China’s cybersecurity regulator has imposed a fine of $1.2 billion on Didi Global for illegally collecting millions of pieces of user information over a seven-year period.
Didi ran afoul of the Cyberspace Administration of China (CAC) when it pressed ahead with its U.S. stock listing even though it was urged to wait while a cybersecurity review of its data practices was conducted, Reuters news report said.
The CAC said its investigation found Didi illegally collected millions of pieces of user information over a seven-year period starting June 2015, and carried out data processing activities that seriously affected national security.
CAC fined Didi 8.026 billion yuan ($1.2 billion) and, in an unusual move, said founder and Chief Executive Cheng Wei and President Jean Liu were responsible for the violations, and imposed penalties of 1 million yuan each.
Didi, backed by investors including U.S. rival Uber and Japan’s SoftBank Group, in a statement on its Weibo account said it accepted the CAC’s decision and would conduct comprehensive self-examination and rectification.
Didi’s fine would be the largest regulatory penalty imposed on a Chinese technology company since Alibaba Group and Meituan were fined $2.75 billion and $527 million respectively last year by the antitrust regulator.
Alibaba’s fine equated to about 4 percent of its 2019 domestic sales, while Meituan’s was equivalent to 3 percent of its 2020 domestic sales. In comparison, Didi’s fine would be equal to about 4.6 percent of the firm’s $25.7 billion revenue last year.
CAC announced its inquiry into Didi shortly after its New York debut on June 30, 2021. It also ordered app stores to remove 25 apps operated by Didi and told the firm to stop registering new users, citing national security and the public interest.
The restrictions have hit Didi badly, chipping away at its dominance and allowing rival ride-hailing services operated by automakers Geely and SAIC Motor to gain market share.