A privacy complaint filed by Austrian advocacy group Noyb has brought attention to the issue of Chinese companies allegedly transferring European Union (EU) user data to China, a practice that is being contested under the EU’s General Data Protection Regulation (GDPR). The complaint names prominent Chinese firms such as TikTok, Shein, Xiaomi, AliExpress, Temu, and WeChat, with Noyb accusing them of unlawfully transmitting EU citizens’ personal information to China, where data protection standards may not meet EU requirements.

Noyb, which has a history of filing complaints against major American tech companies like Apple and Meta, stated that this marks its first legal action against Chinese firms. The advocacy group has submitted complaints in multiple EU countries, including Greece, Italy, Austria, Belgium, and the Netherlands, and is seeking to halt data transfers to China, with penalties that could reach up to 4% of a company’s global revenue. The primary concern is that China’s data protection laws are not as stringent as the EU’s, and data transfers to an authoritarian state pose risks to user privacy.

The complaint draws from the transparency reports and documents of several companies, including Alibaba’s AliExpress, TikTok, Xiaomi, and Shein, which have acknowledged sending user data to China. Additionally, companies like Temu and Tencent’s WeChat are alleged to transfer data to “third countries,” which Noyb suggests is likely China, though no explicit confirmation has been provided.

Noyb’s allegations are rooted in the GDPR, which stipulates that personal data can only be transferred outside the EU if the receiving country offers equivalent protections. Given China’s reputation as an authoritarian state with a surveillance-oriented approach, many argue that it does not provide the same level of data protection that the EU mandates. Kleanthi Sardeli, a data protection lawyer at Noyb, emphasized that sending personal data to China is unlawful under these circumstances, urging an immediate suspension of such transfers.

The Chinese government, however, has denied these claims, asserting that it does not require businesses to collect or share foreign data in violation of local laws. A spokesperson for the Ministry of Foreign Affairs reaffirmed China’s commitment to protecting data privacy and security in accordance with national regulations.

This complaint is part of a broader trend of scrutiny faced by Chinese tech firms in global markets, particularly TikTok, which has been in conflict with regulators in the US and Europe. The EU has been investigating TikTok over concerns related to election interference, while the US is set to enforce a federal ban on the app due to national security concerns.

The legal actions taken by Noyb reflect growing concerns about privacy and data security in the digital age, particularly in relation to global data flows between regions with differing regulatory environments. As these cases develop, companies involved may face significant challenges, with the potential for massive fines and disruptions to their operations in the EU.

(Adapted from Asia.Nikkei.com)