GDPR Complaints Filed Against Chinese Technology Companies ⇥ noyb.eu
Today, noyb has filed GDPR complaints against TikTok, AliExpress, SHEIN, Temu, WeChat and Xiaomi for unlawful data transfers to China. While four of them openly admit to sending Europeans’ personal data to China, the other two say that they transfer data to undisclosed “third countries”. As none of the companies responded adequately to the complainants’ access requests, we have to assume that this includes China. But EU law is clear: data transfers outside the EU are only allowed if the destination country doesn’t undermine the protection of data. Given that China is an authoritarian surveillance state, companies can’t realistically shield EU users’ data from access by the Chinese government. After issues around US government access, the rise of Chinese apps opens a new front for EU data protection law.
This is exactly why data privacy laws are so important. If everyone has a minimum expectation of privacy, it is possible to point to specific violations and correct for them in a fair and standard way. It also makes it easier to respond to new potential threats.