China’s cyber police on Tuesday said it has fined Christian Dior’s Shanghai subsidiary after an investigation revealed the company had illegally transferred user data to its French headquarters without required approvals.
According to the National Cybersecurity Notification Centre, Dior failed to obtain user consent, did not encrypt personal data, and skipped the mandatory security assessment for cross-border transfers.
The probe was launched after reports of a potential data breach at the French luxury house. Following this, subscribers in China received official warning texts, which ultimately led to regulatory action.
