违法违规收集使用个人信息 71款移动应用被通报

Core Viewpoint - The article highlights the detection of 71 mobile applications that violate personal information protection laws, as mandated by various regulations, including the Cybersecurity Law and the Personal Information Protection Law. These applications have been found to improperly collect and use personal information without adequate user consent or transparency [1][2][3]. Group 1: Violations in User Consent and Transparency - 13 mobile applications failed to provide clear notifications to users regarding the collection and use of personal information upon first use, including the lack of accessible privacy policies [1]. - 31 mobile applications did not specify the purposes, methods, and scope of personal information collection in their privacy policies [2]. - 13 mobile applications did not inform users about the transfer of their personal information to other processors, including the lack of obtaining separate consent [3]. Group 2: User Rights and Account Management - 5 mobile applications did not offer effective options for users to correct, delete personal information, or cancel their accounts, and set unreasonable conditions for these actions [4][5]. - 2 mobile applications failed to process complaints and reports within the promised timeframe and lacked a mechanism for users to exercise their rights [5]. - 23 mobile applications did not provide users with a convenient way to withdraw consent for personal information collection [6]. Group 3: Security Measures and Sensitive Information - 27 mobile applications did not implement appropriate security measures such as encryption or de-identification of personal information [7]. - 3 mobile applications did not inform users about the necessity and impact of processing sensitive personal information [8]. - 3 mobile applications did not establish specific rules for processing personal information of minors and failed to obtain consent from guardians [9]. Group 4: Absence of Privacy Policies - 5 mobile applications were found to have no privacy policy at all, which is a direct violation of personal information protection regulations [9].