Author: Juan Du, University of Sydney
The responses of Chinese regulators to initial public offerings (IPOs) by the country’s homegrown tech companies have made headlines beyond financial markets. With memories of the paused IPO and anti-trust investigations into Jack Ma’s Ant Group still fresh, regulators launched a series of investigations into Didi Global, China’s biggest ride-hailing company, within days of its IPO in New York on 30 June 2021.
Some media reports about the regulatory actions are skewed towards speculation about the Chinese Communist Party’s tightened grip over the tech giants. But based on public information, the accumulation of user data is a common theme in the investigations into Ant Group and Didi Global.
Like oil giants last century, big tech companies are facing growing challenges from states over their monopoly on user data. Super platforms act as basic infrastructure for the digital economy, enabling everything from the production to the distribution and consumption of digital services. Empowered by data, these platforms offer innovative solutions to digitalising traditional sectors. But they also enjoy higher pricing and bargaining power, hampering market competition, innovation and consumer interests.
In April 2021, Alibaba took a hefty penalty from Chinese regulators in the wake of anti-trust investigations. According to regulators, the company controlled over half of China’s online retail between 2015 and 2019. Since 2015, Alibaba has required merchants to choose between its platform and competitors’, using data and algorithms to implement this ‘pick one from two’ strategy — a violation of Chinese anti-trust law.
Alibaba was also accused of other data-related monopolistic behaviour. Its data-driven solutions, such as tailored search results for customers, make it difficult for merchants to switch platforms without losing their customer base, transaction records and review histories.
National security is also a concern when examining firm behaviour in cross-border exchanges of data. The probe into Didi Global was grounded in China’s National Security and Cybersecurity Laws, under which IPO-related cross-border activities require critical infrastructure operators to first seek evaluation from ad hoc Chinese regulators to pre-empt national security risks.
Two more companies came under scrutiny on the same grounds. Both control the personal data of millions of Chinese users and were recently listed in the US stock market. One of the companies, like Didi, manages large amounts of data on user identification and contact information, flow of vehicles and people and China’s transportation infrastructure.
Chinese regulators made revisions to the Cybersecurity Review Measures days after investigations into Didi. These made it compulsory for operators handling the data of over one million users to register with the cyberspace regulator for safety-related reviews before listing overseas. The cyber security examination will be undertaken by 14 Chinese regulators, and the securities regulator is the latest addition to this mechanism. The revisions referred to the Data Security Law, which will come into effect in September 2021.
The revisions are a typical case of policymaking lagging behind developments in industry. But when it comes to national security, countries often decide that it is better safe than sorry, as evidenced by the escalating screening of foreign investment in critical infrastructure by the United States, Japan, Australia and the European Union.
Didi’s treatment sent a ripple through the tech industry. Some tech companies like Meicai chose to delay their planned overseas IPOs to adjust to the new compliance requirements. Venture capitalists may have second thoughts over regulatory risks when investing in Chinese tech start-ups and see it as a hurdle for cashing in on their initial investments through IPOs. Chinese tech companies may be less favoured after foreign investors were spooked by the consecutive drops of Didi’s share price. Some firms may choose to instead list on the Hong Kong stock exchange.
Despite the chaos, there are some positives. The regulations restrain tech companies from illegal collection and use of data. Since 1 May 2021, companies have been prohibited from collecting data without consent beyond defined basic personal information. Big firms are more careful about monopolistic practices. The rival Chinese super platforms, WeChat and Alipay, are reported to be considering opening their ecosystems to each other and ending some…