Weibo’s plan to go public in Hong Kong shrouded in uncertainty by Beijing’s tough new data regime

November 23, 2021 GMT

Weibo’s plan to sell shares in Hong Kong is clouded by uncertainties stemming from Beijing’s tough new data regulations, says the Chinese social media platform with 250 million daily active users in its listing prospectus, putting a spotlight on the national security issues now facing tech companies.

China’s answer to Twitter, which frequently breaks news in the country’s tightly-controlled cyberspace, filed a draft prospectus with the Hong Kong stock exchange last week, in another step towards a secondary listing in Hong Kong after it went public on Nasdaq in April 2014.

While the secondary listing in Hong Kong path is now a well-trodden one ” following similar moves by Alibaba Group Holding, owner of South China Morning Post, Baidu, JD.com and Bilibili ” Weibo’s offering comes at a time when the Cyberspace Administration of China (CAC) is upping its scrutiny of domestic companies seeking to go public outside mainland China, including Hong Kong.


Do you have questions about the biggest topics and trends from around the world? Get the answers with SCMP Knowledge, our new platform of curated content with explainers, FAQs, analyses and infographics brought to you by our award-winning team.

A draft regulation published by CAC, which is seeking public feedback until the middle of December, has made it clear that IPOs in Hong Kong by Chinese tech companies have to go through a data security review if national security concerns are involved. And it’s easy to see why Weibo, with its hundreds of millions of users, could fall squarely into this category.

Just in the past week Weibo has been embroiled in controversy after allegations were posted on the platform by Chinese tennis player Peng Shuai against China’s former Vice Premier Zhang Gaoli.

While Weibo has not gone into the details of any specific regulations or cases, it has said there are “substantial uncertainties” brought to its operations by China’s rapidly evolving cybersecurity regime. “The cybersecurity legal regime in China is relatively new and evolving rapidly, and their interpretation and enforcement involve significant uncertainties,” Weibo said in its draft prospectus.

The draft Network Data Security Management Regulation, which includes the Hong Kong IPO clause, is vague in defining “national security”, Weibo noted. “There have been no clarifications from the authorities as of the date of this document as to the standards for determining such activities that ‘affect or may affect national security,’” said Weibo, which is 29 per cent owned by Alibaba.

If the draft regulation is passed as is, it may “materially impact our capital-raising activities” as the Hong Kong listing must go through a cybersecurity review if it is determined to have an impact on national security, Weibo states in its prospectus.


“Any failure to obtain such approval or clearance from the regulatory authorities could materially constrain our liquidity and have a material adverse impact on our business operations and financial results, especially if we need additional capital or financing,” the company wrote.

Weibo could very likely be identified as a “critical information infrastructure operator”, a concept proposed in the 2017 Cybersecurity law that refers to companies in key industries whose data security should receive even more stringent scrutiny from Beijing.

The concept lacked specific enforcement guidance until August this year, when the State Council set out rules for identifying what companies fall into the category. The new rules require that regulators for specific industries formulate detailed guidance to recognise their respective important operators, then notify them and the State Council accordingly. The public security department and the police will then take a leading position in ensuring security.

The August rules also give guidance on what government bodies should take into consideration when defining who critical information infrastructure operators are, as well as the responsibilities and punishments for those companies that fail to comply.

But this still means that companies are in the dark as to whether they will merit intense scrutiny as the Chinese government “has wide discretion in the interpretation and enforcement of these laws,” Weibo wrote in its prospectus.

The company noted that it has taken steps to meet the obligations for critical information infrastructure operators, including setting up a special security management team, organising regular cybersecurity training, and formulating emergency plans for cybersecurity incidents.

Nevertheless, if Weibo is indeed identified as a critical information infrastructure operator, the designation may still disrupt its operations, the company has warned potential investors.

This article originally appeared on the South China Morning Post (SCMP), the leading news media reporting on China and Asia. For more SCMP stories, please download our mobile app, follow us on Twitter, and like us on Facebook.

Copyright (c) 2021. South China Morning Post Publishers Ltd. All rights reserved.