In this article

Traders work during the IPO for Chinese ride-hailing company Didi Global Inc on the New York Stock Exchange (NYSE) floor in New York City, U.S., June 30, 2021.
Brendan McDermid | Reuters

GUANGZHOU, China — China’s government has opened a new battlefront with the country’s technology giants, looking to target their collection and use of data.

On Monday, the Cyberspace Administration of China (CAC) also opened a cybersecurity probe into U.S.-listed Boss Zhipin and subsidiaries of Full Truck Alliance.

It came a day after the CAC ordered app stores in the country to remove ride-hailing service Didi, alleging the company had engaged in the illegal collection and use of personal data. On Friday, the same regulator announced a cybersecurity review into Didi, which just last week carried out a massive initial public offering in the U.S.

The CAC reports to a body that is chaired by Chinese President Xi Jinping.

Beijing has been cracking down on domestic technology giants over the last few months, from the cancellation of Ant Group’s $34.5 billon listing to Alibaba’s $2.8 billion antitrust fine. The focus has very much been on anti-monopoly as well as financial technology regulation.

Now regulators are turning their heads toward data because of its importance to the tech industry, a key driver of economic growth.

“You can’t have a digital economy without strong data privacy protection. And the digital economy is propping up China’s slowing growth,” Kendra Schaefer, a partner at consultancy Trivium China, said.

China’s technology giants have grown into some of the world’s most valuable companies largely unchecked by regulation — but that’s changing.

Since the 2017 Cybersecurity Law, China has had some regulation around data.

But in June, the Data Security Law was passed which defines the rules around how companies collect, store, process and transfer data. It comes into force in September.

A separate piece of legislation called the Personal Information Protection Law is also being worked on. If passed, it will give users more control over their data.

“We can definitely expect to see a lot of user data crackdowns as soon as those two laws are passed,” Schaefer said. “This is definitely another front (of regulation).”

The probes into Didi, Full Truck Alliance and Boss Zhipin are not under these new laws, but existing regulations. While the cases may seem sudden, regulators have been in touch with several technology companies around a number of issues including data regulation and anti-competitive practices.

In April, China’s State Administration for Market Regulation (SAMR) summoned 34 companies including Tencent and ByteDance and told them to conduct self-inspections in order to comply with anti-trust rules.

“It started in April and they (the Chinese government) have given the companies over 100 items of compliance requirements covering many aspects, antitrust, data, advertisement, pricing, and lots of things,” a lawyer that works with Chinese technology firms on compliance told CNBC.

“They (the government) have given them (the companies) so many instructions and clues asking them to improve their compliance system for all of those aspects,” said the lawyer, who wished to remain anonymous due to the ongoing and sensitive nature of the compliance work.