Abstract
China is emerging as a leader in artificial intelligence and data collection, particularly for its pre-eminence in facial recognition technology. This network offers significant benefits for public security – it expedites investigations, aids in precise identification of criminals, and assist in crime prevention measures. However, the extensive collection of biometric data engenders concerns about the potential infringement upon individual privacy rights through its possible misuse. In 2025, Didi Global Inc (‘Didi’), a multinational company, received the highest regulatory penalty to date in a data protection lawsuit within China. The Cyberspace Administration of China (‘CAC’), the country's data protection regulator, did not disclose the specific provisions of Chinese or international law that had been breached. To address this gap, this article analyses Didi's case and identifies the national and international laws infringed. It also offers a comparative examination of Chinese laws and international standards such as International Human Rights and European Union's General Data Protection (‘GDPR’), underscoring the gaps and areas for improvement. This article underscores the importance of robust compliance with data protection laws to prevent unlawful data practices by multinational corporations across the Asia-Pacific region and serves as a call to action for global organizations to prioritize data privacy and security.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call