Alibaba Group Holding Limited
Headquartered in China, Alibaba runs China’s largest e-commerce platform, alongside cloud computing, video streaming, food delivery, and various other services. It had 891 million active users in China in 2021. Alibaba derives the largest share of its revenues from e-commerce.
Over the past 15 years, Alibaba has built a sprawling tech empire that began with an online retail platform and then extended to mobile payment, cloud computing, entertainment, and mass media services. Like its Chinese peers, Alibaba has faced both regulatory and soft pressure amid China’s crackdown on the tech sector that has targeted issues ranging from antitrust actions to data protection. In November 2020, the Shanghai stock exchange called off the USD $37 billion IPO of Ant Group, the sister company of Alibaba, as a prelude to China’s crackdown on the tech sector. Alibaba's own IPO in 2014 was the biggest in history and established a skewed voting structure that favored company insiders over ordinary shareholders.
In 2021, the company was fined by Chinese authorities a record USD $2.75 billion for "abusing market dominance" by preventing its merchants from using online e-commerce platforms other than its own platforms. Moderation of merchandise on Taobao has been a persistent challenge: H&M was banned from Taobao in March 2021 after the Swedish clothing retailer publicly refused to buy cotton produced in China’s western Xinjiang region, owing to reports of forced labor and other human rights abuses against Uyghur Muslims and other ethnic minorities. The platform also was summoned by the Cyberspace Administration of China (CAC), China’s top internet regulator, for “inappropriate child-related content.”
In our research, we found that Alibaba failed to publish any data about actions it took to enforce content rules, nor did it provide sufficient information about its processes for responding to government demands to restrict content and accounts. In contrast to Chinese peer companies Tencent and Baidu, it provided a relatively understandable mechanism for appealing content-moderation decisions for its e-commerce platform Taobao. But given the regulatory environment in which it operates, Alibaba is unlikely to accept appeals for cases that are politically sensitive or otherwise go against official sentiment.
The company’s overall performance on our privacy indicators declined slightly, though China’s new laws on privacy and cybersecurity also led to some small improvements. Taobao began allowing users to opt out of its browsing recommendation system, in accordance with China’s new Personal Information Protection Law, and Alibaba committed to notify users and the public if a data breach should occur. After Alibaba failed to report a major software vulnerability in a timely manner, a requirement of China’s Cybersecurity Law, the government suspended its cybersecurity partnership with the company in late 2021. Like its Chinese competitors, Alibaba did not engage with RDR during the company feedback phase of our research.
The 2022 Big Tech Scorecard covers policies that were active on November 1, 2021. Policies that came into effect after November 1, 2021, were not evaluated for this ranking.
Scores reflect the average score across the services we evaluated, with each service weighted equally.
We rank companies on their governance, and on their policies and practices affecting freedom of expression and privacy.
Alibaba earned the lowest governance score of all the companies we evaluate. It did not disclose a commitment to protect human rights (G1) and failed to provide any evidence of conducting human rights impact assessments for any of its products or services (G4). Although it allowed sellers and buyers to appeal if their listings, content, or accounts were restricted, it did not provide a channel for its users to file complaints regarding their freedom of expression concerns (G6a).
Alibaba was not transparent about its policies affecting freedom of expression. It was transparent about its ad-content rules and how it enforces them (F3b), but it lacked transparency about its ad-targeting rules (F3c) and failed to publish any data about the actions it takes to enforce them (F4). It was more transparent about its use of algorithms to curate, rank, and recommend content than most other companies we rank, although its disclosures lacked clarity about how these systems work and what options users have to control them (F12).
While Alibaba failed to sufficiently inform users about how it handles their information (P3–P9), it was more transparent about its security policies (P13–P16). Along with Baidu and Yahoo, it earned the highest score for its process for responding to data breaches (P15). It also earned full credit for its internal measures to keep user information secure (P13). However, the company’s encryption policies were weak, as it did not disclose whether it uses a unique key in communication transmission or end-to-end encryption to protect users’ private content (P16).