China has ordered ride-hailing service provider Didi Chuxing off the country’s app stores until future approval after correction and review, just two days after launching a cybersecurity review into the company and four days after its blockbuster initial public offering (IPO) in New York. The Cyberspace Administration of China (CAC) said in a short statement on Sunday that Didi’s app, often referred to as the Uber of China, has seriously violated the country’s laws and regulations through the improper collection and usage of user information. As such, the agency has told China’s app stores to remove the app indefinitely, one of the harshest punishments for an internet company. It has also ordered Didi to take corrective measures and to comply with regulations, a hint that it could be restored to app stores in the future. The punishment comes after the cyberspace security review office, an obscure unit of the powerful administration, announced a review into Didi on Friday, saying it had stopped Didi from registering new users, which was announced the same week of Didi’s IPO on the New York Stock Exchange. The ride-hailing firm, which trades in New York as Didi Global Inc, raised US$4.44 billion by selling 316.8 million American depositary shares at US$14 each. They started trading on June 30, rising to as high as US$18.01 and fell on Friday to US$15.53, after news about the regulatory review. Didi has stopped new user registrations as of July 3, but existing users who have already installed the app, including passengers and drivers, can continue to use it, according to a statement posted on the company’s official Weibo account late Sunday. The company also thanked Chinese regulators for helping it investigate risks and promised to make a serious effort to rectify any wrongs by protecting “user privacy and data security”. The reason for the investigation into Didi, first announced on Friday, remains unclear. The firm, like many lifestyle services, collects information such as telephone numbers, payment information, real-time location and travel routes, as well as drivers’ identity card information for authentication and verification purposes. Didi is under investigation by China’s cyberspace administration Zhai Wei, a law professor at East China University of Political Science and Law in Shanghai, said the statement on Sunday has revealed that Didi has serious problems in collecting and using users’ personal information. “This shows that the supervisory authority has at least confirmed that Didi has violated the users’ information rights. This behaviour not only violates the cybersecurity law but also violates the personal rights of users, which may trigger lawsuits from users,” Zhai said. It is also not clear whether the punishment on Sunday is directly related to the security review. In its brief statement on Friday, the CAC said the probe was launched “to prevent risks regarding national data security and to maintain national security”. The office said the probe was conducted in accordance with the National Security Law, the Cybersecurity Law and the Measures for Cybersecurity Review, but it did not mention any specific clauses Didi is suspected of violating. The probe marks the first time Beijing has publicly cited national security as a reason for launching an investigation into one of the country’s tech giants. In Didi’s filing to the US Securities and Exchange Commission (SEC) ahead of the New York listing, the company highlighted the risks posed by increasingly active regulators, especially in the areas of antitrust and privacy protections, going so far as to say the business could be “materially and adversely affected”. Under China’s Measures of Cybersecurity Review, which went into effect in June 2020, Beijing has many possible reasons to target a company: the misuse or destruction of information infrastructure, mishandling of data, or even supply interruptions resulting from “political, diplomatic and trade factors”. A review generally takes up to 45 working days to complete, but that period can be extended. The time spent preparing documents submitted by the target of the investigation is not counted as part of the 45 working-day review period. Big Tech companies have recently faced mounting regulatory pressure from Beijing in other areas, most notably from multiple antitrust-related investigations and fines . The State Administration of Market Regulation has been busy looking into monopolistic behaviour and price irregularities. At the same time, China’s Ministry of Industry and Information Technology has regularly named and shamed apps for misconduct in collecting user information and other wrongdoings. In the latest batch announced on June 8, the ministry named 83 apps with problems including Microsoft’s suite of mobile office apps . Didi’s removal from app stores sparked wide discussion on China’s social media. A topic on Weibo related to the news has been viewed more than 510 million times as of Sunday evening. “If Didi really leaked our information, the punishment of removing from app stores is too light,” another Weibo user commented. Some are worried about how they will get around without the service. “Am I going to delete Didi? But our city is dominated by Didi, it‘s hard to find a replacement, ” a Weibo user commented.