The headquarters of DiDi in Beijing Photo:VCG

The Cyberspace Administration of China (CAC) announced on Sunday that it has ordered app stores to remove the country's most widely used ride-hailing app, Didi Chuxing, due to its serious violations of laws and regulations in the collection and use of personal data. It also told Didi to rectify its problems. 

The announcement immediately won public support. According to media reports, Didi controls at least 80 percent of China's ride-hailing market share. No wonder the public is so concerned about how Didi uses the personal information it has collected over the years.

The internet era has provided people with all kinds of convenience. However, personal information security has become fragile. Whenever a person uses a service, personal data of what they did will be collected and stored. We often face situations that force us to allow our personal information to be used. And we have no choice to refuse. 

The reality is, our personal data, some of which is very private, is incorporated into databases of big companies - and we don't know whether these companies will jeopardize our security.

Didi Chuxing is a high-tech internet company and it has played an active role in popularizing the ride-hailing service in China. But at the same time, it controls the most detailed personal travel information among all the big internet companies operating in China.

The official CAC announcement said Didi has engaged in serious violations of laws and regulations to collect and use personal data. This is worrisome. Didi seems to be able to analyze a person's behavior and habit with big data. This poses potential data risks to individuals.

When it comes to collecting information, it is hoped that internet giants stick to the principle of minimization rather than capturing everything they can. Many people suspect that certain internet companies have taken too much personal information. Commercial use of personal information is a light violation of rights. If certain information is leaked, it may bring unexpected trouble and impact on some people.

People do not know how Didi has seriously violated laws and regulations by collecting information. The Chinese government felt it necessary to step in to protect personal information. This boosts public confidence. 

More importantly, the government will not allow internet giants to become rules-makers of data collection and usage. The standards must be in the hands of the government to ensure that giant companies are restrained when they collect personal data and stick to the principle of minimization. No internet giant is allowed to become a super data base that has more personal data about the Chinese people than the country does, not to mention using the data at its own will.

For companies like Didi which have gotten listed in the US market and whose largest and second-largest shareholders are foreign companies, China should more strictly supervise their information security to protect both personal data security and national security. Supervision does not mean restricting development. Only when risks are excluded, users can feel at ease. This makes future market space much larger.