券商中国·2025-03-19 13:34Core Viewpoint - The article discusses the "opening box" incident involving Baidu's executive's daughter, emphasizing Baidu's denial of any involvement in the unauthorized access and sharing of personal data, while highlighting the broader issue of personal information security in China [1][2]. Summary by Sections Incident Overview - The "opening box" incident involved a netizen who, after a dispute over a Korean artist, used illegal means to collect and expose personal information, leading to online harassment of multiple users, including a pregnant woman [3]. - The individual responsible was identified as the 13-year-old daughter of Baidu's vice president, Xie Guangjun, who later issued an apology for her actions [4]. Baidu's Response - Baidu issued a statement asserting that the information related to the incident did not originate from its platform and that no employees or executives have access to user data [2]. - The company condemned the act of stealing and publicly disclosing personal information, emphasizing a zero-tolerance policy towards such behavior [2]. Investigation Findings - Baidu's internal investigation revealed that the exposed information came from an overseas social engineering database, not from Baidu itself [2]. - The company has reported the spread of false information and rumors related to the incident to law enforcement [2]. Personal Information Security Issues - The article references a recent CCTV report highlighting ongoing issues with personal information security, including illegal data collection practices by various tech companies [4]. - It mentions that in 2024, over 7,000 cases related to personal information crimes were resolved, with significant law enforcement actions taken against offenders [4]. Regulatory Framework - The article outlines the importance of personal information protection as a compliance obligation for companies, referencing the Personal Information Protection Law of China [11]. - A new compliance audit management method was introduced by the National Internet Information Office, set to take effect on May 1, 2025, to enhance personal information protection practices [11].