Didi in talks with state-owned Westone to manage data, placate regulators

Didi Global Westone China
FILE PHOTO: A Didi logo is seen at the headquarters of Didi Chuxing in Beijing, China November 20, 2020. REUTERS/Florence Lo/File Photo

HONG KONG (Reuters) -Chinese ride-hailing firm Didi Global Inc is in talks with state-owned information security firm Westone to handle its data management and monitoring activities, sources said, as part of its efforts to placate domestic regulators.

The largest Chinese ride-hailing group became the target of an investigation by regulators in the country just days after it raised $4.4 billion in an initial public offering in the United States.

The powerful Cyberspace Administration of China (CAC) last month launched a data-related cybersecurity investigation into Didi, citing a need to protect national security and the public interest.

Didi is in discussions with Westone Information Industry Inc, which would be the main third-party company to manage its massive data stored domestically as per domestic regulators’ guidance, said two people with knowledge of the matter.

The sources declined to be named as they were not authorised to speak to the media.

Didi, Shenzhen-listed Westone, the CAC, and the State Council Information Office did not immediately respond to Reuters’ requests for comment after regular Asia business hours on Friday.

Westone, which provides information security services and products, counts state-owned China Electronics Technology Cyber Security Co. Ltd as parent and biggest shareholder – making it a preferred candidate for Beijing, said the people.

Didi has submitted proposals to Chinese regulators in recent weeks to allay their concerns, which included bringing in Westone for managing its data across various business lines, said one of the people.

Shares in Didi were up 4% in New York morning trade on Friday, but were still down about 30% from their IPO price.

Didi collects user location and trip route data, for safety and data analysis, and routinely publishes reports illustrating its “big data” analytics, showing, for example, what times people in certain cities finish work, or which employers have the longest work hours.

The company also equips cars with cameras monitoring road conditions, and what is happening in the car, collecting data on 100 billion kilometres of Chinese roads per year. It stores all this Chinese user and roads data on domestic servers.


The discussions with Westone come amid Beijing’s widening crackdown on private companies over antitrust and data security concerns, which has wiped off billions of dollars from the market value of some home-grown companies in recent sessions.

Didi, which has about 377 million annual active users and 13 million annual active drivers in China, provides 25 million rides a day in China to users who sign up through an app that uses a phone number and password.

Bloomberg earlier on Friday reported Didi was considering conceding management of its data to a private third party as part of its efforts to resolve the regulatory probe, without naming the company.

The Westone discussions indicate how Beijing is looking to rein in some major privately-owned companies after years of a more laissez-faire approach, and involve state-backed firms with a view to having firmer control over their operations.

Under the plan being discussed, Westone would be able to access Didi’s servers across the country to track the latter’s data collection, usage and transfers, said the people.

It would also use its advanced encryption algorithm to prevent potential data breaches at Didi, said the second person. Encryption is regularly used to protect and securely transfer information online.

The CAC, which started a review into Didi’s handling of customer data in the middle of its campaign to list in New York, last month called for Didi to stop accepting new user registrations.

The regulator also said Didi’s app “has serious violations of laws and regulations pertaining to the collection of personal information.”

Bringing in a third party to manage and monitor Didi’s data could effectively limit its usage and transfer of onshore data, said the people.

The CAC had also been looking into whether there was a possibility of some of the company’s data ending up in the hands of a foreign entity, given Beijing’s sensitivity about the usage of onshore data, sources have told Reuters.

(Reporting by Julie Zhu in Hong KongEditing by Sumeet Chatterjee and David Holmes)

Be the first to comment

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.