Bolstered by its wide swath of data on users, mapping and traffic, Didi Global Inc. became the dominant ride-hailing company in China. Now, that data is turning into a liability.
On Friday, China sent state-security and police officials and other regulators into the company’s offices, as the government zeroes in on its cybersecurity practices and collection of personal information. The visit was a part of a review ordered just days after shares sold in Didi’s $4.4 billion initial public offering started trading publicly in New York.
Their target is a company with 377 million annual active users and 13 million annual active drivers in China. Users turn over their cellphone numbers, which in China are linked to their real names and identifications. They also often voluntarily share photos, frequent destinations such as home and office, their gender, age, occupation and companies. To use other Didi services such as carpooling or bike sharing, customers might also have to share other personal information including facial-recognition data.
Drivers must give Didi their real names, vehicle information, criminal records, and credit- and bank-card information.
The company in securities filings touts its repository of real-world traffic data as the world’s largest. The 25 million daily rides on its platform in China feed a database of pickup points, destinations, routes, distance and duration. In-car cameras and voice recorders capture conversations.