On July 4, 2021, less than a week after ride-hailing giant Didi’s U.S. IPO, Chinese regulators ordered Didi removed from app stores in the country. The purported reason—China’s Cyberspace Administration’s concerns over the app’s illegal data collection and storage practices. Didi reportedly stored Chinese users’ data in the U.S., although the Cyberspace Administration has not specified the nature of the data-privacy violation.
With a near-monopoly in China’s ride-hailing market, Didi’s data collection spans a wide range of user-mobility data. The Cyberspace Administration’s July 4 “announcement is the latest in a string of actions by government authorities aimed at reining in China’s large technology companies, which have become central to everyday life for more than a billion people, and at asserting more control over data that these companies hold,”reports the Wall Street Journal.
According to the WSJ, China's strengthening of its regulatory scheme started with "a cybersecurity law in 2017 that tightened Beijing's control over data flows." China's top legislators have followed up with another data-security law regulating customer-data use and collection in early June 2021.
The app store ban does not affect current users who had already downloaded the app, Didi said in a statement issued on the same day as the ban. This might suggest regulators are more interested in sending a message rather than undermining Didi’s business.
The Robins Kaplan Privacy Pulse blog features privacy and cybersecurity litigation topics including the latest news in cybersecurity law and policy, privacy legislation, and other related cyber topics making headlines.
