Core Viewpoint - The frequent violations of personal information collection by mobile applications highlight a persistent issue in the industry, necessitating a multi-faceted approach to address the privacy dilemma [1][4][7]. Group 1: Violations and Regulatory Actions - The National Cybersecurity and Information Security Information Notification Center reported 65 mobile applications for illegal collection and use of personal information, marking the second large-scale naming this year [1]. - In April, the National Computer Virus Emergency Response Center had already reported 13 applications for similar violations across various sectors, including food delivery, finance, and social media [1]. - In 2024, the Ministry of Industry and Information Technology reported 50 applications with user rights violations, with 27 of them exhibiting forced, frequent, and excessive permission requests [2]. Group 2: User Behavior and Awareness - A significant number of users, approximately 77.8%, rarely or never read privacy agreements when installing applications, and 69.69% ignore updates to these agreements [3]. - Users often feel compelled to agree to privacy policies to access essential app functions, leading to a compromise of their personal information [2]. Group 3: Legal Framework and Compliance Challenges - A comprehensive legal framework exists, including the Cybersecurity Law, Data Security Law, and Personal Information Protection Law, aimed at regulating personal information handling [4]. - Despite the established regulations, the persistent non-compliance by mobile applications is attributed to the technical complexity of apps, the hidden nature of data collection, and users' lack of awareness [4][5]. Group 4: Recommendations for Improvement - Experts suggest a collaborative governance approach involving regulatory frameworks, corporate compliance, and technological safeguards to enhance personal data protection [7]. - It is recommended that app operators stay informed about regulatory disclosures and adhere to compliance standards, especially when handling large volumes of personal or sensitive information [7]. - Users should be vigilant about privacy policy compliance indicators, such as the presence of consent pop-ups and the clarity of information presented [8].

输入一段你想要的问题，生成式人工智能就可以根据你的需求从海量的数据中检索分析生成你想要的文字、图像甚至视频，在方便快捷的同时，其潜在的个 人信息泄露风险也引发担忧。 如何在生成式人工智能时代筑牢个人信息安全防线？在这两天举行的2025年中国网络文明大会各分论坛上，与会嘉宾围绕这一焦点议题展开深入探讨。 中国科学技术大学网络空间安全学院执行院长 俞能海：生成式人工智能技术，说到底它是基于数据的。现在的问题是我们的数据本身，现在各种大模型它 都是要有数据、语料进来，这些语料从个人信息保护角度，哪些语料给、哪些语料不给，源头数据怎么管控，尤其在个人信息保护中间起的作用非常大。 与此同时，基于强大的数据搜集和逻辑能力，人工智能可以综合公开数据、个人数据，结合行为分析挖掘出更深层的数据。 中国科学技术大学网络空间安全学院执行院长 俞能海：信息化给我们带来非常好的一面，但确确实实也给我们留下了新的问题。你只要用了系统，一定会 留痕，自己很多的信息，可能是敏感信息，你自己认为已经把它去掉了，但是通过整合、信息关联，可能在输出的点，它会就被泄露出来。 针对深度伪造技术 发展主动防御技术 如何在保护数据安全和推动人工智能发展中 ...

中经记者 郑瑜 北京报道 随着《个人信息保护法》实施进入第四个年头，金融领域作为数据密集型行业，数据合规责任持续压 实。 国家计算机病毒应急处理中心近期发布通报，依据《网络安全法》《个人信息保护法》等法律法规，按 照《中央网信办、工业和信息化部、公安部、市场监管总局关于开展2025年个人信息保护系列专项行动 的公告》要求，检测到63款移动应用存在违法违规收集使用个人信息情况，其中也包括金融类APP。 同期，中国人民银行（以下简称"央行"）分支机构也公布了关于一家消费金融公司和一家小额贷款公司 的行政处罚，违规原因都涉及违反信用信息采集、提供、查询相关管理规定。 这也暴露出业务扩张和客群快速变化之下，一些金融机构在加强对信息授权的风险认知与保护措施方面 的薄弱环节。有律师向记者表示，从"最小必要"原则出发，机构要获得业务必要的个人信息授权并不困 难，真正的挑战是，机构如何压制更希望获得"额外的、非必要的"信息和数据的冲动。 信息保护承压 近期，央行湖北省分行公布了湖北消费金融股份有限公司（以下简称"湖北消金"）的行政处罚，公示表 显示，湖北消金违反信用信息采集、提供、查询相关管理规定。 该负责人同时表示，若金融 ...

Group 1 - The China Securities Regulatory Commission (CSRC) has requested Nanhua Futures (603093.SH) to provide supplementary explanations regarding its overseas business operations and compliance status, as well as the regulatory procedures for using the raised funds to supplement the capital of its overseas subsidiaries [1][2] - Nanhua Futures has submitted its application to the Hong Kong Stock Exchange for a main board listing, with CITIC Securities acting as its sole sponsor [1] - According to a report by Frost & Sullivan, Nanhua Futures ranks 8th among all futures companies in China by total revenue in 2023, and it ranks 1st among all non-financial institution-related futures companies [2] Group 2 - The CSRC has asked for clarification on whether the company's and its subsidiaries' business scope involves areas covered by the "Negative List of Foreign Investment Access (2024 Edition)" and whether they comply with foreign investment access policies before and after the listing [2] - The company is focused on providing comprehensive and customized derivatives and risk management services to industrial clients, financial institutions, and individual investors, while also aiming to offer diversified wealth management services to both domestic and overseas investors [2] - Nanhua Futures ranks 1st among all futures companies in China in terms of overseas revenue for 2023 [2]

Core Points - The Ministry of Public Security and other departments have released the "National Network Identity Authentication Public Service Management Measures," effective from July 15, 2025, allowing individuals to voluntarily apply for a network number and certificate using valid identification [1][14]. - The new system reduces the risk of personal information exposure by allowing users to authenticate their identity without revealing sensitive information like their ID number, only providing a verification of "yes" or "no" to platforms [1][3]. - The initiative aims to combat issues related to personal information theft and fraud, particularly in the context of rampant telecom scams [3][12]. Summary by Sections National Network Identity Authentication Service - The service consists of a network number (a unique identifier without personal information) and a network certificate (which carries non-explicit identity information) [5][11]. - Users can apply for these services through the "National Network Identity Authentication" app, which requires identity verification via NFC and facial recognition [6][10]. Implementation and Adoption - Over 400 applications, including major platforms like WeChat, Taobao, and Baidu, have integrated this service, allowing users to register accounts and verify identities without exposing personal information [11][12]. - The app has been downloaded 16 million times, with 8 million network numbers and certificates issued, and 12 million authentication services provided [10][11]. Benefits and Use Cases - The service is being utilized in various sectors, including government services, education, and tourism, to enhance user experience and reduce the need for physical identity verification [12][13]. - It helps mitigate risks of identity fraud in sensitive areas like finance and cultural tourism, where accurate identity verification is crucial [12][13]. Future Prospects - The management measures are expected to expand the service's application across more scenarios, including traffic management apps [13][14]. - The initiative is designed to be free for the public and businesses, focusing on protecting personal information and facilitating convenience [14].

Core Viewpoint - The article highlights the increasing prevalence of personal information infringement in China, emphasizing the need for stronger legal protections and governance mechanisms to combat the illegal acquisition and sale of personal data [1][2][3]. Group 1: Legal and Regulatory Framework - In recent years, China has accelerated its legislative process to protect personal information, including the introduction and revision of relevant laws such as the Personal Information Protection Law [2]. - Despite these legal advancements, personal information infringement remains high due to low penalties for offenders and the high profitability of illegal data trading [2]. Group 2: Challenges in Personal Information Protection - The channels for collecting personal information have become more diverse, increasing the risk of data breaches as consumers frequently provide personal data in various scenarios such as shopping and online services [2][3]. - The leakage and sale of personal information have become widespread, necessitating a multi-faceted approach to governance that includes both technological advancements and source governance [3]. Group 3: Recommendations for Improvement - There is a need for continuous upgrades in technical measures and stricter penalties to address the evolving challenges posed by data privacy violations, including new issues arising from technologies like AI [3]. - Establishing robust mechanisms for proactive monitoring and regulation of third-party platforms and merchants that handle personal information is crucial to prevent mishandling and protect consumer rights [3].

Core Points - The implementation of the "Facial Recognition Technology Application Security Management Measures" aims to regulate the use of facial recognition technology in China, addressing privacy and security concerns [2][3][5] Group 1: Regulatory Framework - The new regulations are based on existing laws such as the Cybersecurity Law, Data Security Law, and Personal Information Protection Law, and apply to activities involving facial recognition technology within China [2][3] - The regulations require personal information processors to inform individuals about the processing of their facial information, including the purpose, method, and duration of storage [3][5] Group 2: Special Considerations - The regulations emphasize the protection of vulnerable groups, including the elderly and disabled, ensuring that their facial information is handled in compliance with accessibility standards [3][4] - For minors under the age of fourteen, parental consent is required for processing their facial information, and specific rules must be established to safeguard their data [4] Group 3: Data Storage and Security - Facial information must be stored locally on recognition devices and cannot be transmitted over the internet unless legally permitted or with explicit consent [5][6] - The regulations discourage the use of facial recognition as the sole verification method, promoting alternative identification methods when individuals do not consent to facial recognition [5][6] Group 4: Supervision and Compliance - Organizations processing facial information for over 100,000 individuals must register with provincial-level cybersecurity departments within 30 working days [6][7] - The registration process requires detailed information about the processing activities, including the purpose, methods, and security measures in place [7]

Core Viewpoint - The China Securities Regulatory Commission (CSRC) has communicated concerns regarding personal information protection issues within the industry, highlighting compliance failures among certain institutions' mobile applications, mini-programs, and software development kits (SDKs) [1] Group 1: Regulatory Concerns - The CSRC reported that some institutions have not strictly implemented the Personal Information Protection Law during the collection, storage, transmission, and utilization of personal information, leading to compliance issues and potential risks [1] - Institutions are required to enhance their focus on personal information protection, conduct timely inspections of their apps, mini-programs, and SDKs, and rectify identified issues [1] Group 2: Recommendations for Improvement - Institutions can improve their professional capabilities in personal information protection through app detection certification and external evaluations [1] - There is an emphasis on the need for institutions to strengthen problem analysis and risk assessment to proactively prevent and mitigate potential risks [1]

据国家网络与信息安全信息通报中心通报，依据《中华人民共和国网络安全法》《中华人民共和国个人 信息保护法》等法律法规，按照《中央网信办、工业和信息化部、公安部、市场监管总局关于开展2025 年个人信息保护系列专项行动的公告》要求，经国家计算机病毒应急处理中心检测， 63款移动应用存 在违法违规收集使用个人信息情况 ，现通报如下。 1、 在App首次运行时未通过弹窗等明显方式提示用户阅读隐私政策等收集使用规则 ；个人信息处理者 在处理个人信息前，未以显著方式、清晰易懂的语言真实、准确、完整地向个人告知个人信息处理者的 名称或者姓名、联系方式、个人信息的保存期限等。 涉及6款移动应用如下：《一键登录SDK》（版本2.0.6，官网）、《厦门银行企业银行》（版本8.0.0， vivo应用商店）、《云挂卡》（版本1.1.6，华为应用市场）、《极验身份验-一键登录号码认证SDK》 （版本2.9.6，官网）、《推手管家》（版本5.4.4，苹果应用商店）、《神蓍广告安卓SDK》（版本 6.5.1.8，官网）。 2、 隐私政策未逐一列出App（包括委托的第三方或嵌入的第三方代码、插件）收集使用个人信息的目 的、方式、范围等。 涉 ...

根据中央网信办、工业和信息化部、公安部、市场监管总局等四部门联合发布的《关于开展2025年个人 信息保护系列专项行动的公告》，工业和信息化部对APP、SDK违法违规收集使用个人信息等问题开展 治理。近期，经组织第三方检测机构进行抽查，共发现49款APP及SDK存在侵害用户权益行为，现予以 通报。 ...