Core Viewpoint - The Ministry of Industry and Information Technology (MIIT) has issued a notice to launch a pilot program for number protection services to enhance personal information protection and mitigate risks associated with telecom network fraud and unsolicited commercial marketing [1][2]. Group 1: Policy and Implementation - The notice outlines a systematic approach to the pilot program, including the definition of services, responsibilities of involved parties, and management requirements to prevent telecom fraud and regulate commercial marketing calls [2][3]. - The program allows users to choose whether to authorize the use of number protection services, ensuring that service personnel can contact users without accessing their actual phone numbers [2][3]. Group 2: Technical and Operational Aspects - A dedicated number segment, 700, has been planned for the number protection service, which will be distinct from regular mobile and landline numbers, facilitating user recognition [2][3]. - The daily order volume for number protection services in China is currently at least 350 million, indicating a significant demand for this service across various sectors such as delivery and ride-hailing [2]. Group 3: Pilot Phases and Management - The pilot program will consist of three phases: a three-month preparation phase, a three-month transition phase, and a two-year formal pilot phase, after which all services will utilize the 700 dedicated numbers [3]. - Strict supervision and management will be enforced throughout the pilot, with measures in place to trace and prevent misuse of the 700 dedicated numbers, including the potential revocation of pilot qualifications for serious violations [3].

Core Viewpoint - The article emphasizes the importance of protecting facial recognition information as sensitive personal data, highlighting the legal protections and the risks associated with unauthorized collection and misuse of such data [1]. Regulatory Framework - The "Facial Recognition Technology Application Security Management Measures" has been implemented since June, providing specific guidelines for the use of facial recognition technology in public spaces [1]. - The measures require that the processing of facial information must have specific purposes and sufficient necessity, and that personal information handlers must inform individuals and conduct impact assessments [1]. Public Awareness and Advocacy - The Guangdong Provincial Network Data Security and Personal Information Protection Association advocates for several rights regarding facial information processing, including: - Right to know about the collection of facial information [2]. - Right to withdraw consent for facial information processing [2]. - Right to choose verification methods, ensuring multiple options beyond facial recognition [2]. - Right to clearly defined areas for facial information collection, with visible signage [2]. Organizational Role - The Guangdong Provincial Network Data Security and Personal Information Protection Association aims to enhance public awareness of personal information protection and to support the development of a secure data environment in Guangdong [2].

Core Viewpoint - The document discusses the supplementary legal opinion regarding the issuance of A-shares by Zhongke Xingtou Co., Ltd. to specific investors in 2025, focusing on compliance with relevant laws and the necessity of the fundraising projects [3][4]. Group 1: Fundraising Projects - The total amount of funds to be raised from the issuance will not exceed RMB 1 billion, allocated for the construction of three main projects: the Flight Service Digital Infrastructure Platform, the Xingtou Luoshu Defense and Public Safety Big Data Intelligent Analysis Platform, and supplementary working capital [6][7]. - The company’s business includes data services, primarily selling data products processed from raw data using self-developed software [6][7]. - As of December 31, 2024, the funds raised from the company's initial public offering in 2020 and the specific issuance in 2021 have not been fully utilized [6][7]. Group 2: Compliance and Legal Assurance - The supplementary legal opinion confirms that the company has conducted thorough investigations and discussions to ensure compliance with relevant laws, including the Personal Information Protection Law, Data Security Law, and Cybersecurity Law [9][12]. - The company has obtained necessary business qualifications for the implementation of the fundraising projects, ensuring no violations in data procurement or services [9][12]. - The company has committed to taking measures to ensure that its data procurement and service operations comply with applicable laws and regulations [11][12]. Group 3: Project Implementation and Data Procurement - The projects have not yet provided data services to third parties, with only the Xingtou Cloud Project having conducted two preliminary data procurements [8][13]. - The data procurement for the Xingtou Cloud Project is legally compliant, with contracts ensuring that the supplier has the necessary qualifications and that the data provided does not violate any laws [8][13]. - The company has outlined specific data procurement and service content for each project, focusing on high-quality data sets and comprehensive services across various industries [8][9].

Core Points - The National Cybersecurity Notification Center reported that 45 mobile applications were found to illegally collect and use personal information [1] - The findings were based on laws such as the Cybersecurity Law and the Personal Information Protection Law, as part of a special action plan for personal information protection [1] - Specific applications like "4399 Game Box," "Hello," and "Tantan" were highlighted for various violations regarding personal information collection practices [1] Summary by Category - **Illegal Collection of Personal Information** - 45 mobile applications were identified for violating personal information collection regulations [1] - The applications failed to list the purposes, methods, and scope of personal information collection [1] - **Specific Application Violations** - "4399 Game Box" was noted for collecting personal information beyond necessary limits and frequency [1] - "Hello" began collecting personal information without user consent and exceeded authorized collection limits [1] - "Tantan" also collected personal information at frequencies exceeding necessary limits [1] - **Follow-up Actions** - Eight applications from a previous report were still found to have issues upon retesting, leading to their removal from distribution platforms [2]

为切实提升社会公众的个人信息保护意识，构建安全稳定的金融环境，民生银行济南槐荫支行近期组织 开展了形式多样的个人信息保护宣传活动。活动聚焦厅堂客户与周边商户两大群体，通过多维度宣传教 育，助力公众筑牢信息安全防线。 支行立足网点服务优势，将金融知识普及与日常业务办理深度融合。在营业厅内，专门设立了公众教育 区，陈列各类个人信息保护宣传资料，并配备金融知识专员为客户提供一对一讲解。工作人员重点介绍 了常见APP收集个人信息的范围、信息泄露的潜在风险，以及如何通过设置隐私权限、谨慎授权等方式 为个人信息"加密"。同时，针对信息泄露后的维权流程，支行详细讲解了正规投诉渠道，帮助客户掌握 依法维权的有效途径。 针对周边商户这一信息流转关键环节，支行组建专项宣传团队，开展"网格化"普法服务。工作人员采 取"走访+驻点"相结合的模式，深入商户发放《个人信息保护指南》，并结合金融诈骗典型案例，生动 阐释违规收集、滥用客户信息的法律后果。特别针对小微企业，宣传团队详细解读了《个人信息保护 法》中关于信息采集、存储、使用的合规要求，指导商户完善客户信息管理机制，从源头防范信息泄露 风险。 此次活动有效提升了参与公众对个人信息保 ...

Core Viewpoint - The National Cybersecurity Notification Center has announced that 45 mobile applications are found to illegally collect and use personal information, highlighting the need for enhanced personal information protection and public privacy awareness [1] Group 1: Violations Identified - The identified applications have issues such as not disclosing collection and usage rules, failing to list collection purposes individually, and collecting information beyond authorized limits [1] - Notable applications mentioned include "Qing E," "4399 Game Box," and "Che Lun Driving Test App" [1] Group 2: Regulatory Actions - Relevant platforms have taken action by removing some of the problematic applications from their stores [1] - The announcement aims to strengthen personal information protection measures [1]

Core Viewpoint - The article discusses the pervasive use of facial recognition technology in real estate sales offices in China, highlighting privacy concerns and the lack of compliance with new regulations aimed at protecting personal data [3][4]. Group 1: Surveillance in Real Estate Sales Offices - Real estate sales offices are equipped with numerous cameras, often without clear signage indicating their presence or purpose [5][9]. - Visitors often feel the need to disguise themselves to avoid having their facial data collected and recorded, which can affect their ability to choose different agents [6][12]. - The cameras are used to track visitors and determine if they are first-time clients, with facial data typically stored for 1 to 3 months [6][12]. Group 2: Compliance Issues - The new regulations require clear signage and consent for facial recognition data collection, which many sales offices fail to provide [8][14]. - There are reports of companies collecting facial data without proper consent, leading to administrative penalties [20][21]. - Experts argue that the current practices violate the principle of necessity, as the purpose of data collection is not clearly communicated to clients [14][21]. Group 3: Industry Practices and Implications - Real estate developers use facial recognition to differentiate between direct clients and those referred by agents, impacting commission structures [13][22]. - The technology is seen as a "secret weapon" to control commission costs and ensure that sales staff benefit from direct sales [13][22]. - There are alternative methods suggested for verifying client identity that do not rely on facial recognition, such as using access cards or QR codes [23].

Core Viewpoint - The National Cybersecurity Incident Response Center reported that 64 mobile applications are illegally collecting and using personal information, including apps from seven financial institutions [1][2][3]. Summary by Sections Violations Identified - The 64 mobile applications are associated with 13 types of violations, with three major categories being highlighted: 1. Privacy policies not clearly listing the purposes, methods, and scope of personal information collection, affecting 25 apps including those from Longjiang Bank and Shengan Securities [5]. 2. Failure to provide users with a way to withdraw consent for personal information collection, impacting 30 apps including those from Industrial Securities and Hainan Airlines [6]. 3. Lack of appropriate security measures such as encryption and de-identification, involving 29 apps including those from Chengtong Securities and Zhilian Recruitment [7]. Types of Applications Affected - The identified applications span various sectors, including dining, gaming, recruitment, social networking, life services, and financial services. Notable brands like Starbucks and several tea brands were also mentioned [9]. Financial Institutions Involved - The financial institutions implicated include four securities firms and three banks, with specific versions of their applications listed. For instance, Chengtong Securities (version 6.0.3.0) and Longjiang Bank (version 2.00.03) are among those noted [9]. Previous Reports and Ongoing Actions - Since 2025, the National Cybersecurity Incident Response Center has released six lists of violating mobile applications, with several financial institutions previously named. The ongoing initiative aims to address typical violations and ensure the protection of personal information [10].

Core Insights - The investigation reveals that despite e-commerce platforms implementing privacy measures, there are numerous intermediaries offering "decryption" services for personal information at a low cost, indicating a significant gap in personal data protection [1] Group 1: Causes of Personal Information Leakage - The primary reason for personal information leakage is the existence of a substantial marketing profit chain that relies on personal data, with underground markets for personal information trading remaining active [2] - Weak regulatory oversight in the multiple stages of personal information handling during online shopping contributes to the leakage, as data may have been exposed before encryption measures were implemented [2] - Incomplete legislation and management loopholes in internet platform real-name authentication are major factors leading to ongoing personal information leaks [2] Group 2: Recommendations for Improvement - It is essential to identify the channels through which personal information is leaked, whether through technical means or internal breaches, and to enhance regulatory oversight accordingly [3] - Regulatory bodies should increase compliance monitoring of personal information usage by logistics and courier companies, which typically do not need to retain extensive user data [3] - There should be an increase in administrative penalties for violations of personal information rights, including warnings, detention, or fines, and a clear definition of civil liabilities for offenders to enhance the cost of violations [3]

Core Viewpoint - The case highlights the importance of personal information protection in China, emphasizing that companies must adhere to legal standards when handling employee personal data [1][2][3] Group 1: Legal Framework - The implementation of the Personal Information Protection Law and the Civil Code has established a legal framework for personal information protection in China [1] - The Civil Code specifies that individuals have the right to privacy, and any organization or individual must not infringe upon this right through various means [2] - Personal information is defined broadly, including names, identification numbers, addresses, and other sensitive data that must be protected [2] Group 2: Case Details - The case involved a company that publicly posted an employee's personal information, including their ID number and address, which was deemed an infringement of privacy rights [1][2] - The employee, Zheng, sought a public apology and compensation for emotional distress due to the unauthorized disclosure of personal information [1][3] Group 3: Court Ruling - The court ruled that the company exceeded the necessary limits in using Zheng's personal information, constituting an infringement and requiring the company to issue a public apology [2][3] - The court did not support Zheng's claim for emotional distress compensation, citing the short duration and limited impact of the infringement [3] Group 4: Legal Guidance - Companies must follow the principles of legality, necessity, and appropriateness when handling personal information, ensuring minimal impact on individual rights [4] - It is advised that companies communicate sensitive information directly to employees and protect personal data from public disclosure [4] - Negative evaluations of employees should be factual and not harm their future employment opportunities, as this could lead to further legal issues [4]