China's Didi Global fined $1.2 billion for data violations
China’s internet watchdog has fined ride-hailing firm Didi Global more than 8 billion yuan ($1.2 billion) following an investigation into the company’s cybersecurity practices
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.China’s internet watchdog on Thursday fined ride-hailing firm Didi Global more than 8 billion yuan ($1.2 billion) following an investigation into the company’s cybersecurity practices.
The probe found Didi violated China’s network security law, data security law and a law protecting personal information, the Cyberspace Administration of China said in a statement.
A separate statement explaining the fine said Didi’s “illegal operations” had brought “serious” national security risks, affecting the country’s information infrastructure and data security.
Didi’s chairman Cheng Wei and president Jean Liu were fined 1 million yuan ($148,000) each as they were held responsible for the company’s violations, regulators said.
“Didi’s violations of laws and regulations are serious, and in light of the network security review, they should be severely punished,” the statement read.
Didi illegally collected nearly 12 million screenshots and 107 million pieces of passengers facial recognition data and more than 167 million records of location data, among other information, regulators said. The company’s violations first began in June 2015.
Didi said in a statement posted to its official Weibo social media account that it “sincerely” accepted the decision.
“We will take this as a warning, and persist in paying equal attention to both security and development,” Didi said, adding that it would work toward “safe, healthy and sustainable” development of its business.
The decision comes over a year after Didi pushed forward with its New York stock listing in June 2021.
Regulators, who reportedly did not approve of Didi’s listing, launched the investigation two days after the company went public and ordered it to take down more than two dozen apps, sending its stock price plunging.
Didi moved to delist from the New York stock exchange, exiting on June 10.
The ride-hailing firm is among a slew of internet technology firms that have faced close scrutiny during a crackdown on the technology industry that began in 2020, with regulators halting Alibaba-affiliated financial technology firm Ant Group’s initial public offering.