Advertisement
Didi Chuxing
TechPolicy

Explainer | Why does ride-hailing giant Didi’s cybersecurity review involve so many Chinese government agencies and who is absent?

  • China’s Cybersecurity Review Office is managed by 12 ministries, but only four are involved in Didi’s review with three unrelated agencies invited to join
  • It is too early to tell how China’s first cybersecurity review of a Big Tech company might end, but it’s already having a chilling effect on US IPOs

Reading Time:3 minutes
Why you can trust SCMP
3
The app of Chinese ride-hailing giant Didi Chuxing is seen on a mobile phone in front of the company logo on July 1. Didi has become the subject of China’s first cybersecurity review, but the many different ministries involved suggest a broad scope. Photo: Reuters
Coco Feng
After having its apps removed from app stores and being sued by shareholders in the US, Didi’s cybersecurity review is finally getting under way. A task force of seven Chinese ministries entered the company’s offices on Friday to kick off the country’s first such review, testing new powers that could have a wide-ranging impact on how the country’s biggest technology companies operate.
Advertisement

While rules dictate that several ministries could potentially be involved in cybersecurity reviews, not all of them are involved with Didi’s case and some additional ones have been invited on. Here is a closer look at who is involved and what it means for China’s dominant ride-hailing firm.

Which Chinese ministries are involved in cybersecurity reviews?

According to China’s Cybersecurity Review Measures published in 2020, such reviews are handled by the Cybersecurity Review Office under the Cyberspace Administration of China (CAC).

The office is backed by 12 ministries: the Cyberspace Administration of China, the National Development and Reform Commission, the Ministry of Industry and Information Technology, the Ministry of Public Security, the Ministry of State Security, the Ministry of Finance, the Ministry of Commerce, the People’s Bank of China, the State Administration for Market Regulation, the State Administration of Radio, Film and Television, the National Administration of State Secrets Protection, and the State Cryptography Administration.

Which ministerial bodies are involved in the cybersecurity review of Didi Chuxing?

Seven ministries are involved with Didi’s review, according to a statement from the CAC on Friday, but only four of them are among the agencies that back the Cybersecurity Review Office.

In addition to the CAC, the bodies from the review office include the Ministry of Public Security, the Ministry of State Security and the State Administration for Market Regulation. The other three agencies are included on an “ad hoc” basis. They are the Ministry of Natural Resources, the Ministry of Transport and the State Administration of Taxation.

Why are an additional three ministries involved in Didi’s probe?

Chinese authorities did not provide details of how the cybersecurity review is being conducted, but it is possible the additional agencies have been brought in because of the specific industry in which Didi operates.

Advertisement
Didi has access to a lot of real-time mapping data such as road conditions, which Chinese regulators consider sensitive information. Photo: Bloomberg
Didi has access to a lot of real-time mapping data such as road conditions, which Chinese regulators consider sensitive information. Photo: Bloomberg
Advertisement