Baidu has issued a statement after the recent information leak that caused a stir on Chinese social networks. Photo: SCMP .

Baidu, China's top search engine and a pioneer in artificial intelligence (AI), has denied violating user privacy following a leak involving the daughter of a senior executive.

The Beijing-based company stressed its “zero tolerance” policy towards violations of user privacy and asserted that it maintains strict measures on data anonymization and access control.

Baidu held a press conference the following day, chaired by Chief Security Officer Chen Yang, to reiterate its stance. The company said the leak originated from an overseas database from which information had been illegally collected.

The post revealed Baidu user information, believed to belong to the daughter of Baidu Vice President Xie Guangjun. Photo: QQ.

The incident began when the 13-year-old daughter of Baidu Vice President Xie Guangjun was accused of using confidential information such as other people's real names, ID numbers, and IP addresses to discuss a K-pop idol on social media. On March 17, Mr. Xie posted a public apology for his daughter's actions on his personal WeChat account.

The incident has raised concerns about data privacy among users and poses potential business risks, especially for a cloud storage and AI chatbot company like Baidu.

The company stressed that no executives or employees are allowed to access users' personal data, and condemned “online behavior that involves stealing and disclosing other people's personal information.”

The scandal has dampened public interest in Baidu’s two new AI models, ERNIE 4.5 and ERNIE X1. Shares of the company, which is listed in New York, fell 4% on March 20.

In an effort to restore public trust amid increasingly fierce competition among AI services in China, Baidu has set up a dedicated fund to combat cybercrime and announced plans to form an alliance to combat illegal data theft and leaks.

Data leaks are a major problem in China, exacerbated by massive data collection by the government and businesses. China’s Ministry of Public Security revealed that in 2024, authorities handled more than 7,000 cases involving personal data breaches.

Chen Mingjie, a lawyer at ZHH Law Firm, said such behavior could result in damage to reputation, safety, and criminal and civil liability.

In Baidu's case, the leaked data originated from overseas databases, complicating the evidence collection and trial process, he said.

Meanwhile, criminal law expert Lao Dongyan from Tsinghua University shared that it would be difficult to deal with the problem of information leakage at its root. Instead, companies need to apply stricter controls right from the data collection stage.