Image source: China Visual Group
BEIJING, July 21 (TMTPOST) – China’s ride-hailing giant Didi Global was fined 8.026 billion yuan (about US$1.19 billion) for serious violations of Internet security laws on Thursday, marking the end of a year-long probe into the dominant firm in China’s travel industry.
The Cyberspace Administration of China, the Internet watchdog, issued a statement, saying that Didi violated the Internet Security Law, the Data Security Law and the Personal Information Protection Law. The company’s Chairman and CEO Cheng Wei and President Liu Qing were imposed a fine of 1 million yuan each, according to the statement.
The Internet regulator said in another statement posted on its website on Thursday that the investigation was launched to “prevent national data security risks, safeguard national security and protect the interest of the public” in July 2021. The conclusion was that evidence for the violations was clear and solid and the nature of the violations was serious, according to the statement.
There were 16 counts of violations in eight aspects. First, it illegally collected 11.96 million of snapshots from users’ cellphone photo albums. Second, it collected unneccisary information from users’ pasteboards and application list for 8.323 billion times. Third, it collected information on passenger face recognition for 107 million times, on the age range for 53.50 million times, on occupations for 16.33 million times and on relationship for 13.83 million times. It also overly collected information on “home” and “office” for 153 million times. Fourth, it illegally collected information on user’s real-time location for 167 million times. Fifth, it collected information on driver’s education background for 142,900 times and on drivers’ identification cards for 57.8 million times. Sixth, it collected the purpose of a passenger’s travel without notifying the passenger for 53.97 billion times. Seventh, it often demanded the right to access a passenger’s phone number unnecessarily. Eighth, it did not provide a clear and accurate explanation on the purpose of collecting information on a user’s devices.
The wide range and high frequency of the company’s violations listed by the Internet regulator shocked many netizens. However, they also wonder whether other companies engaged in similar activities to violate the privacy of application users.
Didi floated a US$4.4 billion initial public offering in New York on June 30, 2021, despite Chinese regulators’ opposition to its listing plan and concerns over its cybersecurity practices. It had acquired about 80 percent of China's shared travel market prior to its IPO.
On July 2, 2021, a probe into the company’s data security practices was started and Didi’s apps were removed from app stores in China a few days later.
更多精彩内容,关注钛媒体微信号(ID:taimeiti),或者下载钛媒体App
版权归原作者 钛媒体 所有, 如有侵权,请联系我们删除。