Shanghai flags data breaches, illegal cross-border transfers in 2025 enforcement

By MLex Staff ( January 19, 2026, 09:15 GMT | Insight) -- Shanghai’s internet regulator has highlighted eight enforcement cases that reflect its regulatory priorities in 2025, covering data security compliance, illegal cross-border data transfers and violations of personal information rights and interests. The cases show how Shanghai authorities stepped up enforcement last year under the Cybersecurity Law, the Data Security Law, the Personal Information Protection Law, or PIPL, and the Regulations on the Security Management of Network Data.Shanghai’s internet regulator has highlighted eight enforcement cases that reflect its regulatory priorities in 2025, covering data security compliance, illegal cross-border data transfers and violations of personal information rights and interests....

Prepare for tomorrow’s regulatory change, today

MLex identifies risk to business wherever it emerges, with specialist reporters across the globe providing exclusive news and deep-dive analysis on the proposals, probes, enforcement actions and rulings that matter to your organization and clients, now and in the longer term.

Know what others in the room don’t, with features including:

Daily newsletters for Antitrust, M&A, Trade, Data Privacy & Security, Technology, AI and more
Custom alerts on specific filters including geographies, industries, topics and companies to suit your practice needs
Predictive analysis from expert journalists across North America, the UK and Europe, Latin America and Asia-Pacific
Curated case files bringing together news, analysis and source documents in a single timeline

Experience MLex today with a 14-day free trial.

Start Free Trial

Already a subscriber? Click here to login

Shanghai flags data breaches, illegal cross-border transfers in 2025 enforcement

Prepare for tomorrow’s regulatory change, today

Related Sections