Chinese regulators asked Didi Global Inc. as early as three months ago to delay its landmark US initial public offering because of national security concerns involving its huge trove of data, according to people familiar with the matter.
The message was conveyed in meetings between the ride-hailing giant and regulators including the Cyberspace Administration of China, the people said, asking not to be identified discussing a sensitive matter. The Wall Street Journal reported earlier that officials were worried about Didi’s data potentially falling into foreign hands as a result of the greater public disclosure associated with a US listing.
Didi ultimately went ahead with the offering, raising US$4.4 billion in the second-largest debut by a Chinese corporation in US history. Two days later, the watchdog announced a cybersecurity probe of the firm and banned it from adding new users. The clampdown, which also ensnared two other Chinese tech companies that recently listed in the U.S., raises questions about what Didi knew of regulators’ intentions before the IPO and whether it should have been more forthcoming in disclosures to investors. Didi’s shares plummeted 28% in the US pre-market Tuesday, July 6, as traders returned after a long break.
The probe into China’s ride-hailing leader stunned investors and industry executives, hammering the Hong Kong shares of peers from Tencent Holdings -- one of Didi’s largest backers -- to Alibaba Group Holding and Meituan. Investors worry that the latest security-based probes opened a new front in Xi Jinping’s broader campaign against China’s internet giants that began in November with the collapse of Jack Ma’s Ant Group Co.’s US$35 billion IPO and subsequent antitrust investigations into Alibaba and Meituan.
“This is the first high-profile use of China’s cybersecurity review mechanism. It also raises questions about the firm’s personal data collection practice,” said Xiaomeng Lu, senior analyst, geo-technology for the Eurasia Group. “But more importantly, the timing of the action right after Didi’s record IPO suggests that Beijing is uncomfortable with large tech companies’ New York listings during a time of escalating tech tension between the two countries.”
The CAC didn’t immediately respond to a faxed request for comment. Didi said on Monday it was unaware before the IPO of the Chinese watchdog’s decision to suspend user registrations and remove its ride-hailing service from app stores. The company didn’t respond to a request for comment when asked whether regulators suggested it delay its IPO.
Unlike previous probes initiated by the country’s anti-monopoly watchdog, the investigations unveiled since last Friday originate from the powerful internet regulator. While it doesn’t have legal jurisdiction over overseas floats, the CAC has broad leeway to investigate and enforce laws around the national security implications of the data that Didi and other consumer apps hoover up. That power stems from Beijing’s over-arching goal of ensuring it has control over access to that data -- which like oil is now designated a strategic national resource -- and preventing any single private firm from becoming powerful enough to challenge its authority.
Didi is the highest-profile target of new legislation -- the so-called Cybersecurity Review Measures that took effect last June -- intended to police internet security at “critical infrastructure” firms. The CAC announced similar reviews into shipping apps operated by Full Truck Alliance Co and recruitment firm Kanzhun immediately after Didi’s.
“The message from regulators to Chinese tech companies is, ‘you may list overseas only so long as your house is in order within China,’” said Kendra Schaefer, head of digital research at consultancy Trivium China. “Didi’s house was not in order. They were well aware they were under scrutiny. All signs point to the fact that the CAC and likely also SAMR have been gearing up to investigate user data violations at many tech companies.”
More firms are expected to get caught up in the campaign. Some projections show China will hold a third of the world’s data by 2025, giving it potentially a massive competitive advantage in areas like artificial intelligence that will drive the modern economy.
The move against Didi and its peers adds a new dimension -- cybersecurity -- to a clampdown that has so far focused on fintech and antitrust issues. The Communist Party-backed Global Times said in a Monday column that Didi’s data hoard posed a threat to individual privacy as well as national security, particularly since its top two shareholders -- SoftBank and Uber Technologies Inc. -- were foreign.
Beijing’s targeting of recent US listings may chill the pipeline of overseas IPOs that have enriched Wall Street and private Chinese firms alike. That could in turn fuel concerns of an economic decoupling between China and the U.S., at least in sensitive areas like technology, as both Xi Jinping and Joe Biden take steps to limit the flow of capital and expertise between the two superpowers. Helping tech companies sell shares in New York has been a lucrative business for firms like Goldman Sachs Group Inc. and Morgan Stanley, both of which were key underwriters of the Didi IPO.
One company poised to test sentiment soon is Hong Kong on-demand logistics and delivery firm Lalamove, known as Huolala in China. It filed confidentially for a US initial public offering last month, according to people with knowledge of the matter, and is seeking to raise at least US$1 billion.
Even before the CAC’s crackdown, Didi had been under close scrutiny from regulators since a pair of murders in 2018 that founder Cheng Wei has called the firm’s “darkest days.” It was among 34 firms told by the antitrust watchdog to conduct self-inspections and rectify abuses, while the transport ministry had ordered ride-hailing companies including Didi to review their practices relating to driver income and pricing.
“Chinese internet and technology companies must learn to cope with tougher scrutiny. For a while, it may be difficult for companies to make reasonable predictions and responses to cyberspace supervision and law enforcement,” said Xia Hailong, a tech lawyer at Shanghai-based Shenlun law firm. “It takes time for both sides to reach common ground, and how to properly handle government oversight will also become an important issue for the entire Internet industry.”
