Non-profit privacy group None of Your Business (noyb) has filed formal complaints against six major companies—TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi—accusing them of illegally transferring European user data to China.
The allegations include violations of the European Union’s General Data Protection Regulation (GDPR), which strictly controls user data handling.
Founded by Austrian activist Max Schrems, noyb targets companies that compromise user privacy through unlawful data practices. On behalf of affected users in those regions, the group submitted complaints to data protection authorities in Greece, Italy, Belgium, the Netherlands, and Austria.
The complaints argue that China’s government collects and processes user data without proper safeguards, a practice that conflicts with EU laws. GDPR rules require strict protections for any data transferred outside the EU, including evidence that such data will remain secure. According to noyb, the six companies violated key GDPR provisions, particularly data transfers and impact assessments.
Kleanthi Sardeli, a data protection lawyer with noyb, emphasized that China’s surveillance policies make it impossible for the country to meet the EU’s data privacy standards. The group also highlighted Xiaomi’s transparency reports, which reveal the company’s obligation to grant Chinese authorities “unlimited” access to personal data. Additionally, European users of these platforms have reportedly had their data access requests ignored, violating their GDPR rights.
The complaints include specific targets across five countries: TikTok and Xiaomi in Greece, SHEIN in Italy, AliExpress in Belgium, WeChat in the Netherlands, and Temu in Austria. Noyb is urging authorities to suspend all data transfers to China and enforce GDPR compliance. If proven guilty, these companies could face hefty fines—up to 4% of their global revenue. For Xiaomi and Temu, this could amount to $1.75 billion and $1.35 billion, respectively.
As of now, the six companies have not responded to the allegations. Further updates are awaited as investigations progress.
