70款APP违法违规收集使用个人信息 涉及e代驾、金十数据、美年大健康
Zhong Guo Neng Yuan Wang·2025-10-31 02:58

Core Viewpoint - The National Computer Virus Emergency Response Center has identified 70 mobile applications that illegally collect and use personal information, violating laws such as the Cybersecurity Law and the Personal Information Protection Law [1][2][3]. Group 1: Violations in Privacy Policy Disclosure - 23 applications failed to clearly inform users about their privacy policies and the rules for collecting personal information upon first use [1]. - 24 applications did not specify the purposes, methods, and scope of personal information collection in their privacy policies [2]. Group 2: Consent and Information Sharing Issues - 14 applications did not inform users about the third parties receiving their personal information and did not obtain user consent for sharing [3]. - 5 applications began collecting personal information without obtaining user consent [4][5]. Group 3: User Rights and Complaint Handling - 4 applications lacked effective mechanisms for users to correct, delete personal information, or cancel their accounts [6]. - 2 applications failed to process complaints and reports within the promised timeframe [6]. Group 4: Withdrawal of Consent and User Options - 23 applications did not provide users with a way to withdraw consent for personal information collection [6]. - 3 applications used automated decision-making for information push and marketing without offering users an option to refuse [7]. Group 5: Sensitive Information and Minor Protection - 1 application did not inform users about the necessity and impact of processing sensitive personal information [7]. - 13 applications did not have specific rules for processing personal information of minors and did not obtain consent from guardians [7]. Group 6: Security Measures and Privacy Policy Absence - 34 applications did not implement adequate security measures such as encryption or anonymization [8]. - 9 applications lacked a privacy policy altogether [9]. Group 7: Follow-up on Previous Violations - Among the previously reported 69 applications, 28 still had issues upon re-examination, leading to their removal from distribution platforms [10].