China: Cyberspace Administration published typical data protection enforcement cases including data protection enforcement

On 16 January 2026, the Shanghai Municipal Cyberspace Administration published a batch of typical data protection enforcement cases, including several cases on data protection regulation. These cases include an investigation into a coffee company, an app software development kit provider, and a hotel management company. These companies were found to have violated data protection requirements, such as inducing user consent and failure to notify users. The companies were warned and ordered to take corrective measures.