Core Viewpoint - The China Cybersecurity Association has organized and guided the optimization of five apps in response to issues related to the collection and use of personal information, aiming to enhance compliance with relevant laws and regulations [1] Group 1: Regulatory Compliance - The initiative focuses on addressing problems such as excessive collection of personal information, overuse of sensitive permissions, inconvenient permission settings, and difficulties in account cancellation [1] - The optimization is in accordance with the Cybersecurity Law of the People's Republic of China, the Personal Information Protection Law, and regulations on necessary personal information for common types of mobile internet applications [1] Group 2: App Updates - Five app operators have released updated versions of their applications on app stores or official websites, committing to maintain compliance levels in future updates [1] - The list of optimized apps includes: 1. Cainiao (Mail and Express Delivery) - Version 8.10.715 2. Dongchedi (Used Car Trading) - Version 8.6.7 3. Yiche (Automobile Services) - Version 11.38.1 4. Mafengwo (Travel Services) - Version 11.3.3 5. Tuniu (Travel Services) - Version 11.44.0 [1]

国家网络安全通报中心日前发布消息称，经国家计算机病毒应急处理中心检测，发现68款移动应用存在 违法违规收集使用个人信息的情况。记者注意到，这些移动应用中，有2家券商机构APP在列，涉及银 泰证券和财达证券。据了解，国家网络安全通报中心发布权威网络安全预警信息，传播网络安全防范知 识技能。据该中心通报，经国家计算机病毒应急处理中心检测，上述68款移动应用存在违法违规收集使 用个人信息情况，检测时间为2025年6月11日至7月1日。（中国证券报） ...

Core Points - The case involves a social media platform where personal information of an individual, Zheng, was illegally collected and publicly shared, leading to online harassment [1][2] - The Beijing Internet Court ruled that both the user who published the infringing content and the platform that failed to ensure information security must bear liability for the infringement [4][7] Group 1: Incident Overview - Zheng's personal information, including account details and identification documents, was illegally collected and published due to differing opinions on a celebrity event [2][4] - The platform only took minimal actions, such as making the content private or deleting it, without further measures to protect user information [1][9] Group 2: Legal Proceedings - The technology company claimed it fulfilled its legal obligations as a network service provider and argued that the personal information leak was not possible due to their security measures [2][8] - The defendant, Zhang, denied using the social media platform and claimed the IP address of the infringing account was from a foreign country, but did not provide evidence of account theft [3][4] Group 3: Court Findings - The court determined that Zhang was the actual user of the infringing account and had violated Zheng's privacy and reputation by publicly sharing sensitive information [4][6] - The court highlighted that the technology company had data security management vulnerabilities and failed to take adequate measures to protect user information, leading to multiple users being similarly affected [8][9] Group 4: Implications for the Industry - The case illustrates the emerging trend of "opening boxes" as a form of online violence, combining doxxing and cyberbullying [10] - The court emphasized that online platforms must continuously improve their technical and management measures to fulfill their obligations in safeguarding personal information [10]

Core Viewpoint - The National Cybersecurity Incident Response Center has identified 68 mobile applications that illegally collect and use personal information, including apps from two brokerage firms, Yintai Securities and Caida Securities [1][2]. Group 1: Violations Identified - The 68 mobile applications were found to have 13 types of violations, with three major issues highlighted: 1. Privacy policies not clearly listing the purposes, methods, and scope of personal information collection, affecting 30 applications [1]. 2. Failure to provide users with a way to withdraw consent for personal information collection, impacting 35 applications, including Caida Securities' app "Caida Financial Daily" (version 3.65) [1][2]. 3. Lack of appropriate security measures such as encryption and anonymization, affecting 31 applications [2]. Group 2: Specific Brokerage Apps - The identified brokerage applications include: - "Yintai Zhangyibao" (version 5.1.0) from Yintai Securities, which violated multiple regulations [2]. - "Caida Financial Daily" (version 3.65) from Caida Securities, which also failed to comply with several requirements [2][3]. Group 3: Previous Reports - Since 2025, the National Cybersecurity Incident Response Center has released eight lists of illegal mobile applications, with several brokerage apps being named in previous reports [3].

Core Viewpoint - The National Cybersecurity Notification Center has reported that 68 mobile applications, including those from Yintai Securities and Caida Securities, have been found to illegally collect and use personal information [1] Group 1: Violations and Impact - A total of 68 mobile applications were identified with 13 types of violations related to personal information collection and usage [1] - The applications span various categories, including dining, gaming, social networking, lifestyle services, and financial applications [1]

Core Viewpoint - The National Cybersecurity and Information Security Information Notification Center reported 64 mobile applications that illegally collected and used personal information, including several well-known tea beverage brands' ordering mini-programs, highlighting significant privacy issues within the industry [1][2]. Group 1: Overview of Violations - Among the 64 problematic applications, 30 did not provide users with a way to withdraw consent for personal information collection, indicating a severe issue [1]. - 29 applications failed to implement necessary security measures such as encryption and de-identification [1]. - 25 applications did not clearly outline the purposes, methods, and scope of personal information collection in their privacy policies [1]. Group 2: Specific Applications Highlighted - The application "霸王茶姬" (version 5.78.8) exhibited four types of issues, including a lack of clear privacy policy details and failure to provide timely responses for user requests regarding personal information [2]. - "太平洋咖啡会员" (version 3.3.0) also faced four issues, notably not informing users about the privacy policy at the app's first run and not obtaining user consent before collecting personal information [2]. Group 3: Detection and Reporting - The problematic applications were detected by the National Computer Virus Emergency Response Center between May 23, 2025, and June 11, 2025 [3].

Core Viewpoint - The National Cybersecurity and Information Security Information Notification Center reported that 64 mobile applications are found to illegally collect and use personal information [1] Group 1 - 64 mobile applications have been detected for illegal collection and usage of personal information [1]

Core Points - The case highlights the misuse of AI technology for personal information security breaches, specifically through the creation of fake compromising images for extortion purposes [1][2] - The defendants, using AI, synthesized fake nude photos of victims and sent extortion letters, resulting in a total illicit gain of 140,000 RMB [1] - The court sentenced the defendants to three years in prison and a fine of 30,000 RMB, emphasizing the seriousness of extortion crimes [2] Summary by Sections - **AI Technology Misuse**: The case illustrates how AI can be exploited to create realistic fake images, posing significant risks to personal information security [1][2] - **Criminal Actions**: The defendants collected personal data online, created fake images, and sent extortion letters to victims, leading to substantial financial gain [1] - **Legal Consequences**: The court's ruling reflects the legal system's stance on extortion, with the defendants receiving a three-year prison sentence and a monetary penalty [2] - **Public Awareness**: The judge's remarks serve as a warning to the public about the dangers of sharing personal information and the need for vigilance against extortion attempts [2]

Core Viewpoint - The increasing application of facial recognition technology in various sectors raises significant concerns regarding personal information security, prompting the introduction of regulatory measures to ensure safe usage [1][12]. Group 1: Regulatory Framework - The "Facial Recognition Technology Application Security Management Measures" will take effect on June 1, aiming to standardize the use of facial recognition technology and protect personal information [1][12]. - Organizations must obtain explicit consent from individuals before processing their facial information, allowing individuals the right to withdraw consent easily [2][5]. - For entities processing facial information of over 100,000 individuals, a registration requirement is established, mandating submission of relevant materials to local internet information departments within 30 working days [2]. Group 2: Special Provisions for Vulnerable Groups - The regulation includes specific provisions for vulnerable groups, such as the elderly and disabled, ensuring that their facial information is processed in compliance with accessibility standards and the principle of minimal necessity [7][3]. - In cases where individuals do not consent to facial recognition, alternative and reasonable identity verification methods must be provided [5][4]. Group 3: Public Space Regulations - The regulation stipulates that facial recognition devices in public spaces must be necessary for public safety, with clearly defined areas for information collection and prominent signage [11][10]. - The installation of facial recognition devices is prohibited in private spaces within public venues, such as hotel rooms and restrooms [11]. Group 4: Risks and Awareness - The unique and permanent nature of facial information poses significant risks if leaked, potentially endangering personal and public safety [12][14]. - Individuals are encouraged to enhance their awareness of facial information security, being cautious about sharing personal images and videos, and regularly reviewing privacy settings on applications [14][16].

Group 1 - The National Cybersecurity Incident Response Center detected 63 mobile applications that illegally collect and use personal information [1] - The "Xiamen Bank Enterprise Banking" app (version 8.0.0) failed to clearly inform users about its privacy policy and the handling of personal information [1] - The "Ximalaya" app (version 6.1.1.01) did not adequately disclose the purposes, methods, and scope of personal information collection [2] Group 2 - The previous report identified 65 problematic mobile applications, with 16 still having issues upon retesting, leading to their removal from distribution platforms [2] - Xiamen Bank, established in 1996, is the first city commercial bank in mainland China with Taiwanese capital and is listed with stock code 601187.SH [2] - The largest shareholder of Xiamen Bank is the Xiamen Municipal Finance Bureau, holding 19.18%, while the second largest is Fubon Financial Holding from Taiwan, holding 18.03% [2] Group 3 - Ximalaya, founded in 2012, is a popular online audio sharing platform that offers a wide range of audio content for users of all ages, totaling 340 million audio pieces across 101 categories [3]