned firm which is owned by the Cyberspace Administration of China plus two other government agencies, thus allowing the government to effectively appoint a representative on its board. Such tactics are not entirely new, but they are likely to become more common.

So does that mean that the “gold rush” days of China tech investment is over? Very likely: yes. At the very least, things will never be the same again. Since July, global investors have lost billions in stocks from many of these Chinese tech players, from newly-listed Didi Global to those already listed before in the U.S., in Hong Kong, and even domestically in China’s exchanges. Softbank, a leading investor in many Chinese tech players, including Alibaba, Tencent as well as Didi, recently admitted that it would “significantly cut back” its investments in China amidst the current uncertainties. Richard MacGregor, a senior fellow at Lowy Institute in Sydney, even bluntly stated that “Xi has many priorities. Building socialism is at the top of the list. Helping foreign investors is not.”

Finally, the biggest risk factor of all may just be that the current campaign will turn into a runaway train, whose engine is easily revved up but much harder to stop. This risk is exacerbated by the involvement of so many government ministries, regulators and agencies getting in the act and intuitively trying to outdo one another, in addition to the difficulties in coordination and the concerns of unexpected side effects. It’s always much easier to start a fire than to put it out. If that happens, the disruption on China’s economy, the nation’s innovative drive and its private firms may become a price too high to pay.

Published by Friedrich Naumann Foundation, Aug 20 2021 

Friday, July 23, 2021

[FNF] Diving into Didi’s Aftermaths: On Data and Capital

The Chinese government's reaction to Didi’s overseas IPO was not an isolated incident - it is looking to install tighter control over data and capital. But it would be short-sighted to believe that this is only relevant for big tech companies such as Alibaba and, most recently, Didi. Charles Mok analyses the aftermath of Didi’s IPO and what this means in the greater scheme of things.

Since the Chinese government initiated its investigations and imposed sanctions against Didi Chuxing on July 2, two days after Didi Global’s initial public offering (IPO) on the New York Stock Exchange on June 30, there has been widespread external public consensus that the Chinese official actions implied stronger regulatory strangleholds on China’s Internet “big techs,” as well as deterrence against further foreign IPOs. The timing of Didi’s IPO and the government’s reaction — one day before and after Beijing’s grand celebration of the 100th anniversary of the Chinese Communist Party — has also invited inevitable speculation about its political inference.

What is obvious is, that this is not an isolated incident. A flurry of escalated regulatory actions has since followed. Several Internet companies, including Didi Chuxing, Tencent and Alibaba, were fined by the State Administration of Market Regulation (SAMR), China’s chief antitrust regulator, for failing to report earlier merger and acquisition deals for approval. Likewise, Tencent's earlier proposal to "streamline its stakes" to reach a merger with Huya and Douya, China's top two streaming sites for video games, was blocked by the SMAR, which cited the firm's failure to come up with sufficient remedies on relinquishing certain exclusive rights.

Several pending U.S. IPOs have also been suspended, including LinkDoc (a medical data group backed by Alibaba), Keep (a health app) and Ximalaya (a video blogger platform). Even some companies in their earlier stages of considering an IPO overseas, U.S. or otherwise, have shelved the idea for now, such as Bytedance, holding company of video platforms Tiktok and its domestic version Douyin.

The questions that follow are obvious. The initial justifications of protecting cybersecurity and personal information of China’s citizens, taken in light of the Chinese rulers’ dominating thoughts on national security, may be understandable. But what will the implications be, domestically and globally, and ultimately, how should businesses and governments internationally see this “new normal?”

Unsurprisingly, commentators in China have jumped at the opportunity to support the government actions. Some of their reasonings are worth noting, in order to grasp the official logic used. Global Times, the English-language government mouthpiece, made it clear in an editorial on July 5 that "protecting users’ personal information" was a national security issue, and wrote, "An internet giant absolutely cannot have a better command than the state of the super-database that is Chinese people's personal data."

A widely circulated analysis in China, purportedly written by a former central government propaganda official who is now in the Internet industry, also pointed out three key observations from the Didi incident. First, Didi ignored warnings from relevant government agencies. Second, the incident has damaged public trust in these related government regulators, and this will in turn expedite reforms in regulations on data classification and security, as well as critical infrastructure information security. Finally, antitrust actions will continue with further emphases in data governance and also against "unrestricted capital market expansion.”

Continuing enforcements and changes – and no agency wants to be seen as sitting by idly

Indeed, some officials reportedly have in private described Didi as “yang feng yin wei,” that is, to comply publicly, but defy privately, and in the process cast several regulatory agencies in bad light, including the Cyberspace Administration of China (CAC) and the State Administration for Market Regulation (SAMR). While what really transpired before Didi's IPO between it and the regulator may be a bygone matter by now, the stepping up of regulatory actions after the crackdown has been evident. It is not inconceivable that agencies are now eager to show that they really “mean business,” not only to the tech giants, but, possibly more importantly, to the highest level of the Chinese central government.

Most notably, the CAC initiated on July 10 a solicitation for public feedback to a proposed change in the oversight process for technology platform companies seeking foreign listings. If such companies are in the possession of the personal data of more than 1 million users - a low threshold for a country with close to 1 billion active Internet users -, government pre-approval for such IPOs will be necessary. The public feedback collection period will end on July 25, meaning a quick implementation of the draft proposal will be imminent.

Other agencies are not about to be seen as sitting by idly. In fact, seven agencies, including SAMR and CAC and also the Ministries of Public Security, State Security, Transport and Natural Resources, and the State Administration of Taxation, will work together to conduct on-site inspections of Didi Chuxing, guaranteeing non-stop troubles on all fronts for the company for a long time to come. Separately, even the People's Bank of China (PBOC) made sure they are not to be left out, by sounding a warning that "monopolistic behaviours does not only exist in the Ant Group but also in other institutions," citing also "excessive capital expansions" as a key problem area. No one can afford to be missing in action in the frenzied series of actions to follow.

Naturally, these actions are only in accordance with the directives jointly issued by the General Office of the Chinese Communist Party and the General Office of the State Council on July 6, entitled "opinions relating to tackling illegal securities activities according to law." The fact that practically the two highest apparatus of the Party and the Administration have come together to issue such an urgent directives is rate, and this is a clear indication of how deeply concerned and even worried the central leadership must be, and that they consider big tech and capital market control to be posing a serious threat to their authority.

What these directives cover is wide-ranging and not exclusive to the big tech sector. Possibly due to the public focus on Didi, many may have overlooked the implications on the capital market in general, covering all forms of fund-raising for firms from private equity to public listing. Besides the concerns over foreign IPOs, it is quite obvious that these actions have a lot to do with the government’s immense worry for an overheating of the market and a re-occurrence of China’s stock market crash of 2015, which must have made lasting and haunting memory for Xi Jinping’s government, back from the early years of his leadership.

On data – more control no matter the cost

A deeper dive into the directives may also reveal future ripples to players from other sectors. Under its Section 5 Article 20, the directives stressed the need to improve regulations over “China concept stocks.” However, it is not clear what the term may cover, and while Chinese companies seeking listing overseas may still conduct most of its business within China, such as for most tech platforms, it may not be so for companies from other sectors, such as electronics or manufacturing. Even for tech platforms such as Didi, even though their current overall revenues from overseas markets may be minor, it is definitely still considered an important part for their future growth. So, how will these regulations affect companies from all sectors, and will they be forced to curtail their global ambitions because of domestic compliance requirements, and hence limit their global competitiveness? These may turn out to be costs to pay for China’s economy in future, in exchange for more complete control by the authority over its thriving private enterprises.

Nonetheless, China’s leadership seems willing to pay the price for attaining total control of not just these companies, but ultimately all the data. People often say, “data is the new oil.” But other than saying that both resources are precious and valuable resources, the similarity of the two stops there. While fossil fuel has a dwindling supply from a relatively static reserve at any point in time on our earth, data is being generated and amassed at great speed by people, companies, nations and their actions and transactions, all the time. The exploration and understanding for the strategic value of data has only just begun, and the Chinese government is obviously taking this very, very seriously, whether or not such approach with heavy-handed control is going to be the right tactic or not.

China’s new data security law – 2021 Edition

In June, China's National People's Congress, its highest lawmaking body, passed a new Data Security Law which, again, enhanced government authority to impose heavy fines for companies that export or hand over "important" data to foreign judiciary or law enforcement agencies without prior Chinese government approval. However, the law leads to the important question of how data can be classified, based on, as Chinese authorities have been trying to define, its "importance to economic and social development," as well as "the levels of damage to national security, public interests, the legitimate rights and interests of individuals and organisations.” It is simply too vague and subjective.

Defenders of China's latest legal moves will of course point out that, for instance, its Data Security Law is merely lifting a page from the U.S.'s CLOUD Act (Clarifying Lawful Overseas Use of Data Act), which enables US law enforcement agencies to demand access to online information from U.S. firms, no matter what country the data is stored in. Even the draft rule from CAC requiring companies holding more than 1 million users' personal information to acquire pre-approval from government before IPO can be compared with the U.S.'s FIRRMA Act (Foreign Investment Risk Review Modernization Act), which requires approvals by the Committee on Foreign Investment in the United States (CFIUS), an inter-agency committee led by the Treasury Department, for investment transactions that involve personal data of 1 million or more Americans.

However, without a clear set of definitions, any due processes or oversight from sources independent from the government, the interpretation will inevitably be dictated by the authorities alone, and any protection for the interests of private enterprises or individuals can only be left at the authorities’ mercy.

It should be noted that Wu Zhenguo, SAMR's antitrust chief, has been quoted in an interview with "The Antitrust Source" of the American Bar Association that China's antitrust laws has never been used as, and will not become "geopolitical tools." While his comments were made about the antitrust law, one can expect that he or other regulators would say the same about the Data Security Law, or any other Chinese laws. However, in today's atmosphere of heightened tensions between China and the U.S., and even other European countries and other U.S. allies, one can hardly find comfort in such verbal reassurance.

Tighter control of capital is the goal - the “good old days” will not come back

As previously referenced, China’s actions are also about reining in "unrestricted capital market expansion.” The considerations over capital are very different from the considerations on data. After all, unlike data where China does not want to see its own going out, attracting foreign capital investment has been a hallmark of its economic success over more than the last four decades. Imposing stricter regulations on the capital market most likely results in deterring foreign and even domestic investment, even though targeting the ultra-rich class of individuals and private corporations to bring them under tighter “control” is also another policy goal.

Yet, this will remain an area of delicate balance that will be difficult, if not impossible, to maintain. China’s best hope, first, will be on the allure of its huge market that some investors find impossible to resist. Some investment analysts, while acknowledging that “the regulatory strong hand has deterred investors from investing in Chinese stocks”, are also expecting that “the regulatory pressures will ease,” with an extremely optimistic timeframe of the last quarter of 2021 or the first half of 2022.

Such views must have been guided by their own wish to “go back to the good old days” to turn quick profits from this huge market, but political realities make it obvious that the direction and force of the regulation will not change or reduce for a long, long time to come. Even if we ask the Chinese authorities, they will probably not lie about this, as far as foreign IPOs are concerned. But, many investors are still in denial.

China, of course, does offer an alternative to the current impasse — Hong Kong. Fraser Howie, market analyst and author, has said, "China has long desired self-sufficiency in a host of industries and it would be reasonable to think capital markets is part of the process." As a result, it is natural and obvious that in due course, Chinese companies will be steered to even more listing "domestically" in Hong Kong, and foreign investors will continue to utilize the link between the Hong Kong, Shanghai and Shenzhen exchanges to buy billions of dollars worth of mainland Chinese equities. In short, Chinese companies may enjoy the investments from U.S. investors, with "freedom" from foreign governments' "interference."

That's why we may end up with a situation where Chinese companies will no longer seek IPOs in the U.S., but U.S. holdings of Chinese securities may not decrease significantly. It remains to be seen whether U.S. authorities are overlooking this “loophole," or if they are allowing it on purpose with its own "strategic objective,” which many of us find hard to understand, or if they are still scrambling for counter measures. In the meantime, this may turn out to be another strategic advantage held by China in the post-globalization world, by having the cake and eat it too, if the west passively thinks this is just an internal matter for China and its own firms. It’s still your money.

Published by Friedrich Naumann Foundation, Jul 22 2021

German version below, translated and published by Friedrich Naumann Foundation on Jul 23 2021 :-

Die Nachwehen von Didis Börsengang: Strengere Regulierung von Daten und Kapital in China

Didi ist, ähnlich wie Uber, eine ride-share Plattform. Im Gegensatz zu Uber ist Didi eine chinesische Firma, aber ebenso wie uber ist auch Didi inzwischen weltweit aktiv. Didi Global ging am 30. Juni in New York an die Börse. Am 2. Juli, zwei Tage nach dem Börsengang von Didi Global, hat die chinesische Regierung Ermittlungen gegen die chinesische Mutterfirma Didi Chuxing eingeleitet und Sanktionen verhängt. Das Signal scheint klar: Die chinesischen Behörden wollen die chinesische Internetindustrie stärker in die Schranken weisen und von weiteren ausländischen Börsengängen abhalten. Der Zeitpunkt des Börsengangs von Didi und die Reaktion der Regierung - einen Tag vor und nach der großen Feier zum 100-jährigen Bestehen der Kommunistischen Partei Chinas in Peking - hat ebenfalls zu unvermeidlichen Spekulationen über die politische Bedeutung dieses Ereignisses geführt.

Es ist offensichtlich, dass es sich hierbei nicht um einen Einzelfall handelt: Seit dem gab es eine ganze Flutwelle eskalierender regulatorischer Maßnahmen. Mehrere Internetunternehmen, darunter Didi Chuxing, Tencent und Alibaba, wurden von der State Administration of Market Regulation (SAMR), Chinas oberster Kartellbehörde, mit Geldstrafen belegt, weil sie frühere Fusions- und Übernahmegeschäfte nicht zur Genehmigung vorgelegt hatten. Ebenso wurde Tencents ursprünglicher Plan blockiert, “das eigene Portfolio zu straffen", um eine Fusion mit den beiden größten Streaming-Seiten für Videospiele in China, Huya und Douya, zu erreichen. Die SMAR begründete dies damit, dass das Unternehmen keine befriedigende Vorgehensweise für den Verzicht auf bestimmte Exklusivrechte vorlegen konnte.

Mehrere anstehende US-Börsengänge chinesischer Firmen wurden ebenfalls von der SAMR ausgesetzt, darunter die von LinkDoc (eine von Alibaba unterstützte medizinische Datenfirma), Keep (eine Gesundheits-App) und Ximalaya (eine Video-Blogger-Plattform). Einige Unternehmen die noch ganz am Anfang ihrer Überlegungen standen, einen Börsengang in den USA oder anderswo zu wagen, haben die Idee vorerst auf Eis gelegt,  so zum Beispiel Bytedance, die Holdinggesellschaft der Videoplattform Tiktok und ihrer chinesischen Version Douyin.

Aus diesen Entwicklungen ergibt sich eine offensichtliche Reihe von Fragen: Die anfänglichen Rechtfertigungen der chinesischen Behörden, zum Schutz der Cybersicherheit und der persönlichen Daten der chinesischen Bürger eingegriffen zu haben, mögen vor dem Hintergrund verständlich sein, wie die chinesische Regierung über das Thema “Nationalen Sicherheit” denkt. Aber was werden die Auswirkungen dieses Vorgehens im Inland und weltweit sein? Wie sollten Unternehmen und Regierungen weltweit diese "neue Normalität" bewerten?

Es überrascht nicht, dass sich die Kommentatoren in China auf die Gelegenheit gestürzt haben, die Maßnahmen der Regierung zu unterstützen. Es lohnt sich, einige ihrer Argumente näher zu betrachten, um die dahinterstehende Logik der Regierung zu verstehen.Global Times, das englischsprachige Sprachrohr der Regierung, stellte in einem Leitartikel am 5. Juli klar, dass der "Schutz der persönlichen Daten der Nutzer" eine Frage der nationalen Sicherheit sei, und schrieb: "Ein Internetgigant kann die Superdatenbank der persönlichen Daten der Chinesinnen und Chinesen, auf keinen Fall besser beherrschen als der Staat."

In China zirkulierte eine Analyse, die angeblich von einem ehemaligen Propagandabeamten der Zentralregierung verfasst wurde der jetzt in der Internetbranche tätig ist. In seiner Analyse arbeitete er drei Kernpunkte aus dem Didi-Vorfall heraus: Erstens hat Didi die vorhergehenden Warnungen der zuständigen Regierungsbehörden ignoriert. Zweitens hat der Vorfall das Vertrauen der Öffentlichkeit in die entsprechenden Regulierungsbehörden beschädigt. Das wiederum wird Regulierungsreformen im Bereich der Datenklassifizierung und -sicherheit sowie im Bereich Informationssicherheit kritischer Infrastrukturen vorantreiben. Und drittens geht der Analyst davon aus, dass die kartellrechtlichen Maßnahmen mit Nachdruck fortgesetzt werden, und zwar mit Schwerpunkt auf den Bereich Data Governance sowie auf "die Verhinderung unbeschränkter Kapitalmarktexpansion".

Keine Behörde möchte untätig erscheinen

Tatsächlich sollen einige Beamte Didi unter vier Augen als "yang feng yin wei" bezeichnet haben. Dieser Ausdruck lässt sich in etwa übersetzen als "Sich öffentlich fügen, aber sich privat widersetzen”.  Dabei hätte Didi mehrere Regulierungsbehörden in ein schlechtes Licht gerückt, unteranderem die Cyberspace Administration of China (CAC) und die State Administration for Market Regulation (SAMR).

Was sich vor dem Börsengang von Didi zwischen dem Unternehmen und der Regulierungsbehörde abgespielt hat, ist Geschichte. Aber es ist offensichtlich, dass die regulatorischen Maßnahmen nach “dem Fall Didi" deutlich verschärft wurden. Es ist gut denkbar, dass die Behörden damit zeigen wollen, dass sie es wirklich ernst meinen mit den Reformen. Die Ernsthaftigkeit ihrer Bemühungen wollen sie nicht nur gegenüber den großen Tech-Firmen beweisen, sondern auch - oder vor allem- der chinesischen Staatsführung.

In diesem Zusammenhang ist es besonders bemerkenswert, dass die  CAC am 10. Juli Feedback der Öffentlichkeit eingeholt hat. Konkret ging es um eine vorgeschlagene Änderung des Aufsichtsprozesses für Technologieplattformunternehmen, die im Ausland an die Börse gehen wollen: Wenn ein solches Unternehmen im Besitz von persönlichen Daten von mehr als einer Million Nutzern sind - eine niedrige Schwelle für ein Land mit fast einer Milliarde aktiver Internetnutzenden -,so soll neu eine Vorabgenehmigung der Regierung für solche Börsengänge notwendig sein. Das öffentliche Feedback wird bis zum 25. Juli eingeholt. Das deutet darauf hin, dass die Umsetzung dieses Vorschlags bereits unmittelbar bevorsteht.

Andere Behörden wollen nicht den Eindruck erwecken, nur tatenlos zu zu sehen: Ganze sieben sieben Behörden, darunter SAMR, CAC sowie die Ministerien für öffentliche Sicherheit, Staatssicherheit, Transport und natürliche Ressourcen und das Ministerium für Staatliche Verwaltung und Steuern werden gemeinsam Vor-Ort-Inspektionen bei Didi Chuxing durchzuführen. Für das Unternehmen bedeutet das garantierten und ununterbrochenen Ärger an allen Fronten, und das auch noch über eine lange Zeitspanne.

Auch die People's Bank of China (PBOC) meldete sich zu Wort und warnte davor, dass "monopolistisches Verhalten nicht nur in der Ant-Group, sondern auch in anderen Institutionen existiert" und bezeichnete "exzessive Kapitalausweitungen" als einen zentralen Problembereich. Denn keine Institution kann es sich leisten, in der rasanten Serie von Aktionen die folgen werden, zu fehlen.

Alle diese Aktivitäten stehen im Einklang mit der Richtlinie "Meinungen zur Bekämpfung illegaler Wertpapieraktivitäten gemäß dem Gesetz.”, welche die General Offices der Komministischen Partei Chinas und des chinesischen Staatsrats am 6. July veröffentlicht haben. Es ist selten, dass die beiden praktisch höchsten Apparate der Partei und der staatlichen Verwaltung zusammenkommen, um eine solch dringende Direktive zu erlassen. Dass es in diesem Fall geschah, ist ein deutlicher Indikator dafür, wie tief besorgt und sogar beunruhigt die zentrale Führung sein muss.  Es scheint klar, dass die Führung in Peking Big Tech und ein Kapitalmarkt der außerhalb ihrer Kontrolle liegt, als ernsthafte Bedrohungen für ihre Autorität ansieht.

Die verabschiedeten Richtlinien sind sehr umfassend und nicht nur auf den Big Tech-Sektor beschränkt. Viele Menschen haben ihre Auswirkungen auf den Kapitalmarkt im Allgemeinen übersehen, möglicherweise weil der Fokus der Berichterstattung so stark auf Didi lag. Die Richtlinien decken ALLE Formen der Kapitalbeschaffung für Firmen ab - von Private Equity bis Börsengang. Es ist offensichtlich, dass diese Maßnahmen neben der Sorge um ausländische Börsengänge viel mit der immensen Sorge der Regierung vor einer Überhitzung des Marktes und einer Wiederholung des chinesischen Börsencrashs von 2015 zu tun haben. Die Erinnerung daran muss Xi Jinpung und seiner Regierung aus den Anfangsjahren seiner Führung in bleibender und eindringlicher Erinnerung geblieben sein.

Über Daten - mehr Kontrolle um jeden Preis

Eine nährere Betrachtung der Richtlinien zeigt mögliche zukünftige Auswirkungen auf Akteure aus anderen Sektoren auf: In Abschnitt 5, Artikel 20 der Richtlinie wird betont dass es notewendig sei, sogenannte “China Concept Aktien” besser zu regulieren. Es ist jedoch nicht klar, was der Begriff umfassen könnte. Die meisten chinesischen Tech-Plattformen die eine Börsennotierung in Übersee anstreben, wickeln den Großteil ihrer Geschäfte immer noch innerhalb Chinas ab. Bei chinesischen Unternehmen aus anderen Sektoren, wie z. B. der Elektronik oder der Fertigung, kann das aber auch ganz anders sein. Und selbst für Tech-Plattformen wie Didi wird eine internationale Börsennotiereung immernoch als ein wichtiger Teil für ihr zukünftiges Wachstum angesehen, auch wenn ihre aktuellen Gesamteinnahmen aus den Überseemärkten aktuell noch gering sein mögen. Wie werden sich diese Vorschriften also auf Unternehmen aller Branchen auswirken?  Werden Sie gezwungen sein, ihre globalen Ambitionen aufgrund von inländischen Compliance-Anforderungen zu drosseln und damit ihre globale Wettbewerbsfähigkeit einzuschränken? Diese Einschränkkung der globalen Wettbewerbsfähigkeit könnte sich als die Kosten erweisen, die Chinas Wirtschaft in Zukunft zu zahlen hat, im Austausch für eine vollständigere Kontrolle der Behörden über seine florierenden Privatunternehmen.

Dieser Preis ist nicht gerade gering, aber Chinas Führung scheint bereit zu sein, ihn zu bezahlen wenn sie dafür die totale Kontrolle nicht nur über diese Unternehmen, sondern letztlich über alle Daten ihrer Unternehmen erhält. Man hört oft, dass Daten das neue Öl seien.Dabei ist die einzige Ähnlichkeit, dass beide Ressourcen kostbar und wertvoll sind. Denn die Reserven an fossilen Brennstoffen langsam zur Neige gehen, werden Daten mit großer Geschwindigkeit von Menschen, Unternehmen, Nationen und deren Handlungen und Transaktionen generiert und angehäuft, und zwar die ganze Zeit. Die Erforschung von und das Verständnis für den strategischen Wert von Daten hat gerade erst begonnen, und die chinesische Regierung nimmt dies offensichtlich sehr, sehr ernst, unabhängig davon ob ein solcher Ansatz der der sehr starken Kontrolle nun die richtige Taktik ist oder nicht.

Chinas neues Datensicherheitsgesetz - Edition 2021

Im Juni verabschiedete Chinas Nationaler Volkskongress, das höchste gesetzgebende Gremium des Landes, ein neues Datensicherheitsgesetz. Dieses Gesetz erweitert die Befugnis der Regierung erneut, hohe Geldstrafen für Unternehmen zu verhängen, die "wichtige" Daten ohne vorherige Zustimmung der chinesischen Regierung exportieren oder an ausländische Justiz- oder Strafverfolgungsbehörden weitergeben.

Das Gesetz wirft jedoch die wichtige Frage auf, wie Daten klassifiziert werden können. Die chinesischen Behörden haben festgelegt, dass die Daten auf Basis ihrer "Bedeutung für die wirtschaftliche und soziale Entwicklung" sowie "dem Grad der Schädigung der nationalen Sicherheit, der öffentlichen Interessen, der legitimen Rechte und Interessen von Einzelpersonen und Organisationen.” zu klassifizieren seien. Aber dieses vorgegebene Raster ist schlichtweg zu vage und subjektiv.

Die Verteidiger von Chinas neuesten rechtlichen Schritten werden natürlich darauf hinweisen, dass sich das Datensicherheitsgesetz lediglich eine Scheibe vom  US-amerikanischen CLOUD Act (Clarifying Lawful Overseas Use of Data Act) abschneide: Dieser ermöglicht es den US-Strafverfolgungsbehörden, Zugang zu Online-Informationen von US-Firmen zu verlangen, unabhängig davon, in welchem Land die Daten gespeichert sind. Der Regulierungsentwurf der CAC ist vergleichbar mit dem FIRRMA Act (Foreign Investment Risk Review Modernization Act) der USA: Beide verlangen von Unternehmen, die über mehr als eine Million personenbezogene Daten von Nutzerinnen und Nutzern verfügen, vor dem Börsengang eine Vorabgenehmigung der Regierung einzuholen.

Wenn es keine klaren Definitionen, keine ordnungsgemäßen Verfahren und keine Kontrolle durch regierungsunabhängige Stellen gibt, dann wird jede Entscheidung jedoch unweigerlich allein von den Behörden diktiert, dann sind die Interessen privater Unternehmen oder Einzelpersonen völlig der Gnade der Behörden ausgeliefert.

Der Chef der Kartellrechtsabteilung der chinesischen Behörde SAMR, Wu Zhenguo,  wurde in einem Interview mit "The Antitrust Source" der American Bar Association mit der Aussage zitiert dass "Chinas Kartellgesetze nie als "geopolitische Werkzeuge" benutzt worden sind und es auch in Zukunft nicht werden". Wus Kommentare bezogen sich auf das Kartellrecht, aber kann man davon ausgehen, dass er oder andere Regulierungsbehörden dasselbe über das Datensicherheitsgesetz oder andere chinesische Gesetze sagen würden. Aber in der heutigen Atmosphäre erhöhter Spannungen zwischen China und den USA,  anderen europäischen Ländern und anderen US-amerikanischen Verbündeten kann man jedoch kaum Trost in einer solchen verbalen Beschwichtigung finden.

Strengere Kontrolle des Kapitals ist das Ziel - die "guten alten Zeiten" werden nicht zurückkehren

Wie bereits erwähnt, geht es bei Chinas Maßnahmen auch darum, die "uneingeschränkte Kapitalmarktexpansion" zu zügeln. Die chinesischen Überlegungen zu Kapital sind ganz andere als diejenigen zu den Daten. Denn anders als bei den Daten, von denen China nicht will dass sie das Land verlassen, war die Anziehung ausländischer Kapitalinvestitionen ein Markenzeichen des chinesischen wirtschaftlichen Erfolgs in den letzten vier Jahrzehnten. Eine strengere Regulierung des Kapitalmarktes führt höchstwahrscheinlich dazu, dass ausländische und sogar inländische Investitionen abgeschreckt werden, wobei es auch es ein weiteres politisches Ziel ist, ultra-reiche Einzelpersonen und privaten Unternehmen ins Visier zu nehmen, um sie unter strengere "Kontrolle" zu bringen. Und dennoch wird dies ein Bereich bleiben, indem es schwierig, wenn nicht gar unmöglich, sein wird, eine Balance zu halten.

Chinas größte Hoffnung wird zunächst auf der Anziehungskraft seines riesigen Marktes ruhen, dem einige Investoren nicht widerstehen können. Einige Investmentanalysten räumen zwar ein, dass "die starke Hand der Regulierungsbehörden Investoren davon abgehalten hat, in chinesische Aktien zu investieren”. Sie erwarten aber auch, dass "der regulatorische Druck nachlassen wird", wobei sie einen extrem optimistischen Zeitrahmen von letztem Quartal 2021 oder erster Hälfte 2022 ansetzen.

Solche Ansichten müssen von dem eigenen Wunsch beflügelt sein "zurück zu den guten alten Zeiten" zu kommen, und schnelle Gewinne in diesem riesigen Markt zu machen. Aber die politischen Realitäten machen es offensichtlich, dass sich die Richtung und die Stärke der Regulierung für eine lange, lange Zeit nicht ändern oder abschwächen wird. Würde man chinesischen Behörden direkt danach fragen, werden sie das hinsichtlich ausländischer IPOs wahrscheinlich nicht leugnen. Aber viele Investoren wollen es immer noch nicht wahr haben.

Natürlich bietet China eine Alternative zur derzeitigen Sackgasse - Hongkong. Fraser Howie, Marktanalyst und Autor, hat gesagt: "China strebt seit langem nach Autarkie in einer Reihe von Branchen, und es wäre vernünftig zu denken, dass die Kapitalmärkte Teil dieses Prozesses sind.” Es ist daher natürlich und naheliegend, dass chinesische Unternehmen zu gegebener Zeit zu noch mehr Börsengängen "im Inland" in Hongkong veranlasst werden. Genauso werden ausländische Investoren weiterhin die Verbindung zwischen den Börsen in Hongkong, Shanghai und Shenzhen nutzen, um Aktien vom chinesischen Festland im Wert von Milliarden von Dollar zu kaufen. Kurz gesagt können chinesische Unternehmen so die Investitionen von US-Investoren genießen, und fabei “frei sein" von der "Einmischung" ausländischer Regierungen.

Deshalb könnten wir am Ende eine Situation haben, in der chinesische Unternehmen keine Börsengänge in den USA mehr anstreben, aber die US-Bestände an chinesischen Wertpapieren nicht signifikant abnehmen. Es wird sich zeigen ob die US-Behörden dieses "Schlupfloch” aktuell einfach übersehen, ob sie es absichtlich als Teil eines "strategischen Ziel" zulassen (was viele von uns nur schwer nachvollziehen können), oder ob sie noch nach Gegenmaßnahmen ringen. Das könnte sich in der Zwischenzeit als ein weiterer strategischer Vorteil für China herausstellen wenn der Westen passiv denkt, dass dies nur eine interne Angelegenheit für China und seine eigenen Firmen sei. Dabei übersieht der Westen, dass es hier ja auch um sein Geld geht.

Saturday, July 10, 2021

[ChinaFile] Why China Is Going After Its Tech Giants

Just days after its lucrative listing on the New York Stock Exchange, China ride-hailing giant Didi Global was hit with another round of sanctions by the Cyberspace Administration of China (CAC). On July 4, the country’s Internet regulator ordered the removal of its mobile app from Chinese app stores. This came two days after the same regulator opened an investigation into the company, suspending it from adding new users. The app, alleged CAC, “has serious violations of laws and regulations pertaining to the collection of personal information.”

Didi is not the only company to face heightened scrutiny in recent months. Other Chinese Internet giants, including Meituan, Tencent,, Bytedance, and Alibaba have faced government regulatory investigations and even been slapped with hefty fines. Most notably, of course, Ant Financial saw its mega IPO in Hong Kong and Shanghai halted by the Chinese government. These actions were often carried out by China’s State Administration of Market Regulation, the anti-trust regulator. Its policy decisions on such major companies undoubtedly are driven by the Chinese Communist Party (CCP) leadership at the highest level.

Even smaller Internet companies are not immune. Most recently, CAC opened probes into, an online recruiter, and truck-hailing apps Huochebang and Yunmanman, which merged to become Full Truck Alliance. Both’s owner, Kanzhun, and Full Truck Alliance went public last month in the U.S. Now, they are also under review to “prevent national data security risks and safeguard national security.”

Why is the Chinese government targeting its own tech companies in such a heavy-handed fashion, and why now? Over the last decades, as a technologist, entrepreneur, and legislator in Hong Kong, I have witnessed the evolution of China’s regulatory regime, as it moved from the invisible to the visible, and from one that encouraged disruptive innovation to one that now favors complete state control. However, as a recent Global Times editorial put it, “China’s Internet enterprises must say goodbye to the phase of barbaric expansion, and building up the concept of compliance will become the essential strategy of their development.”

To understand why, it is best to try to think from the perspectives of China’s leaders. Their intended messages are aimed at different audiences: domestic Internet firms and the domestic public at large, as well as those outside of the country.

The latest series of actions taken against Didi and Full Truck Alliance are similar in that both companies had recently listed in the U.S. It’s unlikely authorities were unaware of their listing exercises in the U.S., so perhaps the timing of CAC’s regulatory actions was intended to send a message. It must have been motivated by fears that the companies’ compliance with regulations in the U.S. would compromise their total control by the Chinese state, perhaps even requiring them to cede their data to a foreign government.

These fears might seem paranoid, especially to those who don’t assume financial regulators will engage in political and economic hostage-taking tactics. But for a government that views China’s private companies’ data almost as a state asset, the risks must seem stark.

There is some irony if one considers that only a year or so ago, at the height of American rhetoric about disengaging with China, there were talks of barring Chinese companies from listing in the U.S. in order to “protect” U.S. investors. But, despite such periodic hostility in the U.S., many Chinese companies are eager to list there. For the firms themselves, there are many reasons: more liquidity, greater access to capital, and greater visibility for the global market. For others, like Didi Global, listing in the U.S. just comes with the global nature of their business.

China’s leaders, however, care only about maintaining control over these firms and all their data. This is reflected in the recent passage in June of a national data security law in China that dictates how data is collected and utilized. Laws like this one, along with probes and fines, should be understood first and foremost as a preemptive defense against not only the tech companies themselves but also the data they hold.

From the perspective of its leaders, China is not a victim of decoupling. It is the decoupler. Hence the increased emphasis on “self-reliance” in the Chinese Communist Party’s messages throughout its 100th anniversary celebration.

So, the first message sent by the recent investigations should be understood as targeted toward an audience of Chinese global Internet firms—essentially making sure they know who’s boss. (Something similar was afoot in the misfortunes of Alibaba founder Jack Ma when authorities nixed his Ant Group’s IPO in Hong Kong.)

Despite the clear signs of Beijing’s desire to maintain control over Chinese companies, some foreign investors may still be in denial. International financial market players must be reminded again of Beijing’s goals, lest they want so much to profit from listing these Chinese firms that they end up putting investors at risk.

Other collateral messages that the current wave of regulatory actions are intended to send are targeted at a second audience: Chinese citizens. For them, the message echoes the one often referenced after the Ant Group IPO fiasco, namely that Deng Xiaoping’s era of “let some people get rich first” has come to an end.

To some extent, China’s mega-rich, especially those from the tech sector, may have brought themselves unwanted official attention by flaunting a “work-to-death” ethos for their employees while the gap between the rich and the poor widened out of control. The choice for the Party at a time when it needs to consolidate the highest level of support for its rule is clear: feed the frenzy of populism against the rich. This is consistent with Xi Jinping’s repeated emphasis on the need to “struggle.”

Finally, there is also a more indirect message intended for Western policymakers, especially American. Strict regulatory control over China’s tech companies not only serves its own domestic agenda, but China also would not mind to be seen as an example for a playbook for the West, as the U.S. contemplates what to do about its own big tech.

Hoping that some in the U.S. may consider the Chinese model as quick and decisive, China would not mind to be viewed as the leader in anti-competitive regulation. If there is any chance for American tech giants to become hobbled by anti-trust regulations, China may see that as a chance to turn it into near-term benefits to its own tech dreams and pull ahead in its “tech war” with the U.S.

To China, there is little cost to its own tech industry and its innovation strategy, which was always controlled and manipulated by government policies. A heavier-handed approach to the U.S. tech industry could bring much bigger consequences and disruptions to innovation than those tactics do for Chinese firms.

While it may seem highly unlikely for such a regulatory model to be adopted in the U.S., given the very different systems in the two countries, it is still a possibility. While, for China, any such hope for collateral damage to the U.S. tech industry must still be secondary to its own agenda at this stage, the country’s leaders must be watching closely how the U.S. will conduct its own expected “war on big tech,” as any impact on U.S. innovation and competitiveness can tip the balance of the China-U.S. tech competition.

Published on Asia Society's ChinaFile on Jul 10 2021

Sunday, May 17, 2020

[RTHK LTHK] Thank you, to all of you at RTHK....

To the people of Radio Television Hong Kong, from past to present, both Chinese and English, on radio or television and of course the new media of the Internet and mobile, this is a letter to thank you all — to those I have the good fortune to have met or worked with as well as others I have not — for your dedication, steadfastness and utter professionalism.

For Hongkongers of my generation, we literally grew up with RTHK. We watched “Under the Lion Rock” and witnessed the courage and compassion of grassroots Hong Kong citizens as they struggled with daily hardships and injustice — yet coming through with a sense of what’s right and what’s wrong, defined by love and decency, becoming what we today would consider to be the spirit of Hong Kong, and our core values, including freedom, equality, charity and integrity. 

And so we watched “When We Were Young”, well, when we are really young children, in the 1970s. Then, as teenagers, we listened and sang along to music from the 1980s golden age of Hong Kong pop, played by Radio Hong Kong deejays in the afternoon. And as we grew up together, we followed the beat of the city on “Hong Kong Connection” and “City Forum”, as we tried to make sense of a more complicated Hong Kong. 

And yes, I have had the good fortune of working with a great many RTHK programs, radio and TV, as a guest, interviewee, co-host, or like what I am doing now, occasionally contributing to Letters to Hong Kong. In the mid-1990s I even had the opportunity to work with a bunch of great people from inside and outside RTHK to bring its live radio programs to the Internet, letting Hong Kongers all over the world connect with their home city. In my capacity now as a legislator, naturally I have more interactions with the journalists of RTHK, a group that I find to be among the best in Hong Kong. 

But it has also become clear to me that, since the handover, the role of RTHK has increasingly come under scrutiny and pressure, by those who want to see it turned into a mouthpiece for authorities. Ever since its establishment in 1928, RTHK has always been an exemplary public broadcaster. But it was never properly commissioned and set up as a statutory body or corporation for public service broadcasting. It remains just a government department, currently under the Commerce and Economic Development Bureau. 

When the public broadcaster is just a department in government, being assigned with an annual budget decided by the government, how does RTHK find its balance from being controlled by the government through budget and policy on the one hand, yet maintain its editorial and creative independence on the other hand? This is exactly where successive administrations of the Hong Kong SAR government are finding themselves at odds with RTHK, which is already functioning well as a mature, professional, globally recognised and acclaimed public broadcaster. 

By adopting the mentality of the Central Government and its ruling party, the Hong Kong SAR government wants any critical voices silenced. This explains why RTHK has come under persecution from none other than the SAR government itself, with its political cronies. As Beijing interferes with the affairs of Hong Kong more and more blatantly and directly, we even heard news about alleged directives from the director of the Hong Kong Macau Office in Beijing to the Chief Executive in Hong Kong, telling her to “rein in” RTHK. 

Sadly, since before 2009, RTHK has been looking for a new home for its studios and offices, to replace its antiquated and insufficient facilities and infrastructures, but to no avail. What next? The very government bureau that put a limit on RTHK’s funding complained about the “low ratings” of RTHK’s digital TV channels, in spite of the fact that even this criticism is largely unfounded as it conveniently overlooked the success RTHK has achieved in its new media services, including the high level of online reach via YouTube, Facebook and its mobile apps.

So all these talks about low ratings are largely an excuse to cap or cut RTHK’s budget, to force it to become more obedient, editorially less independent and less critical, making it act more like the government mouthpieces in some authoritarian countries. RTHK’s critics picked on “The Headliner” — a long-running weekly show taking a satirical view on our current affairs and politics — and “The Pulse”, an English weekly news show, in particular over a recent interview with a World Health Organization official, where the program host probed the WHO official about Taiwan. A journalist’s completely neutral and open-ended question somehow crossed the red line of Beijing. Some questions cannot even be asked.

Last week, the Education Bureau suddenly ordered RTHK to return the ETV facility on Broadcast Drive, on short and sudden notice — due to the termination of RTHK’s production of educational TV programs for the EDB. Is this the way government departments deal with each other, without even the most basic courtesy and consideration? It is clearly yet another lesson the administration wants to teach RTHK, in line with calls from so many pro-establishment legislators to “punish” RTHK. It is both petty and vindictive. 

But I know the people of Hong Kong are with you, all of you at RTHK. We can see that this is more than a job for you. This is a fight for not only Hong Kong’s treasured tradition of public service broadcasting, but also for the professionalism and core values of Hong Kong that you are protecting, that our authorities are trying to manhandle and ultimately destroy. In particular for the journalists at RTHK, we know you are fighting a tough battle with the rest of Hong Kong’s frontline journalists against the flood of misinformation often stemming right from the authorities themselves, and facing more and more senselessly violent abuse and physical danger from the police force on the frontline. What I want to say is, this is not just your fight, it is for all of us Hongkongers.  

Editorial independence vs propaganda. Freedom vs censorship. 

So, a lot of people ask me, what can we do now, for RTHK. We can continue to tune in, listen and watch like before, as well as view, like and share online. Hundreds of thousands of us have signed online petition to support RTHK and urged the Director of Broadcasting to stand firm. These are the least we could do. And we will continue. 

But we must also counter the attacks on RTHK in all ways we can, so that everyone in Hong Kong will see how divisive and politically motivated these attacks are, and how they will rob us of Hong Kong’s best, sinking us to a level unworthy of being a global city that we thought we were. 

We must also remind everyone in Hong Kong, how ridiculous it is for our government, and indeed the same Commerce and Economic Development Bureau to propose to give billions of dollars to bail out an Ocean Park whose bottom has fallen out, yet at the same time hang RTHK out to dry. If we have to pick one of the two, gosh, the people’s choice is clear. It must be our RTHK. 

To our friends at RTHK, thank you for standing right next to the people of Hong Kong all these years. And we will stand with you. 

For Radio Television Hong Kong's Letter for Hong Kong, May 17 2020

Friday, December 20, 2019

[EJinsight] Erosion of freedoms, not US law, that investors will fret about

When US President Donald Trump officially signed the Hong Kong Human Rights and Democracy Act into law late last month, the mainland officialdom lashed out at Washington almost immediately. Before Trump cleared the legislation, state-owned newspaper People’s Daily described the bill as "a piece of waste paper”.

Beijing's fierce reaction suggests that the new law is indeed seen as a threat by China.

One key provision of the new piece of legislation is that it requires the US Secretary of State to issue certification on the autonomy of Hong Kong on an annual basis so as to justify the city's special trade and economic treatment, as an entity that is different from mainland China.

Such requirement, in fact, is already stipulated in the United States-Hong Kong Policy Act of 1992, only that this time, the Hong Kong Human Rights and Democracy Act has laid down the list of items which the US State Secretary needs to examine in a more specific and detailed fashion.

Some pro-establishment lawmakers in Hong Kong have said that such annual certification move by Washington would trigger uncertainty, prompting an outflow of capital and talents from the city, or affect the development of the innovation and technology sector in the Guangdong-Hong Kong-Macao Greater Bay Area.

In my opinion, pro-Beijing lawmakers have got it all wrong about the causality of the Hong Kong Human Rights and Democracy Act.

It is because the most fundamental concern that is prompting foreign investors to leave Hong Kong is neither the new US law nor an annual report compiled by the US government, but rather their first-hand experience of how freedoms and rule of law were being undermined in recent years.

To give one example, Chief Executive Carrie Lam Cheng Yuet-ngor has invoked the omnipotent emergency law to introduce an anti-mask rule. Also, interim injunctions have been sought to crack down on online posts at the expense of freedom of information.

Such developments are exactly the reason why foreign companies are beginning to have doubts on the issue of keeping their investments and the business operations in Hong Kong.

In other words, it is the diminishing confidence in Hong Kong’s rule of law and autonomy due to the recent events here, rather than Washington's moves to enact new Hong Kong-related legislation, that will trigger a potential brain drain and capital flight from the city.

The only way the SAR administration can hope to rebuild foreign investors’ confidence is by sending a signal that it will safeguard Hong Kong's core values, such as rule of law and freedom of information, and uphold human rights and individual liberties.

This article appeared in the Hong Kong Economic Journal on Dec 5 2019

Translation by Alan Lee

Sunday, December 15, 2019

[RTHK LTHK] The looming threat of censorship through anti-misinformation laws

You may have recently seen a series of so-called government announcements in the public interest, or API, on TV, cautioning the public to be careful about the information they receive on the internet. The API tells the public to verify and fact-check before believing these information, and not to spread misinformation, or the consequences can be devastating. 

The advice is reasonable. But the intention may be dubious. Why? It is because the government and especially the police force have been one of the biggest sources of misinformation in Hong Kong, during the last six months of pro-democracy protests which followed the government’s attempt to ram through the extradition bill. Needless to say, government claims about the extradition bill must have been some of the best examples of spreading misinformation, or simply lies. Likewise, many of the recent claims made by the police about their actions in their almost daily press conferences since this summer must be also justifiably classified as misinformation. 

So, it is quite clear to many that what the government is trying to do is to monopolise what is true and what is not. In recent weeks, more and more government officials and senior police officers, running out of arguments to justify their own versions as their truths, simply resort to attacking the other sides’ views as “fake news.”

Some may remember about two month ago, a letter from the police to Facebook was leaked on social media. In the letter, the Police requested the global social media company to remove a number of posts made by different users, based on the allegation that these posts were critical of the police and would potentially harm their reputation. Fortunately, the social media company did not comply with these requests. 

The issue at hand is not fake news. The issue at hand is freedom of expression, disguised by the authority in the name of countering misinformation. 

This week in the Legislative Council, in a written question put up by the Honourable Ted Hui, the police admitted to 621 removal requests made this year up to the end of November to local and international Internet and social media platforms, a whopping 18 times more than in 2018. The government response puts the blame on “a vast amount of fake news and baseless accusations that targeted the Police.” It is simply ludicrous for a government with the lowest approval and credibility ratings in history to say that. To many, this government which refuses to even allow an independent commission to investigate the police is itself the biggest source of fake news, and not to be trusted. 

The government seems to be saying that truth must be approved by authority, and its version of facts cannot be disputed by anyone, especially those who hold a different political view. 

So really, where do fake news come from? In August, Twitter, Facebook and YouTube removed over 200,000 accounts which were tied to the China government or state media, that were used purposely to smear the Hong Kong anti-extradition protests, and to spread misinformation about the protests. 

Yet, it is now the Hong Kong government and pro-establishment political figures that are making noises about fake news, saying that in order to counter these so-called misinformation, legislation should be passed to ban fake news. They would point to such legislation in other countries such as Germany and France, or Singapore. 

When I was in Berlin, Germany, two weeks ago, for the Internet Governance Forum, in a summit with legislators around the world, we compared notes about censorship attempts by different governments in the name of protecting the people, but in fact at the expense of curtailing freedom of expression. A German member of parliament told me in no uncertain term that, quote, misinformation is legal is Germany, end of quote. She said that freedom of expression is enshrined in the German Basic Law and not to be compromised by any other legislation. The new law was just an attempt to regulate contents that are narrowly defined such as relating to criminal defamation, hate crimes, or Holocaust denial. But, criticising the government is certainly a right that is legally protected at the highest level of their constitution. Even so, the legislations of such laws in Germany or France were still highly controversial. 

When I told this German legislator that pro-government politicians in Hong Kong are justifying removal of content on social media by quoting the German example, her response was — this must be an example of using misinformation to justify laws against misinformation, that is, plain censorship. Her conclusion was that laws in one land cannot be copied to another, or there will be abuse. 

Hong Kong, by comparison with Germany or France, does not have the democracy and the power vested in the people to protect our people’s own rights. One can reference the recent case of Singapore, where it also passed an anti-fake news law, and in recent weeks have started to enforce it against people posting messages on Facebook. When a member of the opposition party posted an opinion criticising certain government investment decisions, the Singaporean government decided that was fake news. 

So beware of the government’s evolving attempts to censor the Internet and social media, by drumming up the negative side. The Big Brother wants to stifle opinions against it, because that is the rule number one of hanging on to the authority they wish to continue to dominate. We must continue to guard against Internet censorship because no one else will save us. It is our — the people’s own — free opinion vs the government’s version of the only truth — that is what it is all about. And it’s worth the fight. 

For Radio Television Hong Kong's Letter for Hong Kong, Dec 15 2019