Rideshare app Didi suspends plans to expand into UK and Europe
By World Infrastructure Journal-
Didi Chuxing (a Chinese rideshare app that already operates in Asia, Africa, and South America) has elected to push back its arrival in the UK and Europe by at least 12 months. The decision comes after cybersecurity concerns triggered a regulatory crackdown against the company in China – and there’s a case for British and European regulators to do the same.
Amid concerns over data privacy, Didi Global Inc. is facing scrutiny from both Chinese and international authorities. As a result, the company has ceased to advertise UK-based positions and has chosen to delay the apps European launch for “at least” another 12 months. While this may seem like a victory for cybersecurity concerns, the situation affecting Didi is decidedly complex – even though Chinese and European authorities have similar motives.
Earlier this summer, at the beginning of August, Didi began to consider forfeiting control over some of its most crucial data to the Cyberspace Administration of China. It was an attempt to resolve a probe into the company that had been precipitated by Didi’s rather controversial US initial public offering – which saw the rideshare app garner over £3.2 billion in investment. What made the offering so controversial was not the amount generated however, or the fact that large parts of that sum came from other Chinese companies (Softbank and Tencent to be exact). In fact, Chinese authorities, by many accounts, were enthusiastic about the IPO. Rather, the controversy was that Didi’s entrance into a foreign market could mean domestically collected data could be shared internationally.
Apps like Didi, which currently has a 90 per cent share of the Chinese rideshare app market, rely on the vast amount of data they collect from their users to be able to orchestrate the 25 million rides they host every day. That same data, however, also makes them valuable intelligence assets and potential targets for cybersecurity attacks. For this reason, much like how the US has attempted to reign in Facebook, the Chinese government has cracked down on Didi (as well as Jack Ma’s Ant Group Co., Alibaba, and food delivery giant Meituan) to wrest back control over the flow and usage of data.
The situation facing Didi abroad is, then, not that different from the one at home. Despite having secured licences to operate in Manchester, Salford, and Sheffield as part of its UK plans, MPs have long raised concerns about Didi (and many other foreign-owned firms) potentially transferring data to their respective national governments. This discourse has tended to target Chinese-owned firms however they are not the only ones with large swathes of data that may or may not be passed onto individuals or organisations with ill-intent.
Earlier this year, for instance, LinkedIn suffered a data breach that impacted 92 per cent of its user base of 756 million users. The email addresses, phone numbers, and geolocation of those users was put up for sale on a dark web site, and 1 million were made publicly available by the hackers to provide proof to any potential purchaser. As such, while there may be a case for geopolitical alliances to factor into the flow and usage of data, the reality is that the data breaches can (and likely will) happen to firms of all persuasions unless stricter data control measures are passed.
The result of the crackdown on Didi, however, has been much more devastating than any punishment doled out to Facebook by the US government. Since concerns were raised back in April of this year over incidents such as Didi’s alleged disclosure of statistics on taxi trips taken by government officials, the company has found itself under a series of restrictions that have included the removal of the app from download stores and the number of new users limited. As a result, since raising over £3 billion in its IPO only a couple months ago, Didi has lost over a third of its market value.
It is unclear what Didi’s route forward is in China. There are rumours that, in a similar arrangement to the one currently governing foreign company’s use of data in China, Didi may be forced to store Chinese data in datacentres within the country with the help of a local partner. There is even less of an indication on what mayhappen in the UK and Europe, with a Didi spokesperson stating that “as soon as [they] have news on additional new markets, [they] look forward to sharing it. ”
Whatever the outcome, it is important that any momentum built for the case for stricter data management does not find itself focused on specific foreign governments. Data breaches can happen to any company, and as such clear and strict rules that govern how that data is managed and stored are a far more effective solution to cybersecurity concerns than consistently casting furtive glances abroad.
#wijnews #Didi #cybersecurity #datamanagment #EliotGillings