Didi Global fined USD 1.2m for privacy abuse
Occurred: July 2022
Can you improve this page?
Share your insights with us
Chinese ride-hailing company DiDi was fined 8 billion yuan (approximately USD 1.2 billion) for breaching the country’s cybersecurity law, data security law, and personal information protection law.
The Cyberspace Administration of China (CAC) said in that DiDi had been found to have committed 16 law violations, including illegally obtaining 65 billion pieces of passenger information from their smartphones, including facial recognition, home address, phone information, age and employment details, and family relationships data.
In June 2021, the regulator had banned Didi from app stores in China and launched an investigation into its handling of customer data. The CAC's actions wiped tens of billions of dollars from DiDi's market capitalisation. The company later delisted from the New York Stock Exchange.
Didi relies on AI to match customers and drivers, calculate rates and optimise routes.
Databank
Operator: Didi Global
Developer: Didi Global
Country: China
Sector: Transport/logistics
Purpose: Verify identity; Calculate fares; Optimise routes
Technology: Facial recognition; Machine learning
Issue: Privacy
Transparency: Governance
System
Legal, regulatory
Cyberspace Administration of China (2022). 国家互联网信息办公室有关负责人就对滴滴全球股份有限公司依法作出网络安全审查相关行政处罚的决定答记者问
News, commentary, analysis
https://apnews.com/article/technology-china-data-privacy-cheng-wei-d7c76a253e50d5b5aa8218eb1d3cebbd
https://edition.cnn.com/2022/07/21/economy/china-fines-didi-data-law-violation-intl-hnk/index.html
https://www.infosecurity-magazine.com/news/china-fines-didi-data-security/
https://asia.nikkei.com/Opinion/Asian-companies-need-to-be-realistic-about-what-AI-can-do-for-them
Page info
Type: Incident
Published: March 2024