China’s powerful national spy agency and six other government departments have taken unusual measures to send investigators to Didi Chuxing’s office to conduct a security investigation of the ride-hailing group.
This ReviewEarlier this month, Didi first announced after its US$4.4 billion initial public offering in the United States, which caused Didi’s share price to plummet, marking the first public announcement of the mysterious Ministry of National Security that it would temporarily place employees within the company.
The Cyberspace Administration of China, the regulator responsible for coordinating Didi’s cybersecurity review, said on Friday that the investigation will also involve police, tax authorities, market competition regulators, and natural resources and transportation industry regulators. .
Feng Chucheng, a technical analyst at consulting firm Plenum, said: “Publishing which institutions are involved is a warning to other companies not to disrupt national security, but this is also an attempt by Beijing to make the review process more transparent.” Ai.
CAC announced two weeks ago that the scale of its investigation into Didi may further deter investors in Chinese technology stocks and curb interest in China’s offshore IPOs.
CAC followed up Didi’s security review and took a series of punitive measures and sent it to Stock price drop It rose by 20% in the week after the initial public offering. The agency also proposed new rules that prohibit companies with more than 1 million users from listing abroad until they receive official permission after undergoing a security review.
CAC did not elaborate on its concerns, only mentioning data security and national security risks.Before the IPO, CAC had already Require Didi to rectify People familiar with the matter said that it displays map labels, worrying that they might inadvertently leak sensitive locations, such as military bases.
However, there is currently no evidence that sensitive data has been leaked. Li Min, vice president of Didi, responded to speculation on social media, saying that the company is “absolutely impossible” to provide data to the United States.
Didi’s investigation is also the first time Beijing has publicly used its new cyber security review mechanism. In just over a year, the program aims to assess supply chain security rather than data security.
Legal experts said that the unprecedented nature of the Didi case and the lack of details on the content of the review involved put the company in uncharted territory.
“This is very unusual. There will be a full range of compliance risks,” said Xu Ke, director of the Internet Law Institute of Beijing University of International Business and Economics.
The number of institutions involved also increased the risk of disagreements and prolonged review processes, during which Didi was banned from registering new users.
According to cyber security review regulations, the preliminary review must be completed within 60 working days or three months. If different agencies disagree on their conclusions, a special review should be initiated, which may continue for another 45 working days or more.
“All major regulatory agencies are present, which means that firstly, this inspection will be comprehensive, and secondly, it will not be too short,” said James Gong, a lawyer for Herbert Smith Freehills.
Kendra Schaefer, a technical analyst at Beijing-based consulting firm Trivium, said: “The regulatory documents have clearly shown that there is a coordination problem and there are many chefs in the kitchen.”
Schaefer added: “The Ministry of National Security is a new turning point. This happens when you have a broad definition of what national security is.”
Additional report by Liu Nian in Beijing