运营商财经网 实习生郑永杰/文 8月13日，国家计算机病毒应急处理中心检测并在公众号披露，近期有70款移动应用存在违法违规收集 使用个人信息情况，检测时间为2025年7月2日至2025年7月29日。 其中，《朴朴超市》（版本5.6.4，华为应用市场）因为未采取相应的加密、去标识化等安全技术措施， 而被官方通报。 目前在华为应用市场上已经没有被检测出问题的5.6.4版本的《朴朴超市》以供下载了。目前可以下载的 是8月7日更新后的5.6.8版最新版本软件。 早在2020年，朴朴超市就因未向用户明示申请的全部隐私权限而被官方通报。 而除了APP隐私权限问题之外，2023年7月，朴朴电子商务有限公司曾接受福州市市场监督管理局风险 监测，其销售的潮汕小香芹被检出噻虫胺残留超出GB2763-2021《食品安全国家标准 食品中农药最大残 留限量》标准。 不过由于朴朴电子商务有限公司提供了完整的供货商资质、农产品追溯凭证及快检报告等溯源材料，证 明问题批次可实现责任追溯。因监测抽样点（福州仓山区凤冈路分店）不在福州市监局管辖范围内，且 该检测属风险监测非监督抽查，最终未予立案处理。 朴朴超市的CEO陈兴文在创办朴朴超市前深耕 ...

乘网约车出行，联系司机告知准确定位，拨打电话发现不是常见的"1"开头的11位手机号码，司机也只 能看到用户的"虚拟号码"。类似经历在生活中并不新鲜。前不久，工业和信息化部印发《关于开展号码 保护服务业务试点的通知》，规划700号段作为号码保护服务业务的专用码号资源，这意味着我国对"隐 私号"的管理将更加规范。 【点评】 "隐私号"，又称"中间号"，是指受快递、外卖、网约车等互联网平台企业及其他企事业单位委托，为其 个人用户分配的用以代替真实手机号码的临时号码。隐私号相当于给真实手机号加了一层"防火墙"，使 用该服务既能保障商家、配送人员联系到用户，同时又不向相关人员提供用户的实际电话号码，有利于 降低个人信息泄露的风险。 数据显示，当前我国号码保护服务业务日均订单量至少为3.5亿。业务量庞大，加之号码格式不统一， 前期企业使用手机号码、固定电话号码、95号码等开展相关服务，容易造成混淆，给用户带来困扰。缺 乏统一的技术实现标准和服务规范，也影响了隐私号服务的稳定性。在这个意义上，开展号码保护服务 业务试点，无论是对于保护个人信息、便利日常生活，还是治理电信网络诈骗、促进平台经济发展壮 大，都具有重要意义。 今 ...

Group 1 - The article highlights the increasing risks associated with AI technology, particularly in identity fraud and privacy breaches, emphasizing the need for personal information protection [1][2] - It provides practical guidelines for identifying and preventing AI-generated fraud, including action verification methods and voice detail analysis [2] - The importance of multi-channel identity verification is stressed, especially in sensitive transactions, to avoid falling victim to scams [2] Group 2 - The article discusses the risks posed by smart devices, such as cameras and speakers, which can become gateways for privacy breaches [3][4] - Recommendations include choosing reputable brands, using physical switches for security, setting strong passwords, and minimizing app permissions [4] - The article emphasizes the need for regular management and updates of smart device settings to enhance security [4] Group 3 - The police urge individuals to enhance their awareness of personal information security as the first line of defense [5] - In cases of suspected information leaks or fraud, it is advised to retain evidence and report to authorities promptly [5] - The article calls for collaboration between the police and the public to create a safer online environment [6]

Core Viewpoint - The China Cybersecurity Association has organized and guided the optimization of five apps in response to issues related to the collection and use of personal information, aiming to enhance compliance with relevant laws and regulations [1] Group 1: Regulatory Compliance - The initiative focuses on addressing problems such as excessive collection of personal information, overuse of sensitive permissions, inconvenient permission settings, and difficulties in account cancellation [1] - The optimization is in accordance with the Cybersecurity Law of the People's Republic of China, the Personal Information Protection Law, and regulations on necessary personal information for common types of mobile internet applications [1] Group 2: App Updates - Five app operators have released updated versions of their applications on app stores or official websites, committing to maintain compliance levels in future updates [1] - The list of optimized apps includes: 1. Cainiao (Mail and Express Delivery) - Version 8.10.715 2. Dongchedi (Used Car Trading) - Version 8.6.7 3. Yiche (Automobile Services) - Version 11.38.1 4. Mafengwo (Travel Services) - Version 11.3.3 5. Tuniu (Travel Services) - Version 11.44.0 [1]

Core Points - The case involves a social media platform where personal information of an individual, Zheng, was illegally collected and publicly shared, leading to online harassment [1][2] - The Beijing Internet Court ruled that both the user who published the infringing content and the platform that failed to ensure information security must bear liability for the infringement [4][7] Group 1: Incident Overview - Zheng's personal information, including account details and identification documents, was illegally collected and published due to differing opinions on a celebrity event [2][4] - The platform only took minimal actions, such as making the content private or deleting it, without further measures to protect user information [1][9] Group 2: Legal Proceedings - The technology company claimed it fulfilled its legal obligations as a network service provider and argued that the personal information leak was not possible due to their security measures [2][8] - The defendant, Zhang, denied using the social media platform and claimed the IP address of the infringing account was from a foreign country, but did not provide evidence of account theft [3][4] Group 3: Court Findings - The court determined that Zhang was the actual user of the infringing account and had violated Zheng's privacy and reputation by publicly sharing sensitive information [4][6] - The court highlighted that the technology company had data security management vulnerabilities and failed to take adequate measures to protect user information, leading to multiple users being similarly affected [8][9] Group 4: Implications for the Industry - The case illustrates the emerging trend of "opening boxes" as a form of online violence, combining doxxing and cyberbullying [10] - The court emphasized that online platforms must continuously improve their technical and management measures to fulfill their obligations in safeguarding personal information [10]

Core Viewpoint - The National Cybersecurity Incident Response Center has identified 68 mobile applications that illegally collect and use personal information, including apps from two brokerage firms, Yintai Securities and Caida Securities [1][2]. Group 1: Violations Identified - The 68 mobile applications were found to have 13 types of violations, with three major issues highlighted: 1. Privacy policies not clearly listing the purposes, methods, and scope of personal information collection, affecting 30 applications [1]. 2. Failure to provide users with a way to withdraw consent for personal information collection, impacting 35 applications, including Caida Securities' app "Caida Financial Daily" (version 3.65) [1][2]. 3. Lack of appropriate security measures such as encryption and anonymization, affecting 31 applications [2]. Group 2: Specific Brokerage Apps - The identified brokerage applications include: - "Yintai Zhangyibao" (version 5.1.0) from Yintai Securities, which violated multiple regulations [2]. - "Caida Financial Daily" (version 3.65) from Caida Securities, which also failed to comply with several requirements [2][3]. Group 3: Previous Reports - Since 2025, the National Cybersecurity Incident Response Center has released eight lists of illegal mobile applications, with several brokerage apps being named in previous reports [3].

Core Viewpoint - The National Cybersecurity Notification Center has reported that 68 mobile applications, including those from Yintai Securities and Caida Securities, have been found to illegally collect and use personal information [1] Group 1: Violations and Impact - A total of 68 mobile applications were identified with 13 types of violations related to personal information collection and usage [1] - The applications span various categories, including dining, gaming, social networking, lifestyle services, and financial applications [1]

Core Viewpoint - The National Cybersecurity and Information Security Information Notification Center reported 64 mobile applications that illegally collected and used personal information, including several well-known tea beverage brands' ordering mini-programs, highlighting significant privacy issues within the industry [1][2]. Group 1: Overview of Violations - Among the 64 problematic applications, 30 did not provide users with a way to withdraw consent for personal information collection, indicating a severe issue [1]. - 29 applications failed to implement necessary security measures such as encryption and de-identification [1]. - 25 applications did not clearly outline the purposes, methods, and scope of personal information collection in their privacy policies [1]. Group 2: Specific Applications Highlighted - The application "霸王茶姬" (version 5.78.8) exhibited four types of issues, including a lack of clear privacy policy details and failure to provide timely responses for user requests regarding personal information [2]. - "太平洋咖啡会员" (version 3.3.0) also faced four issues, notably not informing users about the privacy policy at the app's first run and not obtaining user consent before collecting personal information [2]. Group 3: Detection and Reporting - The problematic applications were detected by the National Computer Virus Emergency Response Center between May 23, 2025, and June 11, 2025 [3].

Core Viewpoint - The National Cybersecurity and Information Security Information Notification Center reported that 64 mobile applications are found to illegally collect and use personal information [1] Group 1 - 64 mobile applications have been detected for illegal collection and usage of personal information [1]

Core Points - The case highlights the misuse of AI technology for personal information security breaches, specifically through the creation of fake compromising images for extortion purposes [1][2] - The defendants, using AI, synthesized fake nude photos of victims and sent extortion letters, resulting in a total illicit gain of 140,000 RMB [1] - The court sentenced the defendants to three years in prison and a fine of 30,000 RMB, emphasizing the seriousness of extortion crimes [2] Summary by Sections - **AI Technology Misuse**: The case illustrates how AI can be exploited to create realistic fake images, posing significant risks to personal information security [1][2] - **Criminal Actions**: The defendants collected personal data online, created fake images, and sent extortion letters to victims, leading to substantial financial gain [1] - **Legal Consequences**: The court's ruling reflects the legal system's stance on extortion, with the defendants receiving a three-year prison sentence and a monetary penalty [2] - **Public Awareness**: The judge's remarks serve as a warning to the public about the dangers of sharing personal information and the need for vigilance against extortion attempts [2]