A logo of Chinese experience-hailing huge DiDi at its headquarters in Beijing, July 2, 2021. /CFP

A symbol of Chinese ride-hailing huge DiDi at its headquarters in Beijing, July 2, 2021. /CFP

Editor’s observe: Kong Qingjiang is Dean of the Faculty of International Law at China College of Political Science and Law. The report displays the author’s viewpoints and not automatically the sights of CGTN.

The Cyberspace Administration of China (CAC), the country’s cybersecurity authority fined journey-hailing giant DiDi Global 8.026 billion yuan (about $1.2 billion) on July 21, 2022 for violation of China’s network stability law, details security law and personal information and facts protection law. The high-quality sets a document substantial of the nationwide security-linked fines imposed by the Chinese authorities. The good is just up coming to the 1 of 18.22 billion yuan that imposed on Alibaba by China’s Point out Administration of Sector Regulation (SAMR) a person year ago for violation of the Anti-monopoly Legislation.

In recent many years, China has emerged as a country with a big number of internet applications. Many on-line platforms like Alibaba and DiDi address pretty much all facets of everyday daily life. These platforms possibly accumulate huge quantities of citizens’ private info, or even have monopolistic entry to person facts in just one or another place. The moment this kind of data or information is leaked, the sanctity of personalized details will be at a chance and if these kinds of knowledge or information is manipulated by foreign powers, nationwide protection will be endangered.

Even though electronic economy is getting to be a new driver of China’s high-high quality development, national security has emerged as a central concern in the political and financial landscape of China. A exceptional reform is hence being carried out to have in area a procedure for cyberspace and details protection. 

From the Cybersecurity Law of 2017, to the Details Stability Regulation and the Particular Information and facts Defense Regulation of 2021, China has formed a legal system that governs network safety, information safety and personalized information and facts safety. 

Whilst the Cybersecurity Regulation entails the all round governance of cyberspace security, focusing on methods such as vital info infrastructure defense, cybersecurity evaluate, and cross-border facts move, the Info Protection Regulation regulates the details defense, advancement and utilization, and the Personalized Info Defense Legislation determines the basic rules and institutional rules for the defense of personalized data.

The Cybersecurity Legislation, Info Safety Legislation and Individual Details Defense Regulation, which represent the 3 pillars of data stability in the state, has shaped the reform agenda in the industry of cyberspace, these kinds of as tightened curbing of cross-border stream of details, misuse and abuse of personal info by way of the cyberspace, as nicely as laws on on the internet platforms.

The colossal penalty showcases, again, how severe the authority is about cybersecurity and data security. The DiDi circumstance was initially announced last calendar year, just days after DiDi’s initial community supplying (IPO) on the New York Inventory Exchange (NYSE). DiDi had arrive less than fireplace soon after it reportedly pushed ahead with its first general public featuring despite fantastic regulatory worries about the impression of cross-border data outflow on nationwide protection.

Alibaba Team was fined for the violation of the Anti-monopoly Regulation in 2021. /CFP

Alibaba Team was fined for the violation of the Anti-monopoly Law in 2021. /CFP

In an clear effort and hard work to appease the regulatory anger, DiDi introduced a lot less than 6 months afterwards that it would delist from the NYSE and made ideas to list in Hong Kong Specific Administrative Location, which is topic to the Countrywide Safety Law.

The DiDi scenario was not the single isolated function. A single yr ago, Alibaba Cloud, the cloud computing subsidiary of Alibaba, was reportedly suspended for 6 months from a national network safety info-sharing platform by the Ministry of Business and Information and facts Technologies (MIIT), China’s web technologies regulator, for failing to report a software package protection glitch.

Alibaba Cloud very first detected and noted the severe Apache Log4j 2 protection glitch to the U.S.-based mostly Apache Software package Basis, but unsuccessful to report the stability hazard to the Chinese regulator inside of the two-working day reporting timespan as essential, failing to correctly help the MIIT to detect network protection threats and vulnerabilities.

The incident was a blow to the company’s trustworthiness and reputation, significantly in conjunction with the unparalleled SAMR anti-monopoly good.

In concluding, the DiDi scenario, as well as some others, have constantly despatched warnings to other domestic and international technological innovation businesses in China: whilst they should put network security first above small business, they need to not undervalue the Chinese authorities’ motivation to safeguard cybersecurity. 

If they overlook their obligations of cyber safety, info stability, and personal data security in accordance with applicable legal guidelines and restrictions and the demands of regulatory authorities, the regulatory storm will arrive in its personal way. For the objective of safeguarding national security and marketing the healthful progress of the digital financial state, “much too major to fail” has no location in front of cyber safety and information safety.

(If you want to lead and have certain abilities, make sure you get in touch with us at [email protected]. Follow @thouse_views on Twitter to uncover the most current commentaries on CGTN Viewpoint Segment.)