On Monday, China’s cybersecurity watchdog announced probes into truck-hailing platforms Yunmanman and Huochebang, as well as job listing site Boss Zhipin. New users cannot register for these three apps during the investigation.
Yunmanman and Huochebang are China’s two major truck-hailing apps and label themselves as “Uber for trucks.” They merged in 2017 to create a new firm — Full Truck Alliance, which listed on the New York Stock Exchange last month, and is currently valued at $21 billion.
Boss Zhipin is one of China’s largest online job listing platforms. Its parent Kanzhun listed in New York last month and has a market cap of nearly $15 billion.
The Cybersecurity Review Office said in a statement that the probes are being undertaken to “prevent national data security risks, maintain national security, and protect the public interest.”
Full Truck Alliance said in a statement that it will actively cooperate with the probe and conduct a thorough check on its network security.
Didi Chuxing banned
The announcement came just hours after the Cyberspace Administration of China (CAC) banned Didi, the country’s largest ride-hailing service, from app stores after saying it posed a cybersecurity risk for customers. The CAC is China’s top internet regulator, and its Cybersecurity Review Office division is responsible for reviewing cybersecurity risks.
“Didi Chuxing app is found to have severely violated the laws by illegally collecting and using personal information,” the CAC said on Sunday. It called on Didi to fix the issue with its app to comply with the country’s laws and to ensure its customers’ safety.
“We sincerely thank the … department for its instruction in troubleshooting Didi’s risks,” Didi said. “We will rectify and improve risk avoidance and … provide safe and convenient services to our users.”
The ban on Didi comes less than a week after it went public on the New York Stock Exchange in the biggest US share offering by a Chinese company since Alibaba debuted in 2014.
The suspension was “to prevent national data security risks” and in accordance with the National Security Law and Cybersecurity Law, the Cybersecurity Review Office said in a statement on Friday. The wording was exactly the same as its Monday statement on Yunmanman, Huochebang and Boss Zhipin.
“[We] must never let any internet giant become a super database of Chinese people’s personal information that contains even more details than the state, let alone giving them the right to use those data at will,” the paper said in a commentary.
“Especially for a company like Didi, which is listed in the United States and whose first and second shareholders are all foreign companies, the state needs to strictly regulate its information security,” it said. “This is not only to maintain personal information security, but also to maintain national security.”
Based on the laws cited by the regulators, Didi is probably being investigated over its purchase of certain products and services from other suppliers, which may threaten national data security, according to analysts from Shenzhen-based Ping An Securities.
“Didi will inevitably have to check its core network equipment, high-performance computers and servers, large-capacity storage equipment, large databases and application software, network security equipment, and cloud computing services, sort them out and make necessary rectifications to meet regulatory requirements,” the analysts wrote in a note on Monday.
Yang Sirui, chief analyst for the computer industry at Bank of China International, said that Didi went for its public listing in the US hastily, probably due to investor pressure.
“Listing Didi as soon as possible meets the demands of the capital,” he said. “But if [Didi] had arbitrarily collected user privacy data, abused it, or monetized it illicitly, it will inevitably be punished by Chinese regulators.”
In March, Chinese President Xi Jinping stressed the need to regulate “platform” companies in the country. Several tech companies in the past few months have faced investigations for alleged monopolistic behavior or breaches of customer rights leading to record fines and massive overhauls.
Yang from Bank of China International said that Didi faces a different sort of investigation.
As a big ride-hailing platform, Didi possesses sensitive data that could concern national security, such as location data, he said.
— Alexis Benveniste and CNN’s Beijing bureau contributed to this report.