(Bloomberg) -- Alibaba Group Holding Ltd. was the victim of a months-long web-scraping operation by a marketing consultant that siphoned up sensitive data including usernames and phone numbers, according to a court case that wrapped in June.
A central Chinese court ruled that an employee of a consultant that helps merchants on Alibaba’s Taobao online mall was guilty of dredging up more than a billion data items on Taobao users since 2019, using that to serve clients. The court imposed jail terms of more than three years on the staffer and his employer, alongside fines totaling 450,000 yuan ($70,260).
None of the customer data was sold and Alibaba’s users didn’t incur financial losses from the episode, the company said in a statement. The incident however coincides with Beijing’s widening effort to tighten the ownership and handling of troves of information that internet giants from Alibaba to Tencent Holdings Ltd. and Meituan hoover up daily from hundreds of millions of users.
“Taobao devotes substantial resources to combat unauthorized scraping on our platform, as data privacy and security is of utmost importance. We have proactively discovered and addressed this unauthorized scraping,” a Taobao spokesperson said in a statement. “We will continue to work with law enforcement to defend and protect the interests of our users and partners.”
Shares of the e-commerce giant declined more than 1% in Hong Kong trading on Wednesday.
Read more: China’s New Data Law Gives Xi the Power to Shut Down Tech Firms
Xi’s administration has tightened control over the hoard of information produced by the nation’s tech companies, part of efforts to position China as a leader in big data while curbing the growing influence of its largest private firms. The government has been pouring money into data centers and other digital infrastructure to make electronic information a national economic driver and help shore up the Communist Party’s legitimacy.
China’s new data security regime goes into effect on Sept. 1, giving Xi’s administration the power to shut down or fine tech companies found mishandling “core state data.” The legislature is also drafting personal information protection legislation that is expected to be adopted this year.
That push parallels debates in the U.S., where lawmakers have called for breaking up internet titans like Facebook Inc. and Alphabet Inc., and in Europe, where regulators have prioritized anti-trust actions and giving users more control over data. President Joe Biden ordered a security review of foreign software applications Wednesday after revoking Trump administration bans on the Chinese-owned apps TikTok and WeChat that had faced opposition in U.S. courts.
(Updates with shares in fifth paragraph.)
More stories like this are available on bloomberg.com
Subscribe now to stay ahead with the most trusted business news source.
©2021 Bloomberg L.P.