Regulatory Developments - The Cyberspace Administration of China announced the interim results of algorithm governance, highlighting that major platforms like Douyin and Xiaohongshu have optimized their recommendation algorithms and introduced innovative features such as "Cocoon Assessment" and "One-Click Break Cocoon" [2] - Six departments, including the Ministry of Public Security and the National Internet Information Office, jointly released the "National Network Identity Authentication Public Service Management Measures," which will take effect on July 15. The measures emphasize the voluntary use of network numbers and certificates, with a focus on protecting minors and the elderly [3] - The State Administration for Market Regulation published the "Guidelines for Compliance of Charging Behavior on Online Trading Platforms (Draft for Comments)," which outlines eight unreasonable charging behaviors that platforms must avoid, including duplicate charges and price discrimination [4] - A total of 35 apps, including Zhiyu Qingyan and Kimi, were reported for illegal collection and use of personal information, as per the National Cyber and Information Security Information Notification Center [5] International Developments - The U.S. Department of Justice is investigating Google for potential antitrust violations related to its agreement with Character.AI, a chatbot manufacturer, to use its AI technology [6] - A California judge imposed a fine of $31,000 on two law firms for submitting documents that contained false and misleading legal citations without disclosing the use of AI [7][8] - A report from the International Labour Organization indicates that one-quarter of global jobs may be affected by generative AI, with high-income countries facing a higher impact rate of 34% [8] - A landmark case in the U.S. involves a lawsuit against Google and Character.AI related to a minor's suicide, with the court ruling that both companies must face the allegations [8]

Core Viewpoint - The introduction of the "National Network Identity Authentication Public Service Management Measures" aims to establish a reliable digital identity system to enhance personal information protection and support the development of the digital economy, effective from July 15, 2025 [1][2][3]. Background - The rapid growth of the internet and digital economy has led to an increased demand for reliable personal identity authentication services, highlighting issues such as unauthorized data collection and the need for a trustworthy digital identity framework [2]. - The Chinese government emphasizes the importance of personal information protection and the establishment of a digital identity management system in various national policies and plans [2]. Legal Basis - The management measures are supported by several laws, including the Cybersecurity Law, Personal Information Protection Law, and Anti-Telecom Fraud Law, which advocate for the development of secure electronic identity authentication technologies [4]. Main Content of the Management Measures - The management measures consist of 16 articles covering four main areas: definitions and application of national network identity authentication services, responsibilities of platforms regarding data security and personal information protection, and special provisions for minors [5]. Data Protection and Information Handling - The management measures stipulate that internet platforms must minimize the collection of personal information and only gather data necessary for identity verification, adhering to the principle of "minimum necessity" [7]. - The measures require that personal information processing must comply with legal obligations, including obtaining user consent for sensitive data handling [7][8]. Data Security Regulations - The management measures mandate that public service platforms implement robust security management systems and technical safeguards to protect data and personal information [8]. - Important data must be stored domestically, and any international data transfer must undergo security assessments [8]. Public Feedback and Revisions - The public consultation period received over 17,000 suggestions, indicating strong public support for the management measures, with significant increases in app downloads and service applications during this time [10][11]. Advantages of National Network Identity Authentication Service - The service offers several advantages over existing authentication methods, including authority based on official identification, enhanced security through anonymization, and convenience for users [13][14]. - It is designed to be a public service, providing free access to businesses for legally required identity verification, thus reducing costs and improving user experience [14]. Data Security Measures - The platform has established a comprehensive security framework that includes data classification, lifecycle protection, and strict access controls to ensure data security [15]. - Regular security drills and assessments are conducted to maintain a proactive defense against potential data breaches [15].

Core Points - The article discusses the implementation of the "National Network Identity Authentication Public Service Management Measures," which will take effect on July 15, 2025, aimed at enhancing digital identity security and supporting the digital economy [1][2][9] Group 1: Public Service Framework - The public service refers to a national platform that provides services such as applying for network numbers and certificates, and verifying identity based on legal identification documents [2][3] - The network number is a non-explicit identity symbol composed of letters and numbers, while the network certificate carries the network number and non-explicit identity information [2][3] Group 2: User Participation and Rights - Individuals with valid legal identification can voluntarily apply for a network number and certificate, with parental consent required for minors [3][4] - Internet platforms must ensure equal service for users who do not use network numbers or certificates but have verified their identity through other means [4] Group 3: Data Protection and Privacy - Internet platforms are prohibited from requiring users to provide explicit identity information if they have verified their identity using network numbers or certificates, except as required by law or with user consent [4][5] - The public service platform is limited to collecting only the information necessary for identity authentication and must inform users about data processing practices [5][6] Group 4: Security and Compliance - The public service platform must implement security measures to protect data and personal information, ensuring that important data is stored domestically [7][8] - Violations of the management measures can lead to penalties under relevant laws, and responsible parties may face legal consequences [8][9]

日前，国家计算机病毒应急处理中心再次通报65款违规移动应用。事实上，南都·湾财社注意到自2024年以来，上述机构已经先后多次密集通报 了多款违规移动应用，金融类APP成为其中的重灾区之一。 南都·湾财社梳理发现，2024年以来，共有28款金融类APP被"点名"，涉及63条违规事由。被通报的金融APP覆盖银行、证券、基金、信贷等多个 领域，既有地方农商行的官方应用，也有知名互联网金融平台。 在金融数据与用户财产安全高度绑定的当下，这些违规金融APP犹如悬在用户头顶的利剑，随时可能侵犯用户权益。南都·湾财社对部分被点名 的金融APP进行了回测，发现各家金融APP的整改情况并不相同，部分APP仍未完成整改。 2024年至今28款金融APP被"点名" 违规事由达63条 近日，国家计算机病毒应急处理中心通报了65款违规移动应用，经该中心检测，这些移动应用存在违法违规收集使用个人信息情况，包括无隐私 政策、APP未在征得用户同意后开始收集个人信息或打开可收集个人信息的权限等违规情形。 事实上，自2024年以来，国家计算机病毒应急处理中心就加大了对违规APP的检测和治理力度，并定期通报违规移动应用。根据国家计算机病毒 应急 ...

Core Viewpoint - The National Cybersecurity and Information Security Information Notification Center reported that 35 apps in Tencent's mobile app store "Yingyongbao" were found to illegally collect and use personal information, highlighting compliance issues in the emerging generative AI sector [1][2][4]. Group 1: Violations and Affected Apps - The reported violations involved 11 categories, with the most prominent being illegal notification forms, excessive information collection, and unrelated collection frequency, affecting 18, 12, and 10 apps respectively [1]. - Among the 35 apps, approximately 15 are video editing tools, 11 are AIGC (AI-generated content) tools, and 4 are AI education tools, indicating a significant reliance on user data in the generative AI technology field [1][2]. Group 2: Regulatory Context and Actions - The legal basis for the detection report includes the "Cybersecurity Law of the People's Republic of China" and the "Personal Information Protection Law," with enforcement actions being part of a broader initiative by multiple government departments [4][5]. - The report marks the first proactive intervention by the Ministry of Public Security regarding early-stage illegal collection of personal information by apps, suggesting a potential shift towards a long-term regulatory mechanism [3][4]. Group 3: Industry Response and Compliance - Companies involved have not publicly responded to the report, although some have reportedly received rectification requests, indicating a need for immediate compliance [3]. - The increasing regulatory scrutiny necessitates that app operators prioritize legal compliance regarding personal information collection and usage, as highlighted by the implementation of the "Personal Information Protection Compliance Audit Management Measures" [5][6].

针对学生群体，该团伙通过招募学生兼职拉人头的方式，许诺其只要拉够一定数量需要办理储蓄卡、信用卡的同学前往咨询，就可以获取200到300元不等的 好处费、人头费。一旦有人咨询，犯罪嫌疑人以办理信用卡、储蓄卡送礼品、现金返利为诱饵，吸引学生办卡。在办卡时，谎称录入信息不成功要求重新输 入，在他们不知情的情况下，窃取身份和人脸信息，违规办理电话卡。 针对老年群体，该团伙则在各大菜场、商场等地，以开户后三个月即销户、开户即赠送大米、鸡蛋等为诱饵，诱骗前来领取免费赠品的老年人开办新入网手 机卡。在确认老人没有使用的需求后，当面上演一出当场假装掰断卡的动作，将这些已通过身份证实名认证的手机卡非法截留。随后，这些电话卡插入"猫 池"来批量接收验证码，再将验证码转发给境外诈骗团伙，用于注册短视频、购物、交友软件等平台账户，为诈骗等违法犯罪活动提供便利。 目前，13名犯罪嫌疑人已被警方依法刑事拘留，案件在进一步侦办中。 在这起案件中，市民群众不难发现，这些非法获取的手机卡及其服务密码被诈骗分子利用后，将会为电信网络诈骗、网络赌博、洗钱等违法犯罪活动提供便 利条件，也会使网络环境充斥大量虚假账号和恶意行为，影响互联网企业正常运营 ...

Core Points - The Ministry of Industry and Information Technology of China is soliciting opinions on the draft mandatory national standard for "Safety Technical Requirements for Children's Watches" [1][2] - The standard addresses various aspects including battery safety, network security, prevention of internet addiction, and payment control [1] - The definition of children's watches includes those designed for children aged 3 to 14 years, with smart features such as communication and location tracking [1] Summary by Categories Information Security - The standard specifies six aspects to ensure product safety, requiring watches to have security management mechanisms for applications or installation programs to prevent malicious software [1][2] Data Security and Personal Information Protection - Eight aspects are outlined to ensure data security, including the need for dedicated rules for processing children's personal information and restrictions on default access to microphone, camera, and location services [1][2] Content Security - Ten aspects are proposed to ensure content safety, including the establishment of a dedicated content pool for children and the prohibition of pre-installed generative voice Q&A applications [2] Biometric Recognition - The standard includes provisions for biometric recognition, allowing registered users to deactivate this feature and requiring watches to have detection capabilities for anti-spoofing attacks [2]

Core Points - The article discusses the legal implications of personal information protection in the context of digital transactions, highlighting a case where a consumer's information was allegedly shared without consent [1][2][3] - The Beijing Internet Court ruled that the collection of transaction information by a WeChat mini-program without explicit consent constitutes a violation of personal information rights [2] Group 1: Legal Framework - According to China's Personal Information Protection Law, personal information processors must obtain consent from individuals before processing their data, or it must be necessary for the performance of a contract [2] - The court found that the WeChat mini-program did not clearly inform consumers about the collection of their transaction data in its user agreement or privacy policy [2] Group 2: Case Details - The consumer, Mr. Ma, argued that his offline shopping information was unlawfully obtained by the WeChat mini-program, leading to a lawsuit for an apology [1] - The court determined that the transaction details, such as store location and payment amount, are considered personal information and that the mini-program's data collection was not essential for the payment process [2] Group 3: Industry Implications - The Beijing Internet Court has seen a wide range of cases related to personal information protection across various sectors, including social media, e-commerce, and financial services [3] - The court emphasized the importance of public awareness regarding personal information protection and advised consumers to be cautious about sharing their data [3]

财报显示，爱奇艺去年营收292.3亿元，同比下降8%；非美国通用会计准则下，归属于公司的净利润为15.1亿元，同比下滑47%；全年会员收入约177.6亿 元，同比下降13%。 the first (VF the state 1 the the 针对报告披露的问题，爱奇艺公司正与合作方一道认真核查，积极整改，后续将更新合规的新版本应用。公司会继续严格落实个人信息保护的主体责任，为 用户提供安全优质的服务。 国家计算机病毒应急处理中心网站5月13日通报称，发现65款违法违规收集使用个人信息的移动应用。其中，涉及《爱奇艺》(版本 X9M_m1e_17.0.0.20221018，奇瑞预装第三方应用)，违规事项为：个人信息处理者向其他个人信息处理者提供其处理的个人信息的，未向个人告知接收方的 名称或者姓名、联系方式、处理目的、处理方式和个人信息的种类，并取得个人的单独同意。 《个人信息保护法》第十三条规定，个人信息处理者处理个人信息，需要取得个人的同意；第十四条规定，基于个人同意处理个人信息的，该同意应当由个 人在充分知情的前提下自愿、明确作出。法律、行政法规规定处理个人信息应当取得个人单独同意或者书面同意的，从其规定 ...

Core Viewpoint - iQIYI has acknowledged issues related to personal information collection and usage in its application, and is taking steps to rectify these problems in collaboration with its partners [1][2]. Group 1: Company Response - iQIYI has initiated an internal investigation following the report from the National Computer Virus Emergency Response Center regarding its application version X9M_m1e_17.0.0.20221018 [1]. - The company emphasizes its commitment to personal information protection and plans to release a compliant version of the application [1]. Group 2: Regulatory Context - The National Cybersecurity and Information Security Information Notification Center reported that 65 mobile applications, including iQIYI's, were found to be in violation of personal information protection laws [2]. - The report is part of a broader initiative under the 2025 personal information protection action plan mandated by various regulatory bodies [2]. Group 3: Specific Violations Identified - iQIYI's application was flagged for five specific violations, including failure to inform users about third-party data sharing and not providing adequate options for users to manage their personal information [3]. - Other issues included delays in processing user requests for data correction or deletion, lack of mechanisms for users to withdraw consent for data collection, and inadequate options for users to refuse automated marketing [3].