The Cyberspace Administration of China (CAC) fined ride-hailing company Didi Global RMB8bn (USD1.2bn) for violating cybersecurity and data regulations, as reported by the Paper on July 21. Cheng Wei, Didi’s CEO and Founder, and Jean Liu, Didi’s President, were each fined around CNY1m (USD150,000) as individuals accountable for the breaches. According to CAC, Didi collected excessive amounts of user information, violated user privacy, and illegally processed personal information on facial recognition, location, ID card numbers, and a variety of other types of sensitive personal information, as well as having data processing activities that jeopardized national security.
Didi debuted on the New York Stock Exchange (NYSE) on June 30, 2021, with an offering price of USD14 per share, raising USD4.4bn, and its market value soared to USD80bn on the first day of trading. However, CAC restricted new Didi’s App downloads and new user registrations within days of the listing, claiming major irregularities in the collection and use of personal information. CAC joined forces with multiple regulators in July 2021 to undertake cybersecurity reviews on Didi. Consequently, Didi’s share price plunged as a result of regulatory scrutiny, and by June of this year, the company formally announced its delisting from the NYSE. China is tightening regulations on data security and privacy for internet service providers.