Core Viewpoint - The National Cybersecurity Center has reported that 65 mobile applications are found to be in violation of personal information protection laws, highlighting significant issues in user consent and data handling practices [1][2][3][4][5][6][7][8] Group 1: User Consent and Information Collection - 9 applications failed to clearly inform users about their privacy policies and data collection practices at the first run [1] - 43 applications did not specify the purposes, methods, and scope of personal information collection in their privacy policies [2] - 16 applications did not inform users about the transfer of their personal information to other parties, nor did they obtain separate consent [3] - 4 applications began collecting personal information without obtaining user consent [4] Group 2: User Rights and Data Management - 9 applications lacked effective mechanisms for users to correct, delete personal information, or cancel their accounts, and did not respond timely to such requests [4] - 3 applications failed to process complaints and reports within the promised timeframe and lacked a convenient mechanism for users to exercise their rights [5] - 32 applications did not provide users with a way to withdraw consent for data collection [5] Group 3: Sensitive Information and Security Measures - 6 applications used automated decision-making for information push and marketing without providing options to refuse or alternatives [6] - 7 applications processed sensitive personal information without obtaining separate consent and did not inform users about the necessity and impact on their rights [6] - 15 applications did not implement adequate security measures such as encryption or de-identification of personal data [7] Group 4: Privacy Policy Compliance - 5 applications were found to have no privacy policy at all [8] - 31 out of 67 previously reported applications still exhibited issues upon re-evaluation, leading to their removal from distribution platforms [8]