July 21, Cyberspace Administration of China (CAC) published its decision to inflict administrative penalties of RMB 8.026 billion on Didi Global Co., on account of the network security investigation. After the one-year investigation, CAC found that Didi had conducted 16 illegal acts in eight aspects, including excessive collection of user album screenshots, clipboard information, passenger face recognition information, and other excessive acquisition and processing of personal information. Additionally, the investigation also found that the company severely interfered the national security data processing activities, as well as other illegal acts such as refusal to fulfill the exact requirements of the regulatory authorities, malicious evasion of supervision. Based on the identification of Didi’s conducts and the offenses, to keep in accordance with the Cybersecurity Law, the Data Security Law, the Personal Information Protection Law and other laws and regulations, CAC imposed a fine of RMB 8.026 billion on the company and a fine of RMB 1 million each on its CEO, president, respectively.