BEIJING – The Chinese Cyberspace Administration (CAC) announced on Friday that officials from at least seven departments deployed on-site teams to Didi Global Inc. to perform a cybersecurity review. According to the statement, the regulators include the CAC, the Ministry of Public Security, the Ministry of State Security, the Ministry of Transport, the Ministry of Natural Resources, the State Taxation Administration, and the State Administration for Market Regulation.
CAC did not provide any additional information in its statement, but the involvement of various government agencies indicates that the nine-year-old corporation is under increased regulatory scrutiny.
China is in the process of revising its privacy and data security policies. It is working on a Personal Information Protection Law that would require internet platforms to take more stringent procedures to ensure that user data is stored securely. China’s Data Security Law is slated to go into effect in September, requiring enterprises that process “important data” to undergo risk assessments and submit reports. It also asks for annual reviews of organizations that process data that affects China’s national security. CAC started the data-related cybersecurity inquiry against Didi just two days after the company raised US$4.4 billion in its New York IPO, claiming the need to preserve national security and the public interest. Didi was also forced by regulators to remove its apps from China, which it claimed would affect its revenue.
Didi, which has a market capitalization of $60 billion, did not answer to a request for comment on CAC’s new statement immediately. It previously stated that it stores all user and road data in China. (Yingzhi Yang, Yilei Sun, and Tony Munroe contributed reporting; Stephen Coates edited the piece.)/n
