Image: Wu Jun/ VCG via Getty ImagesI
n less than a week, China’s leading ride-hailing platform, Didi, has gone from investor darling with a megabucks Wall Street debut to the biggest new target in Beijing’s fast-moving efforts to tame the country’s internet industry.
The latest front in the regulatory blitz is privacy and cybersecurity. Chinese consumers have grown increasingly privacy conscious in recent years and the authorities have taken particular interest in safeguarding platforms, like Didi’s, that handle sensitive information such as locations.
But Beijing’s moves against Didi — halting new user sign-ups, then ordering it off app stores in a span of two days — stand out both for their speed and for coming so soon after the company’s initial public offering last week. They send a stark message to Chinese businesses about the government’s authority over them, even if they operate globally and their stock trades overseas. And they are a reminder to international investors in Chinese companies about the regulatory curveballs that can sometimes come hurtling their way.
Wasting no time at all, China’s internet regulator announced Monday morning that user registrations on three more Chinese platforms were being suspended — also, as with Didi
, to allow officials to conduct cybersecurity reviews. The two companies behind those platforms have listed shares recently in the United States.
Concerns about data protection have been growing on both sides of the Pacific as relations between China and the United States have deteriorated in recent years. As the two powers vie for economic, military and technological advantages, they have each sought to ensure that their companies’ digital information does not slip into the other’s hands, even when business takes place across borders.
Beijing has not made clear what specific security and privacy problems — either past or potential — led regulators to move against Didi. But under Chinese law, cybersecurity reviews are a national security issue, something officials did not fail to highlight in announcing their review of Didi on Friday.
The tensions with the United States likely motivated Chinese officials to pay extra attention to Didi and its New York IPO, said Angela Zhang, director of the Center for Chinese Law at the University of Hong Kong. In this time of antagonism, selling shares in the United States inevitably caused worries in Beijing about how well Didi’s troves of Chinese data were being protected, Zhang said.
Another factor, she said: surging nationalism among Chinese internet users. This past weekend, after Chinese regulators halted new user registrations, Didi tried to dispel rumors that it handed data over to the United States as a consequence of its listing.
“That also in part exerts pressure on the regulators to act and also gives them legitimacy to act,” Zhang said.
Apart from Didi, the two companies whose platforms are now under cybersecurity review are Full Truck Alliance, whose apps connect freight customers and truck drivers, and Kanzhun, which runs a job-hunting platform called Boss Zhipin.
The surging stock market in the United States has drawn numerous other Chinese companies, including the grocery app Dingdong and the question-and-answer site Zhihu, to go public there in recent months. But Didi is by far the most prominent.
With 377 million active users a year in China and services in 16 other countries, the company has been celebrated in China as a homegrown tech champion, especially after it vanquished Uber
and bought its rival’s Chinese operations in 2016. A Didi representative declined to comment on regulatory issues Monday.
China’s clampdown on the country’s internet titans began to pick up speed after last year’s thwarted IPO of Ant Group
, the financial technology giant and Alibaba sister company. Like Didi, Ant had gone ahead with a share listing despite a history of regulatory concerns in China, though Ant had been preparing to list in Shanghai and Hong Kong, not in New York.
Didi filed preliminary IPO paperwork with the Securities and Exchange Commission on June 10. The rest of the listing process was completed at lightning speed, and on Wednesday, Didi’s shares began trading on the New York Stock Exchange.
But two days later, China’s internet regulator announced that Didi would not be allowed to register new users while the authorities conducted a cybersecurity review. The government’s rules for such reviews, which were enacted last year, are part of China’s framework for controlling security risks associated with the products and services that major tech companies use.
The next day, a Didi executive wrote on the social platform Weibo that he had seen rumors saying that because the company had gone public in New York, it had to turn over user data to the United States. The executive said that Didi stored all its Chinese data
on servers in China, and that the company reserved the right to sue anyone who said otherwise.
The message was reposted on Didi’s official Weibo account 16 minutes later, with the comment: “We hope everybody avoids spreading and believing rumors!”
On Sunday evening, the internet regulator put out another terse statement, this one ordering Didi’s app off mobile stores in China for unspecified problems related to the collection of user data.
©2019 New York Times News Service