HONG KONG (Reuters) – Chinese passenger carrier Didi Global is in talks with state-owned information security firm Weston to handle data management and monitoring activities as part of its efforts to set up local regulators, sources said.
China’s largest passenger group has become the target of an investigation by the country’s regulators, just days following it raised $4.4 billion in an initial public offering in the United States.
China’s powerful Cyberspace Administration (CAC) final month launched a cybersecurity investigation related to Didi’s data, citing the need to protect national security and the public interest.
Two people familiar with the matter said Didi is in discussions with Westone Information Industry Inc, which will be the main offshore company for managing its locally stored big data as directed by local regulators.
The sources declined to publish their names because they are not authorized to speak to the media.
Didi, the Shenzhen-listed Weston, CAC and the State Council Information Office did not immediately respond to Reuters requests for comment following average business hours in Asia on Friday.
Westone, which provides information security services and products, counts the state-owned China Electronics Technology Cyber Security. Ltd as the parent and largest shareholder — making it the preferred candidate for Beijing, People said.
One person said Didi has made proposals to Chinese regulators in recent weeks to align their concerns, which included bringing in Westone to manage the carrier’s data across various lines of business.
The discussions come amid Beijing’s growing crackdown on privately owned companies over antitrust and data security concerns, which have wiped out billions of dollars from the market value of some local firms in recent sessions.
Didi, which has about 377 million annual active users and 13 million annual active drivers in China, offers 25 million daily trips in China to users who sign up through an app that uses a phone number and password.
Bloomberg reported earlier Friday that Didi was considering ceding management of its data to a private third party as part of its efforts to resolve a regulatory investigation, without naming the company.
Didi’s discussions with Weston indicate how Beijing is looking to rein in some of the larger privately owned firms following years of a laissez-faire approach, engaging state-backed firms with the goal of gaining stronger control over their operations.
Under the plan being discussed, Weston, which is based in southwestern Sichuan Province, will be competent to access Didi servers across the country to track data collection, use and transmission, the people said.
The second person said that he would also use an advanced encryption algorithm to forbid potential data breaches in Didi. Encryption is regularly used to protect information and transmit it securely across the Internet.
CAC, which began reviewing Didi’s handling of customer data in the middle of its New York listing campaign, final month called on Didi to quit accepting unused user registrations.
The regulator also said Didi “has grave violations of laws and regulations regarding the collection of personal information.”