China’s Crackdown on Didi Is a Reminder That Beijing Is in Charge

In less than a week, China’s leading ride-hailing platform, Didi, has gone from investor darling with a megabucks Wall Street debut to the biggest new target in Beijing’s fast-moving efforts to tame the country’s internet industry.

The latest front in the regulatory blitz is privacy and cybersecurity. Chinese consumers have grown increasingly privacy conscious in recent years, and the authorities have taken particular interest in safeguarding platforms, like Didi’s, that handle sensitive information such as locations.

But Beijing’s moves against Didi — halting new user sign-ups, then ordering it off app stores in a span of two days — stand out both for their speed and for coming so soon after the company’s initial public offering last week. They send a stark message to Chinese businesses about the government’s authority over them, even if they operate globally and their stock trades overseas. And they are a reminder to international investors in Chinese companies about the regulatory curveballs that can sometimes come hurtling their way.

Wasting no time at all, China’s internet regulator announced on Monday morning that user registrations on three more Chinese platforms were being suspended — also, as with Didi, to allow officials to conduct cybersecurity reviews. The two companies behind those platforms have listed shares recently in the United States.

Concerns about data protection have been growing on both sides of the Pacific as relations between China and the United States have deteriorated in recent years. As the two powers vie for economic, military and technological advantages, they have each sought to ensure that their companies’ digital information does not slip into the other’s hands, even when business takes place across borders.

Beijing has not made clear what specific security and privacy problems — either past or potential — led regulators to move against Didi. But under Chinese law, cybersecurity reviews are a national security issue, something officials did not fail to highlight in announcing their review of Didi on Friday.

The tensions with the United States likely motivated Chinese officials to pay extra attention to Didi and its New York I.P.O., said Angela Zhang, director of the Center for Chinese Law at the University of Hong Kong. In this time of antagonism, selling shares in the United States inevitably caused worries in Beijing about how well Didi’s troves of Chinese data were being protected, Professor Zhang said.

Another factor, she said: surging nationalism among Chinese internet users. This past weekend, after Chinese regulators halted new user registrations, Didi tried to dispel rumors that it handed data over to the United States as a consequence of its listing.

“That also in part exerts pressure on the regulators to act, and also gives them legitimacy to act,” Professor Zhang said.

Apart from Didi, the two companies whose platforms are now under cybersecurity review are Full Truck Alliance, whose apps connect freight customers and truck drivers, and Kanzhun, which runs a job-hunting platform called Boss Zhipin.

The surging stock market in the United States has drawn numerous other Chinese companies, including the grocery app Dingdong and the question-and-answer site Zhihu, to go public there in recent months. But Didi is by far the most prominent.

With 377 million active users a year in China and services in 16 other countries, the company has been celebrated in China as a homegrown tech champion, especially after it vanquished Uber and bought its rival’s Chinese operations in 2016. A Didi representative declined to comment on regulatory issues on Monday.

China’s clampdown on the country’s internet titans began to pick up speed after last year’s thwarted I.P.O. of Ant Group, the fintech giant and Alibaba sister company. Like Didi, Ant had gone ahead with a share listing despite a history of regulatory concerns in China, though Ant had been preparing to list in Shanghai and Hong Kong, not in New York.

Since then, Didi hardly avoided the heightened scrutiny of the internet industry as it prepared to go public. At the end of March, market regulators in the southern megacity of Guangzhou summoned it and nine other companies involved in the travel and delivery business and ordered them to compete fairly and not to use consumers’ personal information to charge them higher prices.

The month after, Didi was one of nearly three dozen Chinese internet companies hauled before regulators and ordered to obey antimonopoly rules. Then, in May, transportation regulators met with Didi and other platforms and told them to ensure fairness and transparency when it came to pricing and drivers’ incomes.

Didi filed preliminary I.P.O. paperwork with the Securities and Exchange Commission on June 10. The rest of the listing process was completed at lightning speed, and on Wednesday, Didi’s shares began trading on the New York Stock Exchange.

But two days later, China’s internet regulator announced that Didi would not be allowed to register new users while the authorities conducted a cybersecurity review. The government’s rules for such reviews, which were enacted last year, are part of China’s framework for controlling security risks associated with the products and services that major tech companies use.

The next day, a Didi executive wrote on the social platform Weibo that he had seen rumors saying that because the company had gone public in New York, it had to turn over user data to the United States. The executive said that Didi stored all its Chinese data on servers in China, and that the company reserved the right to sue anyone who said otherwise.

The message was reposted on Didi’s official Weibo account 16 minutes later, with the comment: “We hope everybody avoids spreading and believing rumors!”

On Sunday evening, the internet regulator put out another terse statement, this one ordering Didi’s app off mobile stores in China for unspecified problems related to the collection of user data.

This is not the first time that an app under pressure from the Chinese authorities has been removed from mobile stores, though in many such cases, the apps have later been reinstated.

In 2018, two popular video platforms, Kuaishou and Huoshan, vanished from app stores after a state broadcaster accused them of glorifying underage pregnancy. Huoshan is run by TikTok’s parent company, ByteDance.

The following week, a ByteDance humor app, Neihan Duanzi, was taken offline completely for what regulators called vulgar content. The app didn’t just disappear from stores, it also stopped working for people who already had it on the phones.

On Monday, as Didi’s travails were being discussed on the Chinese internet, one article circulated that had originally been published by state news media in 2015. The article used detailed data from Didi’s research wing to analyze the number of rides taken from several government departments over the course of a day, drawing conclusions about the amount of overtime worked by employees in those departments.

The comment that was appended on Monday to the top of the article: “At the time, nobody thought that Didi’s big data could cause a big uproar today.”

Albee Zhang contributed research.