64款App违规收集个人信息 涉及三家银行

Core Insights - The National Cybersecurity Incident Response Center reported that 64 mobile applications, including those from three banking institutions, were found to illegally collect and use personal information [1][2] - Regulatory scrutiny on banking apps is increasing due to the implementation of laws such as the Cybersecurity Law and the Personal Information Protection Law, necessitating banks to clarify internal management responsibilities and comply with regulatory requirements [1][3] Group 1: Regulatory Violations - Specific violations by banking apps include failure to inform users about the recipients of their personal information, lack of consent mechanisms for data withdrawal, and inadequate privacy policies detailing data collection purposes and methods [2][3] - The Hebei Provincial Communications Administration reported that among 83 apps flagged for user rights violations, six were banking apps, highlighting issues such as excessive data collection and forced permission requests [2] Group 2: Data Management and Compliance - Financial institutions are under increasing pressure to enhance data management practices, with regulations mandating effective measures for data security and user information protection [3] - Banks are encouraged to adopt a minimum necessary principle for data collection, ensure clear user notifications, obtain explicit consent, and provide options for users to withdraw consent [3]