Beijing summons Alibaba, Tencent, ByteDance, 9 other tech firms over data security concerns

  • The Cybersecurity Bureau under China’s MIIT lectured the firms about improvements in their operations to comply with the country’s Data Security Law
  • The new Data Security Law was passed in June and will take effect on September 1

The Cybersecurity Bureau under the Ministry of Industry and Information Technology (MIIT) has summoned 12 major Chinese technology companies, including Alibaba Group Holding, Tencent Holdings and ByteDance, to lecture them about improvements in their operations to comply with the country’s Data Security Law.

The MIIT said it delivered instructions from Chinese President Xi Jinping on “safeguarding national data security and regulating the economic development of internet platforms”, without elaborating, according to its statement on Friday. The ministry, which met with the tech companies on Wednesday, also did not specify when Xi issued those instructions.

Representatives from those 12 tech companies were told to “treat protecting data security as the bottom line and red line in business operations”, supporting the country’s efforts to “protect national sovereignty, security and development interests”.

The other Big Tech firms in the meeting were Meituan, Xiaomi,, Weibo, Baidu, Pinduoduo,, cybersecurity systems provider Qi An Xin Technology and Ant Group. Alipay operator Ant is an affiliate of Alibaba.

China’s new Data Security Law is expected to make it more difficult for companies, especially those with cross-border operations, to navigate the country’s increasingly complicated regulatory environment.

The MIIT’s meeting with major technology companies shows how cybersecurity remains high on Beijing’s agenda, with a focus on preventing what it deems as sensitive data from going abroad as well as preventing internet firms from abusing their users’ personal information.

Under China’s new Data Security Law, which was passed in June and will take effect on September 1, companies that transfer the state’s “core data” overseas without proper approval from Beijing will face a penalty of up to 10 million yuan (US$1.55 million) and could be forced to shut down.

By treating data as a national security issue, domestically stored data is now shielded from the long arm of US jurisdiction amid ongoing tensions between Washington and Beijing.

The much-anticipated Personal Information Protection Law, representing China’s first set of rules to safeguard personal data, is expected to be released later this year.

Ride-hailing giant Didi Chuxing was recently put under China’s first-ever cybersecurity review, a move that could prompt increased oversight on Chinese companies, especially those that are listed or plan to list overseas.

Author: Che Pan, South China Morning Post

You might also like