Traders work on the floor of the New York Stock Exchange (NYSE) in New York City, United States during the IPO of Chinese ride-hailing company Didi Global Inc on June 30, 2021.

Brendan McDermid | Reuters

China’s tech giants have grown into some of the most valuable companies in the world that are largely unbridled – but that’s changing.

Since the Cybersecurity Law of 2017, China has had some data regulations.

In June, however, the Data Protection Act was passed, which defines the rules for how companies collect, store, process and transfer data. It comes into force in September.

A separate law, the law on the protection of personal data, is also being worked on. If passed, it gives users more control over their data.

“We can definitely expect that many raids on user data will take place as soon as these two laws are passed,” said Schäfer. “This is definitely a different front (of regulation).”

Read more about China from CNBC Pro

The investigations against Didi, Full Truck Alliance and Boss Zhipin are not subject to these new laws, but to existing regulations. While the cases may appear suddenly, regulators have contacted several technology companies on a number of issues, including data regulation and anti-competitive practices.

In April, China’s State Administration for Market Regulation (SAMR) summoned 34 companies, including Tencent and ByteDance, asking them to conduct self-inspections to comply with antitrust regulations.

“It started in April and they (the Chinese government) have given companies over 100 compliance requirements that cover many aspects, antitrust, data, advertising, pricing and more,” a lawyer who works with Chinese tech companies on compliance said CNBC.

“They (the government) have given them (the companies) so many directions and pointers asking them to improve their compliance system for all of these aspects,” said the attorney, due to the persistent and sensitive nature of compliance work.