• Shein has been fined €150 million ($175 million) by France's data protection authority.
• The fine is due to the improper collection of user data through cookies without explicit consent.
• Shein plans to appeal the decision, calling the fine disproportionate.
• The company serves approximately 12 million French users monthly.
• This penalty comes as part of a broader scrutiny of data practices among major internet companies.

France's data protection authority, the Commission Nationale de l'Informatique et des Libertés (CNIL), issued a €150 million ($175 million) fine to online retailer Shein for failing to secure proper consent from users regarding cookie usage. The CNIL found that users opting out of cookies on Shein's French site were still subjected to tracking, violating the European Union's General Data Protection Regulation, which requires explicit consent for cookie usage to track individuals' online activities, according to Reuters and South China Morning Post.

The CNIL emphasized that the penalty reflects Shein's negligence in not only failing to respect user consent but also inadequately informing users about their options for rejecting cookies. The authority stated that approximately 12 million consumers in France browse Shein each month, amplifying the potential impact of these violations, as reported by Le Monde and Reuters.

In response, Shein has publicly declared its intention to appeal the fine, asserting that the amount is "wholly disproportionate" and that the company has taken steps towards compliance since the CNIL's investigation began in August 2023. They have claimed to fully cooperate with the authority and enhance their data protection practices, as noted by South China Morning Post and Reuters.

This fine adds to a growing list of penalties imposed on major internet companies for similar infractions. Google was fined €325 million at the same time for comparable cookie-related issues. This trend reflects the CNIL's intensified scrutiny over cookie practices across large platforms, as evidenced by the penalties' scale and the rising data protection standards imposed in France and the EU, according to Le Monde and Reuters.