Core Viewpoint - The National Cybersecurity Notification Center reported that 34 mobile applications were found to illegally collect and use personal information, violating laws such as the Cybersecurity Law and the Personal Information Protection Law [1][2][3]. Group 1: Violations in Personal Information Collection - 17 mobile applications failed to specify the purpose, method, and scope of personal information collection [1][5]. - 1 mobile application did not inform users of the purpose when requesting permission to collect personal information [2]. - 1 mobile application did not inform users of the purpose when collecting sensitive personal information [3]. - 4 mobile applications began collecting personal information before obtaining user consent [4]. - 17 mobile applications collected personal information beyond the scope authorized by users [5]. Group 2: Inadequate User Information and Consent - 1 mobile application had a personal information protection policy that described the need to collect personal information beyond what was necessary for its functions [6]. - 4 mobile applications declared permissions to collect personal information that exceeded what was necessary for their functions [7]. - 2 mobile applications collected personal information beyond what was necessary for their functions [8]. - 3 mobile applications collected personal information more frequently than necessary for their functions [9][10]. - 3 mobile applications required users to enable permissions not needed for the current function [11]. Group 3: User Rights and Misleading Practices - 4 mobile applications forced users to provide unnecessary personal information [12]. - 3 mobile applications did not provide users with a channel for complaints regarding personal information [13]. - 1 mobile application did not offer a specific way for users to correct or supplement their personal information [14]. - 2 mobile applications set unreasonable conditions or additional requirements in the account cancellation process [15]. - 2 mobile applications engaged in misleading or deceptive advertising practices [16].
国家网络安全通报中心:34款移动应用存在违法违规收集使用个人信息情况
Xin Lang Cai Jing·2025-10-10 09:04