Core Viewpoint - The article emphasizes the urgent need for enhanced regulation and legal frameworks to address the growing issue of personal information leakage and the phenomenon known as "opening boxes" which exposes individuals' private information online [1][2][3]. Group 1: Regulatory Response - The Central Cyberspace Administration has issued a notice to strengthen the management of "opening boxes" by blocking information dissemination, improving early warning mechanisms, increasing punitive measures, and optimizing protective measures [1]. - There is a societal expectation for stronger regulations to combat the rampant issue of personal information leakage and the associated risks of online violence [1][2]. Group 2: Nature of the Problem - "Opening boxes" refers to the online exposure of personal privacy, which has escalated fears regarding information leakage, with the severity of such leaks surpassing public awareness [2]. - The prevalence of app-based over-collection of personal data, harassment calls, and targeted telecom fraud highlights the pervasive nature of personal information collection [2][3]. Group 3: Legal Framework and Challenges - Current laws protecting personal biometric information are fragmented across various legal texts, making enforcement challenging [4]. - Despite the introduction of guidelines to punish online violence, many cases remain unresolved due to insufficient evidence and difficulties in cross-platform evidence collection [4]. - There is a pressing need for clearer legal standards regarding the punishment of information misuse and for establishing a cross-platform defense mechanism to enhance personal information protection [4].

Core Viewpoint - The rise of "open box" behavior, a new form of online violence and illegal activity, has prompted regulatory bodies to take action to combat this issue, emphasizing the need for stricter measures and enhanced protection for personal information [1][7][11]. Group 1: Regulatory Actions - The Central Cyberspace Administration of China has issued a notice outlining requirements to combat "open box" issues, including blocking information dissemination, improving early warning mechanisms, increasing punitive measures, and enhancing protective measures [1][11]. - Major platforms such as Weibo, Tencent, Douyin, Kuaishou, Baidu, Xiaohongshu, Zhihu, Bilibili, and Douban have been instructed to implement these requirements and take responsibility for curbing "open box" activities [7][11]. - Three large websites have been penalized for failing to comply with regulations regarding "open box" behavior, highlighting the government's zero-tolerance approach [7]. Group 2: Nature of "Open Box" Behavior - "Open box" behavior involves maliciously disclosing personal information such as names, ID numbers, phone numbers, and addresses, inciting online harassment and abuse [2][8]. - Investigations revealed that illegal services for obtaining personal information are still prevalent on various online platforms, with some sites openly advertising their services [2][4][6]. - The pricing for these illegal services ranges from hundreds to thousands of yuan, depending on the sensitivity of the information requested [2][6]. Group 3: Legal Framework and Consequences - Recent guidelines from the "Two Highs and One Department" emphasize the legal repercussions for organizing "human flesh searches" and illegally collecting and disseminating personal information, which can lead to severe penalties under criminal law [10]. - The Civil Code affirms individuals' rights to privacy, making unauthorized disclosure of personal information a violation that can result in legal action [10]. - Legal experts warn that the consequences of "open box" behavior can include civil liability for damages and potential criminal charges for severe violations [8][10]. Group 4: Future Measures and Recommendations - The Central Cyberspace Administration plans to continue its high-intensity crackdown on "open box" issues while enhancing protective measures for personal information [11]. - Recommendations include improving data collection and usage boundaries on platforms, implementing desensitization of sensitive information, and utilizing AI to identify malicious content [10][11]. - Users are encouraged to increase their awareness of "open box" risks and take proactive steps to protect their personal information [11].

Core Viewpoint - The Central Cyberspace Administration of China has initiated a comprehensive crackdown on the "opening box" issue, which involves the illegal acquisition and public disclosure of personal information, following a significant investigative report that gained widespread attention [1][2][3]. Group 1: Regulatory Actions - The Central Cyberspace Administration has issued a notice to enhance the management of the "opening box" issue, focusing on blocking the dissemination of related information, improving early warning mechanisms, increasing punitive measures, and optimizing protective measures [2][4]. - A special meeting was convened, requiring major platforms such as Weibo, Tencent, Douyin, Kuaishou, Baidu, Xiaohongshu, Zhihu, Bilibili, and Douban to implement the tasks outlined in the notice with a "zero tolerance" approach towards the "opening box" phenomenon [2][4]. Group 2: Investigative Findings - An investigative report by Southern Metropolis Daily revealed that personal information was easily purchased from "social engineering" service providers, highlighting the severity of the issue with specific examples of personal data being sold [3]. - The investigation demonstrated that for a fee of 300 to 320 yuan, reporters were able to obtain detailed personal information, including ID numbers and residential addresses, indicating a well-established black market for personal data [3]. Group 3: Public and Media Response - The investigative report received significant media coverage, being shared by over 200 domestic and international media outlets, leading to a total online engagement exceeding 100 million [1][3]. - Following the report, more than 20 media outlets began to replicate the investigative methods, maintaining focus on the "human flesh opening box" topic, which has raised public awareness about personal information security [3]. Group 4: Law Enforcement Involvement - The Central Cyberspace Administration, along with the Ministry of Public Security and other departments, has launched a series of special actions aimed at protecting personal information, specifically targeting the illegal sale of citizen data through foreign channels [4]. - Law enforcement agencies have already begun investigations into the black and gray market activities that infringe upon citizens' personal information, indicating a proactive approach to addressing the issue [4].

二是升级完善保护措施。 指导网站平台在前期治理网络暴力的基础上，进一步升级完善防护 措施，加大"开盒"风险提示力度，设置涉"开盒"举报快速入口，及时核实网民投诉举报，最大 限度帮助网民防范和处置"开盒"问题风险。 中央网信办有关负责同志强调，利用"开盒"等方式非法获取并公开他人个人信息，涉嫌违法犯 罪，性质极为恶劣。下一步，中央网信办将继续坚持高强度打击和高力度保护并重，着力做 好"开盒"问题整治工作。 一是全力阻断传播渠道。 督促网站平台深入清理各类违法发布个人信息，诱导网民跟进泄露 隐私，借机进行攻击谩骂、嘲讽贬低的内容，清理教授、买卖或者提供"开盒"方法、教程和服 务等信息内容，对于组织煽动"开盒"、提供"开盒"服务等账号、群组，一律予以关闭或者解 散。 据央视新闻报道，近日，中央网信办专门印发通知，从阻断"开盒"信息传播、完善预警机制、 加大惩治力度、优化保护措施、加强宣传引导等多个维度明确工作要求，督促各地网信部门、 各网站平台进一步强化"开盒"问题整治工作。同时，召开专题部署会议， 要求微博、腾讯、 抖音、快手、百度、小红书、知乎、哔哩哔哩、豆瓣等多家重点网站平台，对照通知抓好各项 任务落实 ， ...

Regulatory Developments - The Cyberspace Administration of China announced the interim results of algorithm governance, highlighting that major platforms like Douyin and Xiaohongshu have optimized their recommendation algorithms and introduced innovative features such as "Cocoon Assessment" and "One-Click Break Cocoon" [2] - Six departments, including the Ministry of Public Security and the National Internet Information Office, jointly released the "National Network Identity Authentication Public Service Management Measures," which will take effect on July 15. The measures emphasize the voluntary use of network numbers and certificates, with a focus on protecting minors and the elderly [3] - The State Administration for Market Regulation published the "Guidelines for Compliance of Charging Behavior on Online Trading Platforms (Draft for Comments)," which outlines eight unreasonable charging behaviors that platforms must avoid, including duplicate charges and price discrimination [4] - A total of 35 apps, including Zhiyu Qingyan and Kimi, were reported for illegal collection and use of personal information, as per the National Cyber and Information Security Information Notification Center [5] International Developments - The U.S. Department of Justice is investigating Google for potential antitrust violations related to its agreement with Character.AI, a chatbot manufacturer, to use its AI technology [6] - A California judge imposed a fine of $31,000 on two law firms for submitting documents that contained false and misleading legal citations without disclosing the use of AI [7][8] - A report from the International Labour Organization indicates that one-quarter of global jobs may be affected by generative AI, with high-income countries facing a higher impact rate of 34% [8] - A landmark case in the U.S. involves a lawsuit against Google and Character.AI related to a minor's suicide, with the court ruling that both companies must face the allegations [8]

Core Viewpoint - The introduction of the "National Network Identity Authentication Public Service Management Measures" aims to establish a reliable digital identity system to enhance personal information protection and support the development of the digital economy, effective from July 15, 2025 [1][2][3]. Background - The rapid growth of the internet and digital economy has led to an increased demand for reliable personal identity authentication services, highlighting issues such as unauthorized data collection and the need for a trustworthy digital identity framework [2]. - The Chinese government emphasizes the importance of personal information protection and the establishment of a digital identity management system in various national policies and plans [2]. Legal Basis - The management measures are supported by several laws, including the Cybersecurity Law, Personal Information Protection Law, and Anti-Telecom Fraud Law, which advocate for the development of secure electronic identity authentication technologies [4]. Main Content of the Management Measures - The management measures consist of 16 articles covering four main areas: definitions and application of national network identity authentication services, responsibilities of platforms regarding data security and personal information protection, and special provisions for minors [5]. Data Protection and Information Handling - The management measures stipulate that internet platforms must minimize the collection of personal information and only gather data necessary for identity verification, adhering to the principle of "minimum necessity" [7]. - The measures require that personal information processing must comply with legal obligations, including obtaining user consent for sensitive data handling [7][8]. Data Security Regulations - The management measures mandate that public service platforms implement robust security management systems and technical safeguards to protect data and personal information [8]. - Important data must be stored domestically, and any international data transfer must undergo security assessments [8]. Public Feedback and Revisions - The public consultation period received over 17,000 suggestions, indicating strong public support for the management measures, with significant increases in app downloads and service applications during this time [10][11]. Advantages of National Network Identity Authentication Service - The service offers several advantages over existing authentication methods, including authority based on official identification, enhanced security through anonymization, and convenience for users [13][14]. - It is designed to be a public service, providing free access to businesses for legally required identity verification, thus reducing costs and improving user experience [14]. Data Security Measures - The platform has established a comprehensive security framework that includes data classification, lifecycle protection, and strict access controls to ensure data security [15]. - Regular security drills and assessments are conducted to maintain a proactive defense against potential data breaches [15].

Core Points - The article discusses the implementation of the "National Network Identity Authentication Public Service Management Measures," which will take effect on July 15, 2025, aimed at enhancing digital identity security and supporting the digital economy [1][2][9] Group 1: Public Service Framework - The public service refers to a national platform that provides services such as applying for network numbers and certificates, and verifying identity based on legal identification documents [2][3] - The network number is a non-explicit identity symbol composed of letters and numbers, while the network certificate carries the network number and non-explicit identity information [2][3] Group 2: User Participation and Rights - Individuals with valid legal identification can voluntarily apply for a network number and certificate, with parental consent required for minors [3][4] - Internet platforms must ensure equal service for users who do not use network numbers or certificates but have verified their identity through other means [4] Group 3: Data Protection and Privacy - Internet platforms are prohibited from requiring users to provide explicit identity information if they have verified their identity using network numbers or certificates, except as required by law or with user consent [4][5] - The public service platform is limited to collecting only the information necessary for identity authentication and must inform users about data processing practices [5][6] Group 4: Security and Compliance - The public service platform must implement security measures to protect data and personal information, ensuring that important data is stored domestically [7][8] - Violations of the management measures can lead to penalties under relevant laws, and responsible parties may face legal consequences [8][9]

日前，国家计算机病毒应急处理中心再次通报65款违规移动应用。事实上，南都·湾财社注意到自2024年以来，上述机构已经先后多次密集通报 了多款违规移动应用，金融类APP成为其中的重灾区之一。 南都·湾财社梳理发现，2024年以来，共有28款金融类APP被"点名"，涉及63条违规事由。被通报的金融APP覆盖银行、证券、基金、信贷等多个 领域，既有地方农商行的官方应用，也有知名互联网金融平台。 在金融数据与用户财产安全高度绑定的当下，这些违规金融APP犹如悬在用户头顶的利剑，随时可能侵犯用户权益。南都·湾财社对部分被点名 的金融APP进行了回测，发现各家金融APP的整改情况并不相同，部分APP仍未完成整改。 2024年至今28款金融APP被"点名" 违规事由达63条 近日，国家计算机病毒应急处理中心通报了65款违规移动应用，经该中心检测，这些移动应用存在违法违规收集使用个人信息情况，包括无隐私 政策、APP未在征得用户同意后开始收集个人信息或打开可收集个人信息的权限等违规情形。 事实上，自2024年以来，国家计算机病毒应急处理中心就加大了对违规APP的检测和治理力度，并定期通报违规移动应用。根据国家计算机病毒 应急 ...

Core Viewpoint - The National Cybersecurity and Information Security Information Notification Center reported that 35 apps in Tencent's mobile app store "Yingyongbao" were found to illegally collect and use personal information, highlighting compliance issues in the emerging generative AI sector [1][2][4]. Group 1: Violations and Affected Apps - The reported violations involved 11 categories, with the most prominent being illegal notification forms, excessive information collection, and unrelated collection frequency, affecting 18, 12, and 10 apps respectively [1]. - Among the 35 apps, approximately 15 are video editing tools, 11 are AIGC (AI-generated content) tools, and 4 are AI education tools, indicating a significant reliance on user data in the generative AI technology field [1][2]. Group 2: Regulatory Context and Actions - The legal basis for the detection report includes the "Cybersecurity Law of the People's Republic of China" and the "Personal Information Protection Law," with enforcement actions being part of a broader initiative by multiple government departments [4][5]. - The report marks the first proactive intervention by the Ministry of Public Security regarding early-stage illegal collection of personal information by apps, suggesting a potential shift towards a long-term regulatory mechanism [3][4]. Group 3: Industry Response and Compliance - Companies involved have not publicly responded to the report, although some have reportedly received rectification requests, indicating a need for immediate compliance [3]. - The increasing regulatory scrutiny necessitates that app operators prioritize legal compliance regarding personal information collection and usage, as highlighted by the implementation of the "Personal Information Protection Compliance Audit Management Measures" [5][6].

针对学生群体，该团伙通过招募学生兼职拉人头的方式，许诺其只要拉够一定数量需要办理储蓄卡、信用卡的同学前往咨询，就可以获取200到300元不等的 好处费、人头费。一旦有人咨询，犯罪嫌疑人以办理信用卡、储蓄卡送礼品、现金返利为诱饵，吸引学生办卡。在办卡时，谎称录入信息不成功要求重新输 入，在他们不知情的情况下，窃取身份和人脸信息，违规办理电话卡。 针对老年群体，该团伙则在各大菜场、商场等地，以开户后三个月即销户、开户即赠送大米、鸡蛋等为诱饵，诱骗前来领取免费赠品的老年人开办新入网手 机卡。在确认老人没有使用的需求后，当面上演一出当场假装掰断卡的动作，将这些已通过身份证实名认证的手机卡非法截留。随后，这些电话卡插入"猫 池"来批量接收验证码，再将验证码转发给境外诈骗团伙，用于注册短视频、购物、交友软件等平台账户，为诈骗等违法犯罪活动提供便利。 目前，13名犯罪嫌疑人已被警方依法刑事拘留，案件在进一步侦办中。 在这起案件中，市民群众不难发现，这些非法获取的手机卡及其服务密码被诈骗分子利用后，将会为电信网络诈骗、网络赌博、洗钱等违法犯罪活动提供便 利条件，也会使网络环境充斥大量虚假账号和恶意行为，影响互联网企业正常运营 ...