Stay ahead with breaking tech news, gadget reviews, AI & software innovations, cybersecurity tips, start‑up trends, and step‑by‑step how‑tos.
TikTok, AliExpress, WeChat Accused of GDPR Violations: Data Access Requests Ignored or Deficient
Brussels, Belgium – In a significant escalation of data privacy enforcement, Austrian digital rights organization NOYB (“None of your business”) has launched complaints against three major Chinese tech companies – TikTok, AliExpress, and WeChat – alleging violations of the General Data Protection Regulation (GDPR). This breaking news comes as NOYB, famed for its successful challenges against US tech giants like Google and Meta, expands its focus to address data privacy concerns with companies operating outside the US.
What’s Happening? The Core of the Complaints
At the heart of the issue is Article 15 of the GDPR, which grants individuals the right to request a copy of all personal data held about them by a data controller. NOYB activists submitted data access requests to TikTok, AliExpress, and WeChat, but the responses were, according to the organization, deeply inadequate. TikTok reportedly provided incomplete and disorganized data, AliExpress sent a corrupted file, and WeChat completely ignored the request. Even follow-up inquiries failed to yield the missing information.
“It’s incredibly frustrating to see these companies treat user data requests with such disregard,” says a spokesperson for NOYB. “The GDPR is clear: you have the right to know what information these platforms are holding about you. Ignoring or obstructing that right is a clear violation.”
NOYB: A History of Taking on Tech Titans
NOYB was founded by privacy activist Max Schrems, who previously invalidated the EU-US Privacy Shield agreement in 2020, a legal framework used by companies to transfer data between the EU and the US. This landmark case highlighted the risks to EU citizens’ data when transferred to countries with different privacy standards. NOYB’s track record demonstrates a willingness to challenge even the largest corporations to uphold data protection rights.
Potential Consequences: Millions in Fines Loom
The complaints, filed with data protection authorities in Belgium, Greece, and the Netherlands, demand that these authorities enforce the right to information and consider imposing substantial fines. Under GDPR, penalties can reach up to 4% of a company’s annual global turnover. For TikTok, AliExpress, and WeChat, this could translate into fines totaling hundreds of millions of euros.
Beyond the Complaints: Stiftung Warentest Raises Further Concerns
This isn’t the first time these companies have faced scrutiny. Independent consumer organization Stiftung Warentest has previously identified significant data protection deficiencies in both AliExpress and WeChat, specifically within their privacy policies. These findings add further weight to the concerns raised by NOYB.
What Does This Mean for You? Taking Control of Your Data
This situation underscores the importance of understanding and exercising your data privacy rights. The GDPR isn’t just a set of rules for companies; it’s a framework designed to empower individuals. You have the right to access, rectify, and even delete your personal data held by organizations.
Want to learn more? You can find sample letters for requesting your data and initiating deletion requests in our comprehensive report on the right to information under GDPR. It also features an insightful interview with NOYB co-founder Max Schrems, offering a deeper dive into the fight for digital privacy.
The actions taken by NOYB are a crucial step in holding these companies accountable and ensuring that user data is treated with the respect it deserves. As data privacy continues to be a central issue in the digital age, staying informed and proactive is more important than ever. This is a developing story, and we will continue to provide updates as they become available.
