What the Didi fiasco reveals about China’s fealty to markets

At first blush, Beijing’s probe into Didi looked like an act of political retribution. After all, Didi, China’s most popular ride-hailing app, listed on the New York Stock Exchange on the eve of celebrations marking the centennial of the Communist Party’s founding. We now know that Didi went ahead with the IPO despite regulators’ warnings about possible network security risks. That the Uber of China chose its foreign investors over its Beijing Party guardians — close to their birthday no less — amounted to an act of rebellion. The punishment was swift and severe — redolent of Ant Financial’s fate last fall after Jack Ma’s overzealous speech at the Shanghai Bund.

Two days after Didi’s IPO, the Cyberspace Administration of China (CAC) placed the company under investigation for flouting data security protocols (in Chinese). It ordered app stores to remove Didi from its platform. In the following days, the probe’s scope broadened: Two more U.S.-listed Chinese companies — freight-logistics app Full Truck Alliance and recruiting platform Kanzhun — were hit with similar investigations and app freezes.

Days after the app suspensions, reports found that China’s market regulators were seeking to revise rules on overseas listings so that companies using the so-called Variable Interest Entity (VIE) structure must seek permission from Beijing before going abroad. Before 1994, Chinese state laws barred media and internet companies from access to overseas capital, so they relied on a loophole: The VIE allows Chinese companies to technically own operations in China, while all the benefits of ownership are held by an overseas entity. On Saturday, a draft rule was published that mandates a security review (in Chinese) for companies listing overseas that hold personal data of over 1 million individuals.

For over a decade, hundreds of Chinese tech companies — Alibaba, Tencent, Baidu, and Sina among them — thrived on the VIE model. The current age of “China tech” could not have existed without it and Beijing knows this. But signs of dissatisfaction arose early. In 2010, Alibaba faced a similar run-in with regulators when it spun off its Alipay business into a domestic entity, not included in its VIE contracts, in anticipation of legal trouble. The move infuriated Alibaba’s foreign shareholders. “I still don’t know what a VIE is!” protested Jack Ma in a speech at Stanford months later.

The Alipay incident brought the competing demands of foreign investors and state regulators into sharp relief. In October 2012, China’s Supreme Court rendered a contractual agreement similar to the VIE model void. The decision, as two lawyers put it, signaled a “negative attitude” by the highest court and “[clouded] the future of VIE structures.” In 2015, the State Council issued draft rules that ostensibly abolished the VIE system wholesale, with one analyst decrying the VIEs “Dead. Done. Over.” Nonetheless, the system survived. But Beijing’s actions last week suggests it is revisiting those earlier debates. Didi did not create new problems, it simply rehashed old ones.

China does not want U.S. regulators looking under the hood

Didi is not the only catalyst of last week’s events. Another source of Beijing’s anxieties lies in U.S. efforts to pry the financial books of its public companies open. Chinese state secrecy laws prohibit U.S.-listed Chinese companies from handing over some financial documents to U.S. auditors. That has led Marco Rubio, a Republican senator from Florida, to call Didi’s IPO “reckless and irresponsible.” “American investors have no insights into the company’s financial strength,” Rubio told the Financial Times last week. “That puts the investments of American retirees at risk.” In December 2020, the U.S. passed the Holding Foreign Companies Accountable Act, which would force Chinese companies to comply with auditing requirements or face a delisting after three years. (A newly passed Senate bill shortened the compliance period to two years.) A view is forming in the Beltway that Chinese companies hide their financials so as to swindle U.S. investors.

Washington’s mounting pressure toward transparency triggers one of Beijing’s worst nightmares: that foreign adversaries could abuse their leverage over companies like Didi to access its vast troves of personal data for their intelligence agencies. Financial data might seem a far cry from personal data, but Beijing has concluded that when it comes to the U.S., nothing is guaranteed. For Didi, whose data provides transportation routes of all major urban centers and the movement patterns of half a billion citizens, Beijing does not want to leave anything up to chance.

The Trump administration made a symmetrical decision last year when it banned WeChat and TikTok. The rationale was also based on data security: Given the broad powers afforded to Chinese authorities to intervene in private enterprises, there was no guarantee that the viewing habits of millions of American could be used for nefarious purposes. But China, too, has good reasons. Edward Snowden’s revelations in 2012 confirmed a long-held belief in Beijing that the United States was a bad faith actor in the international community. It engaged in offensive cyberoperations against Chinese companies like Huawei, it surveilled its own citizens, and it exploited private tech companies as “back door” channels. Didi’s data, even if it may be safe now, would be too desirable an asset for U.S. security officials not to break some rules.

“The U.S. has demonstrated its ability to put enormous pressure — national-security-risk-level pressure — on Chinese companies beyond its shores,” said Tom Nunlist, a policy analyst at Trivium. “It’s understandable that the Chinese government would want to assess all the risk scenarios, and not only the possibility of data transfer during the IPO.”

That both countries appear willing to compromise capital for national security is a stark reminder that free markets have always been a negotiation — a privilege, not a right. “Before, entrepreneurs asked for forgiveness instead of permission,” said Duncan Clark, author of Alibaba: The House That Jack Ma Built. “That game has changed.” Now the conditions for market freedom appear to be compliance with a data security law passed in June. “Chinese internet companies must step out of the comfort zone of barbaric growth,” writes former internet entrepreneur Fāng Xìngdōng 方兴东 in the Global Times (in Chinese). It must “adapt to China’s new institutional environment and the basic requirements of network governance.”

China’s move to rein in its tech firms for the good of the state may seem anathema to basic American beliefs about how companies should operate. But it was not so long ago that Americans, too, demanded a higher loyalty of their enterprises. In 1968, before the country was swept up by a new libertarian dogma, 70% of Americans agreed, in a survey, that businesses should “strike a fair balance between profit and the interests of the public.” Two years later, that number plummeted to 33%. But the more social-democratic America believed that businesses held responsibilities not just to shareholders, but also to the community, and society writ large.

In China, the higher loyalty of enterprises is to state priorities, which include the control of information flows, the protection of personal data, and respect for territorial sovereignty. Just as American executives seem cruel when acting solely in the name of profit, Chinese companies conjure the ghost of Western capitalists when they forget their political prerogatives. Now China is asking that they remember.