The Asian Voice

Fines on Didi show determination to protect data security: China Daily contributor

The writer says online platforms should be banned from illegally collecting users' information to reduce the chances of customers falling prey to data leakage.

People walk past the headquarters of the Chinese ride-hailing service Didi in Beijing on Dec 3, 2021. PHOTO: REUTERS

BEIJING (CHINA DAILY/ASIA NEWS NETWORK) - Chinese authorities have been reiterating they are committed to protecting people's privacy and personal information. And the heavy fines they imposed on China's local ride-hailing giant and its top executives show they mean what they say.

China's cybersecurity regulator said on Thursday (July 21) that it has fined Didi Global more than 8 billion yuan (S$1.64 billion) for abusing data security and personal information protection laws following a yearlong cybersecurity review.

The Cyberspace Administration of China (CAC) said its investigation found the ride-hailing giant had illegally collected millions of pieces of users' information since June 2015, and carried out data processing that seriously affected national security. Aside from the over 8 billion yuan fine on Didi on the penalty, the cybersecurity regulator also fined the company's founder and chief executive Cheng Wei and president Liu Qing 1 million yuan each.

Shortly after the regulator's announcement, Didi responded in a statement on its Weibo account that it accepted the CAC's decision and will conduct an in-depth self-examination and rectify its actions. The tech company's penalty demonstrates Chinese authorities' commitment to safeguard cybersecurity, so as to promote the healthy development of the digital economy, which is becoming a new driver of China's high-quality development.

But since data security has become an important part of national security, more efforts are needed to boost vigilance and bolster the fight against data piracy. As one of China's biggest and most influential tech companies, Didi, unfortunately, failed to fulfil its responsibility to protect users' information and thus abused their trust.

In today's digitalised era, a user's information including facial recognition, age, photograph, occupation and short messages can be easy targets of cyber attacks. So, online platforms and high-tech companies should be banned from illegally collecting users' information to reduce the chances of customers falling prey to data leakage.

China has made progress in strengthening the legal framework for cybersecurity in recent years by, among other things, improving regulations and mechanisms for collecting, processing, managing and making good use of data resources.

For example, the ministries including the CAC and the Ministry of Public Security jointly issued a document last year that listed clearly the necessary personal information that 39 categories of apps can collect. Among them, a ride-hailing app can only obtain a user's name, telephone number and location, because such information is necessary. The user's photograph and gender are unnecessary details and hence the app should not collect them. By defining what constitutes "necessary personal information", the document made it clear that apps should refrain from obtaining detailed personal information.

Didi has paid a heavy price for its illegal practices. Hopefully, the case will be a new beginning for the tech platform and its peers, and they will better respect and protect users' information, especially personal information.

  • The writer is a contributor for the paper. China Daily is a member of The Straits Times media partner Asia News Network, an alliance of 22 news media titles.

Join ST's Telegram channel and get the latest breaking news delivered to you.