WeChat Denies GDPR Violations Alleged by Noyb
Chinese tech company WeChat complies with local laws and regulations in the markets in which it operates and "is committed to protecting user privacy and data security," a spokesperson for parent company Tencent emailed us Friday.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
Tencent responded to complaints filed Thursday against WeChat, Tiktok and AliExpress by Austrian privacy nonprofit Noyb accusing them of General Data Protection Regulation breaches by failing to comply with data subject access requests. TikTok and AliExpress didn't comment.
The violations kept European users from finding out how their personal data was processed and whether the companies were complying with other GPDR provisions such as those on data transfers, Noyb said.
The access requests were filed in preparation for a series of complaints in January relating to data transfers to China, the group noted. Once they were contacted, some of the other tech companies provided complainants with additional information, but TikTok, AliExpress and WeChat didn't.
TikTok and AliExpress "haven't bothered to give the data subjects access" to all their data as required by the GDPR. WeChat "just completely ignored the complainant's request," Noyb said.
Most major tech companies have automated tools that allow them to fulfill GDPR requests, Noyb said.
The three complaints were filed with data protection authorities in Belgium, Greece and the Netherlands, Noyb said. They seek decisions that the three companies breached the GDPR, orders for them to comply with the data access requests, and fines.