When Chinese regulators announced an investigation into data security at Didi Chuxing last month, one-fifth of the New York-listed ride-hailing group’s market value was immediately wiped out.
Beijing-based Didi, the entire Chinese technology sector and global investors are now braced for the results of the unprecedented probe.
Neither the company nor the regulatory agency leading the investigation, the Cyberspace Administration of China, has signalled what to expect. But analysts believed Beijing would use the Didi probe to sound a warning: tech groups must prioritise domestic compliance over foreign investors.
“They are trying to make a point: don’t do this. The last time they made a big point was with Alibaba, that was a record-breaking fine,” said Kendra Schaefer, tech analyst at Beijing-based consultancy Trivium, referring to the $2.8bn antitrust penalty slapped on Jack Ma’s ecommerce group in April.
“Beijing’s primary goal on data is to make companies understand that data and network security compliance is absolutely crucial for their continued development,” she said.
The probe was announced on July 2, days after Didi’s $4.4bn initial public offering. Officials had up to 45 working days for their investigation.
Didi’s statements have since been restricted to responding to media reports: of looming senior management changes, third parties being brought in for data management and that the company might even go private.
Didi described the reports’ claims as “untrue and unsubstantiated”.
Despite those denials, investors in the ride-hailing group remained highly concerned that it had already been directed to exit its New York Stock Exchange listing, two people familiar with the matter told the Financial Times.
Another person familiar with the investigation expected the Chinese government to take a “golden share” in Didi, which would enable closer state control in the future.
That outcome, the person said, had become more likely after a think-tank operating under China’s markets watchdog released a working paper in April encouraging golden shares in groups with critical importance for the public.
Didi declined to respond to questions.
Even people closely involved in the Didi IPO are looking for answers.
In New York, lawyers have filed a class-action lawsuit on behalf of Didi’s investors alleging they were misled by the company and its executives over its prior dealings with Chinese regulators.
Questions over whether Didi accurately disclosed the pressure it faced from the CAC have also led to scrutiny of the banks that underwrote its listing, which included Goldman Sachs and Morgan Stanley.
Didi and its banks had assurances from their legal counsel in China that “it was fully compliant”, an executive at one of the Wall Street banks running the process said shortly after the ride-hailing group’s shares tumbled last month.
For SoftBank, Didi’s biggest shareholder with a 20.1 per cent stake, the investigation could prove pivotal to determining the future of the Japanese group’s investments in China’s tech sector.
SoftBank founder Masayoshi Son has said he would cut investments in Chinese start-ups until the extent of Beijing’s regulatory crackdown became clear.
There are also hopes that the Didi probe will provide clues as to how far and deep the regulatory changes will go.
Schaefer said that while Beijing was often “pretty lax” on details, some “parts of the government are desperate to give guidance to other companies so that they take voluntary action to self-correct”.
Didi’s rivals and businesses in other tech sectors across China would be watching to see whether the ride-hailing group would be permitted to return to running its app as normal, or whether Beijing would require a significant overhaul.
Early last month, the company was directed to remove its platform from Chinese app stores, while the CAC had warned prior to the listing that the company’s mapping technology could expose sensitive locations, such as military bases.
There were also expectations that Beijing would force Didi to reduce the commissions it takes from drivers, following transportation ministry guidance.
In an apparent effort to improve its image, Didi recently began showing passenger videos extolling the company’s “positive energy” for society from newly-installed flatscreens in its leased cars in Beijing. The state-run Beijing Daily newspaper criticised the move as a potential safety hazard that was unpopular with drivers and passengers.
Uncertainty over which regulators have ultimate oversight over the tech industry has been exacerbated by the presence of at least seven state organs in the Didi probe.
As well as the CAC, officials from China’s espionage agency, its natural resources and transport ministries, as well as tax and police officials and the competition watchdog have descended on the company’s headquarters.
“The big question mark for us was the tax bureau — that seemed incredibly unrelated,” said Schaefer. “Was that because they decided to bundle a tax review into this, or will the tax department be involved in cyber security reviews going forward?”
The Didi investigation marked the first such cyber security review under China’s sweeping changes to data governance, which include strict new data privacy laws.
However, Samm Sacks, a senior fellow at Yale Law School’s Paul Tsai China Center, warned that the triggers for future probes and the outcomes might remain “a black box”.
The review is “a highly subjective tool that could be used by the government at whim when they needed to send a message or assert control over a company”, she said. “That is what makes it so scary.”
Additional reporting by Sherry Fei Ju and Christian Shepherd in Beijing
#techAsia weekly newsletter
Your crucial guide to the billions being made and lost in the world of Asia Tech. A curated menu of exclusive news, crisp analysis, smart data and the latest tech buzz from the FT and Nikkei
Sign up here with one click