"New GDPR complaints against Chinese Big Tech question use of European citizens' data", 17 January 2025

Austrian privacy advocates, noyb (None of Your Business), lodged six data protection complaints in five European countries against TikTok, AliExpress, SHEIN, Temu, WeChat and Xiaomi... claiming the Chinese tech giants are unlawfully sending Europeans' data to China.

Noyb has asked Data Protection Authorities to order the companies to suspend the data transfers to China and to slap fines on them. 

... noyb argues that China’s authoritarian government and lack of independent oversight pose a significant risk to the fundamental rights of European users. According to the group, China's legal framework fails to prevent authorities from accessing citizens' data, making the transfer of European data to China a major privacy concern. 

Noyb claims that AliExpress, SHEIN, TikTok and Xiaomi admitted to transmitting data to China in their privacy policy. Meanwhile Temu and WeChat reportedly mention transfers to third countries, which noyb believes is China.  

The privacy advocate had previously requested access to information under GDPR from these companies, but claims none complied with the demand. 

All six companies were contacted by Euronews for comment, but only Xiaomi and TikTok replied. A spokeperson for Xiaomi stated that “Respecting user privacy has always been among Xiaomi's core values (...)Our privacy policy is developed to comply with applicable regulations such as the GDPR”. The company's spokesperson told Euronews that the tech firm was willing to fully cooperate with the authorities to resolve the matter. 

TikTok stated that it has never shared, nor has it been asked to share, European user data with the Chinese government, and emphasised that it would not comply if such a request were made. ...

The complaints are now in the hands of data protection authorities in Austria, Belgium, Greece, Italy and the Netherlands. ...