Core Viewpoint - The document discusses the supplementary legal opinion regarding the issuance of A-shares by Zhongke Xingtou Co., Ltd. to specific investors in 2025, focusing on compliance with relevant laws and the necessity of the fundraising projects [3][4]. Group 1: Fundraising Projects - The total amount of funds to be raised from the issuance will not exceed RMB 1 billion, allocated for the construction of three main projects: the Flight Service Digital Infrastructure Platform, the Xingtou Luoshu Defense and Public Safety Big Data Intelligent Analysis Platform, and supplementary working capital [6][7]. - The company’s business includes data services, primarily selling data products processed from raw data using self-developed software [6][7]. - As of December 31, 2024, the funds raised from the company's initial public offering in 2020 and the specific issuance in 2021 have not been fully utilized [6][7]. Group 2: Compliance and Legal Assurance - The supplementary legal opinion confirms that the company has conducted thorough investigations and discussions to ensure compliance with relevant laws, including the Personal Information Protection Law, Data Security Law, and Cybersecurity Law [9][12]. - The company has obtained necessary business qualifications for the implementation of the fundraising projects, ensuring no violations in data procurement or services [9][12]. - The company has committed to taking measures to ensure that its data procurement and service operations comply with applicable laws and regulations [11][12]. Group 3: Project Implementation and Data Procurement - The projects have not yet provided data services to third parties, with only the Xingtou Cloud Project having conducted two preliminary data procurements [8][13]. - The data procurement for the Xingtou Cloud Project is legally compliant, with contracts ensuring that the supplier has the necessary qualifications and that the data provided does not violate any laws [8][13]. - The company has outlined specific data procurement and service content for each project, focusing on high-quality data sets and comprehensive services across various industries [8][9].

Core Points - The National Cybersecurity Notification Center reported that 45 mobile applications were found to illegally collect and use personal information [1] - The findings were based on laws such as the Cybersecurity Law and the Personal Information Protection Law, as part of a special action plan for personal information protection [1] - Specific applications like "4399 Game Box," "Hello," and "Tantan" were highlighted for various violations regarding personal information collection practices [1] Summary by Category - **Illegal Collection of Personal Information** - 45 mobile applications were identified for violating personal information collection regulations [1] - The applications failed to list the purposes, methods, and scope of personal information collection [1] - **Specific Application Violations** - "4399 Game Box" was noted for collecting personal information beyond necessary limits and frequency [1] - "Hello" began collecting personal information without user consent and exceeded authorized collection limits [1] - "Tantan" also collected personal information at frequencies exceeding necessary limits [1] - **Follow-up Actions** - Eight applications from a previous report were still found to have issues upon retesting, leading to their removal from distribution platforms [2]

为切实提升社会公众的个人信息保护意识，构建安全稳定的金融环境，民生银行济南槐荫支行近期组织 开展了形式多样的个人信息保护宣传活动。活动聚焦厅堂客户与周边商户两大群体，通过多维度宣传教 育，助力公众筑牢信息安全防线。 支行立足网点服务优势，将金融知识普及与日常业务办理深度融合。在营业厅内，专门设立了公众教育 区，陈列各类个人信息保护宣传资料，并配备金融知识专员为客户提供一对一讲解。工作人员重点介绍 了常见APP收集个人信息的范围、信息泄露的潜在风险，以及如何通过设置隐私权限、谨慎授权等方式 为个人信息"加密"。同时，针对信息泄露后的维权流程，支行详细讲解了正规投诉渠道，帮助客户掌握 依法维权的有效途径。 针对周边商户这一信息流转关键环节，支行组建专项宣传团队，开展"网格化"普法服务。工作人员采 取"走访+驻点"相结合的模式，深入商户发放《个人信息保护指南》，并结合金融诈骗典型案例，生动 阐释违规收集、滥用客户信息的法律后果。特别针对小微企业，宣传团队详细解读了《个人信息保护 法》中关于信息采集、存储、使用的合规要求，指导商户完善客户信息管理机制，从源头防范信息泄露 风险。 此次活动有效提升了参与公众对个人信息保 ...

Core Viewpoint - The National Cybersecurity Notification Center has announced that 45 mobile applications are found to illegally collect and use personal information, highlighting the need for enhanced personal information protection and public privacy awareness [1] Group 1: Violations Identified - The identified applications have issues such as not disclosing collection and usage rules, failing to list collection purposes individually, and collecting information beyond authorized limits [1] - Notable applications mentioned include "Qing E," "4399 Game Box," and "Che Lun Driving Test App" [1] Group 2: Regulatory Actions - Relevant platforms have taken action by removing some of the problematic applications from their stores [1] - The announcement aims to strengthen personal information protection measures [1]

Core Viewpoint - The article discusses the pervasive use of facial recognition technology in real estate sales offices in China, highlighting privacy concerns and the lack of compliance with new regulations aimed at protecting personal data [3][4]. Group 1: Surveillance in Real Estate Sales Offices - Real estate sales offices are equipped with numerous cameras, often without clear signage indicating their presence or purpose [5][9]. - Visitors often feel the need to disguise themselves to avoid having their facial data collected and recorded, which can affect their ability to choose different agents [6][12]. - The cameras are used to track visitors and determine if they are first-time clients, with facial data typically stored for 1 to 3 months [6][12]. Group 2: Compliance Issues - The new regulations require clear signage and consent for facial recognition data collection, which many sales offices fail to provide [8][14]. - There are reports of companies collecting facial data without proper consent, leading to administrative penalties [20][21]. - Experts argue that the current practices violate the principle of necessity, as the purpose of data collection is not clearly communicated to clients [14][21]. Group 3: Industry Practices and Implications - Real estate developers use facial recognition to differentiate between direct clients and those referred by agents, impacting commission structures [13][22]. - The technology is seen as a "secret weapon" to control commission costs and ensure that sales staff benefit from direct sales [13][22]. - There are alternative methods suggested for verifying client identity that do not rely on facial recognition, such as using access cards or QR codes [23].

Core Viewpoint - The National Cybersecurity Incident Response Center reported that 64 mobile applications are illegally collecting and using personal information, including apps from seven financial institutions [1][2][3]. Summary by Sections Violations Identified - The 64 mobile applications are associated with 13 types of violations, with three major categories being highlighted: 1. Privacy policies not clearly listing the purposes, methods, and scope of personal information collection, affecting 25 apps including those from Longjiang Bank and Shengan Securities [5]. 2. Failure to provide users with a way to withdraw consent for personal information collection, impacting 30 apps including those from Industrial Securities and Hainan Airlines [6]. 3. Lack of appropriate security measures such as encryption and de-identification, involving 29 apps including those from Chengtong Securities and Zhilian Recruitment [7]. Types of Applications Affected - The identified applications span various sectors, including dining, gaming, recruitment, social networking, life services, and financial services. Notable brands like Starbucks and several tea brands were also mentioned [9]. Financial Institutions Involved - The financial institutions implicated include four securities firms and three banks, with specific versions of their applications listed. For instance, Chengtong Securities (version 6.0.3.0) and Longjiang Bank (version 2.00.03) are among those noted [9]. Previous Reports and Ongoing Actions - Since 2025, the National Cybersecurity Incident Response Center has released six lists of violating mobile applications, with several financial institutions previously named. The ongoing initiative aims to address typical violations and ensure the protection of personal information [10].

Core Insights - The investigation reveals that despite e-commerce platforms implementing privacy measures, there are numerous intermediaries offering "decryption" services for personal information at a low cost, indicating a significant gap in personal data protection [1] Group 1: Causes of Personal Information Leakage - The primary reason for personal information leakage is the existence of a substantial marketing profit chain that relies on personal data, with underground markets for personal information trading remaining active [2] - Weak regulatory oversight in the multiple stages of personal information handling during online shopping contributes to the leakage, as data may have been exposed before encryption measures were implemented [2] - Incomplete legislation and management loopholes in internet platform real-name authentication are major factors leading to ongoing personal information leaks [2] Group 2: Recommendations for Improvement - It is essential to identify the channels through which personal information is leaked, whether through technical means or internal breaches, and to enhance regulatory oversight accordingly [3] - Regulatory bodies should increase compliance monitoring of personal information usage by logistics and courier companies, which typically do not need to retain extensive user data [3] - There should be an increase in administrative penalties for violations of personal information rights, including warnings, detention, or fines, and a clear definition of civil liabilities for offenders to enhance the cost of violations [3]

Core Viewpoint - The case highlights the importance of personal information protection in China, emphasizing that companies must adhere to legal standards when handling employee personal data [1][2][3] Group 1: Legal Framework - The implementation of the Personal Information Protection Law and the Civil Code has established a legal framework for personal information protection in China [1] - The Civil Code specifies that individuals have the right to privacy, and any organization or individual must not infringe upon this right through various means [2] - Personal information is defined broadly, including names, identification numbers, addresses, and other sensitive data that must be protected [2] Group 2: Case Details - The case involved a company that publicly posted an employee's personal information, including their ID number and address, which was deemed an infringement of privacy rights [1][2] - The employee, Zheng, sought a public apology and compensation for emotional distress due to the unauthorized disclosure of personal information [1][3] Group 3: Court Ruling - The court ruled that the company exceeded the necessary limits in using Zheng's personal information, constituting an infringement and requiring the company to issue a public apology [2][3] - The court did not support Zheng's claim for emotional distress compensation, citing the short duration and limited impact of the infringement [3] Group 4: Legal Guidance - Companies must follow the principles of legality, necessity, and appropriateness when handling personal information, ensuring minimal impact on individual rights [4] - It is advised that companies communicate sensitive information directly to employees and protect personal data from public disclosure [4] - Negative evaluations of employees should be factual and not harm their future employment opportunities, as this could lead to further legal issues [4]

个人信息安全与隐私保护无小事。因此，欲破此局，需从企业责任、监管框架到用户赋权三端共同发 力，构建刚柔并济的治理体系。 首先，APP运营者必须抛弃"能收则收"的原始冲动，将个人信息保护由合规负担转化为核心责任。企业 应主动关注监管动态，摸清行业合规边界，尤其处理大量或敏感信息时，技术防护（如加密存储、内外 网隔离）应成标配而非点缀。须知，用户信任乃数字时代最珍贵的信任货币，若隐私协议沦为"阅读理 解题"，技术防护形同虚设，那么用户每一次被迫勾选，都在无声侵蚀企业赖以生存的根基。 其次，监管之手需更精细有力。可借鉴《自然人网店管理规范》中"分类施策"的智慧，对APP进行分级 分类管理：为不同业务场景及体量的应用量身定制规则，避免"一刀切"窒息创新。同时强化"负面清 单"思维，严打默认勾选、捆绑同意等"擦边球"行为，压实平台主体责任，让违规者付出代价。柔性监 管亦不可缺——如设立整改缓冲期，以差异化激励替代单纯处罚，在规范与活力间寻得平衡。 近日，国家网络与信息安全信息通报中心通报了65款存在违法违规收集使用个人信息情况的移动应用 （APP），涉及未显著告知隐私政策、未经用户同意向第三方共享数据、未提供有效注销功 ...

Core Points - The Supreme People's Court of China has ruled that network service providers must bear liability for excessive collection of personal information from consumers [1][2] - The case involved a dictionary app that forced users to agree to a privacy policy without proper consent, leading to a violation of personal information rights [1][2] Group 1: Legal Implications - The court found that the app's automatic selection of the consent option without user knowledge violated the requirement for informed consent [2] - The app's refusal to provide services if users declined to agree to the privacy policy was deemed a denial of basic service [2] - The company was ordered to delete the collected personal information and apologize to the user, as well as compensate for reasonable legal expenses [2] Group 2: Company Behavior - The company had previously modified its privacy policy during the litigation process to include a feature for users to withdraw consent [2] - The case highlights the importance of compliance with personal information protection laws, specifically Articles 15 and 16 [2]