国家网络与信息安全信息通报中心通报69款违法违规收集使用个人信息的移动应用
Yang Shi Wang·2025-12-05 05:51

Core Viewpoint - The National Cybersecurity and Information Security Information Notification Center reported that 69 mobile applications were found to illegally collect and use personal information, violating laws such as the Cybersecurity Law and the Personal Information Protection Law [1][2][3]. Group 1: Non-compliance with Privacy Policies - 15 mobile applications failed to clearly inform users about the collection and use of personal information at the first run, including the lack of accessible privacy policies [1]. - 39 mobile applications did not list the purposes, methods, and scope of personal information collection in their privacy policies [2]. - 15 mobile applications did not inform users about the recipients of their personal information when shared with other processors, nor did they obtain separate consent [3]. Group 2: User Consent and Rights - 3 mobile applications began collecting personal information without obtaining user consent [4]. - 8 mobile applications did not provide effective means for users to correct, delete personal information, or cancel their accounts, or set unreasonable conditions for these actions [5]. - 3 mobile applications failed to process complaints and reports within the promised timeframe and did not establish a convenient mechanism for users to exercise their rights [6]. Group 3: Withdrawal of Consent - 35 mobile applications did not provide users with a way to withdraw consent for the collection of personal information [7]. Group 4: Automated Decision-Making and Sensitive Information - 5 mobile applications used automated decision-making for information push and marketing without providing options to refuse or not targeting personal characteristics [8]. - 1 mobile application did not inform users about the necessity and impact of processing sensitive personal information [8]. Group 5: Security Measures - 21 mobile applications did not implement appropriate security measures such as encryption or de-identification [8]. Group 6: Absence of Privacy Policies - 2 mobile applications were found to have no privacy policy at all [8].