Regulator faults Didi for violating data rules

China's cyberspace administration said on Sunday that it had ordered smartphone app stores to stop offering the ride-hailing firm Didi Global Inc's app after finding that Didi had illegally collected users' personal data.

The Cyberspace Administration of China said on its social media feed that it had ordered the Beijing-based company to make changes to comply with Chinese data protection rules.

Didi responded by saying it had stopped registering new users and would remove its app from app stores. It said it would make changes to comply with rules and protect users' rights.

Didi's app was still working in China for people who had already downloaded it. It offers over 20 million rides in China every day, on average.

Didi debuted on the New York Stock Exchange last Wednesday following a US$4.4 billion initial public offering. On Friday, CAC announced an investigation into Didi to protect "national security and the public interest," prompting a 5.3 percent fall in its share price to US$15.53.

The cybersecurity review can be wrapped up within 45 working days under normal conditions, or be extended by 15 working days when it comes to sophisticated scenarios.

Didi, which offers services in more than 15 other markets, gathers vast amounts of real-time mobility data every day. It uses some of the data for autonomous driving technologies and traffic analysis.

The company has already been subject to regulatory probes in China over safety and its operating license.

Didi had set out relevant Chinese regulations in its IPO prospectus and said: "We follow strict procedures in collecting, transmitting, storing and using user data pursuant to our data security and privacy policies."

China has stepped up inspections on apps following netizens' concerns about excessive personal information collection.