Cybersecurity compliance risks are clear and present for tech companies in China

More unsettling news for US Listed Tech Companies in China this week. Just two days after ride hailing giant Didi was ordered to remove its app from App Stores in China, two more companies, truck-hailing apps operated by Full Truck Alliance and an online recruiting app operated by Kanzhun have now been ordered to stop adding new users. Both companies only went public in the U.S. in June, while Didi IPO'd less than a week ago. 

While existing app users of Didi and the two other companies are not affected, the ban effectively preventing the companies from taking on new users, which will amount to heavy losses in market share and revenue.

Since cybersecurity law came into effect in 2017 China has leapfrogged from being one of the world’s least regulated countries for data regulations to one of the world’s most regulated. With the Data Security Law coming into effect in September this year, and the Personal Information Protection Law expected to pass before the end of the year, data enforcements are expected to intensify further .

The news over the past few days, as reported in the FT this morning, clearly demonstrates the real regulatory risks that tech companies, both domestic and international, may face in China as regulators finetune their approaches and scrutinize sizeable players in the tech space. 

Companies in any sector and of any size are again urged to re-assess and review their data collection, handling, storage and transfer policies and mechanisms to ensure they comply with the relevant laws. 

For global businesses that also operate in other highly regulated economies such as the US and the EU, it is also equally important to recognize that compliance is both regional and global and it is critical to have the support from experts that operate from a global viewpoint.