Core Viewpoint - The National Cybersecurity Center reported that 38 mobile applications were found to illegally collect and use personal information, violating laws such as the Cybersecurity Law and the Personal Information Protection Law [1][11]. Group 1: Violations of Personal Information Collection - Two applications failed to publicly disclose their rules for collecting and using personal information: "家政加" (5.3.5, VIVO) and "聘巢" (1.0.2, 应用宝) [1]. - Nineteen applications did not list the purposes, methods, and scope of personal information collection: "联想乐云" (6.8.20, 应用宝), "画啦啦美术课堂" (5.22.9, OPPO), "智通直聘" (11.14.0, 应用宝), among others [2]. - Four applications did not inform users of the purpose when requesting permission to collect personal information: "e家政" (4.0.10, VIVO), "in" (3.4.130, 豌豆荚), "聘巢" (1.0.2, 应用宝), and "找零工" (4.2.6, 豌豆荚) [3]. - Four applications failed to inform users of the purpose when collecting sensitive personal information: "我要聘" (1.2.10, VIVO), "闪电直聘" (3.1.0, 百度), "吉工家" (7.6.6, 百度), and "建筑招工" (7.6.5, 百度) [4]. - Three applications began collecting personal information before obtaining user consent: "秀色直播" (9.3.6, 华为), "微米浏览器" (BrowserV8.0.20250403, 百度), and "当日急聘" (7.4.4, VIVO) [5]. - Nineteen applications collected personal information beyond the scope authorized by users [6]. Group 2: Excessive Information Collection - Three applications had personal information protection policies that described the collection of information beyond what was necessary for their functions: "地铁查询宝" (1.1.7, 小米), "文件解压管家" (1.4.0, 小米), and "微车" (8.6.3, VIVO) [7]. - One application had permissions for collecting personal information that exceeded the necessary range for its functions: "爱看书免费小说" (8.2.4, 华为) [8]. - Six applications collected personal information more frequently than necessary for their functions: "豆果美食" (8.2.15.2, 华为), "百思漂流瓶" (9.13.81, 华为), "优惠券" (6.0.0, 小米), "乐播投屏" (5.11.80, 应用宝), "卡牛信用管家" (9.2.2, 应用宝), and "轻喜到家" (2.6.7, VIVO) [10]. - Two applications required users to enable permissions not needed for current functions: "同城招聘" (1.1.1, VIVO) and "找零工" (4.2.6, 豌豆荚) [12]. - One application forced users to provide unnecessary personal information: "好兔视频" (1.6.36.1, 华为) [13]. Group 3: User Rights and Options - One application did not provide users with a way to correct or supplement their personal information: "当日急聘" (7.4.4, VIVO) [14]. - One application did not offer a way for users to cancel their accounts: "找零工" (4.2.6, 豌豆荚) [15]. - Two applications set unreasonable conditions or additional requirements in the account cancellation process: "597直聘" (6.5.0, 应用宝) and "快马日结" (6.7.00, 百度) [16]. - Three applications did not provide options to exit or disable personalized display modes: "壁纸多多" (6.9.9.1, 豌豆荚), "找零工" (4.2.6, 豌豆荚), and "汇博招聘" (5.0.3, 豌豆荚) [17].

Group 1 - The article reports that 38 mobile applications, including "Jiazhengjia" and "Pinchao," have been found to illegally collect and use personal information according to the National Cybersecurity Notification Center [1] - This action is part of a broader initiative outlined in the announcement by the Central Cyberspace Administration, Ministry of Industry and Information Technology, Ministry of Public Security, and State Administration for Market Regulation regarding personal information protection for 2025 [1]

"您的航班延误了，可以申请300元赔偿"，接到这样的电话，你会相信吗？近日，在浙江嘉兴出差的李 先生就掉进了这样一个精心设计的骗局。骗子冒充航空公司客服，不仅准确说出他的航班信息，还"热 心"指导他操作退款。结果，李先生一通操作下来，非但没拿到300元赔偿，反被转走4万多元，这到底 是怎么一回事呢？ 冒充航空公司诈骗电话：由于是我们航空公司机械故障的原因，导致航班取消了，所以我们航空公司给 每位旅客补贴了300元的延误补偿金，我协助您去领取一下这个航班延误险金。 这是一通自称航空公司客服打来的电话，正是因为听信了对方的这番说辞，李先生才掉进了骗子的陷 阱。2024年5月，正准备在第二天搭乘飞机回家的李先生突然接到了一通电话，当时电话里的客服称李 先生次日的航班因故临时取消，可以申请办理退改签业务，关键是可以额外获得补偿款300元。 这名客服提出，退改签首先需要验证个人账户是否安全。由于对方能准确说出李先生的行程及个人信 息，着急回家的他并没有多想，便按照对方的要求一步步进行了操作。 就这样，李先生反复操作了几次，但所谓的"验证"始终没有成功。随后，那名客服又再次提出，需要李 先生与航空公司的对公账户再进行一轮 ...

Core Viewpoint - The report highlights the detection of 38 mobile applications that violate personal information protection laws, indicating a significant issue in compliance with regulations such as the Cybersecurity Law and the Personal Information Protection Law [1][10]. Group 1: Violations of Personal Information Collection - Two applications failed to publicly disclose their rules for collecting and using personal information: "家政加" and "聘巢" [1]. - Nineteen applications did not list the purposes, methods, and scope of personal information collection: "联想乐云", "画啦啦美术课堂", "智通直聘", "才通直聘", "达管家", "同城招聘", "e家政", "快马日结", "2345浏览器", "微米浏览器", "淘最热点", "当日急聘", "闪电直聘", "吉工家", "建筑招工", "微车", "in", "找零工", "汇博招聘" [2]. - Four applications did not inform users of the purpose when requesting permission to collect personal information: "e家政", "in", "聘巢", "找零工" [3]. - Four applications failed to inform users of the purpose when collecting sensitive personal information: "我要聘", "闪电直聘", "吉工家", "建筑招工" [4]. - Three applications began collecting personal information before obtaining user consent: "秀色直播", "微米浏览器", "当日急聘" [5]. - Nineteen applications collected personal information beyond the scope authorized by users: "联想乐云", "画啦啦美术课堂", "达管家", "德管家", "他趣", "同城招聘", "e家政", "快马日结", "2345浏览器", "微米浏览器", "淘最热点", "当日急聘", "闪电直聘", "吉工家", "建筑招工", "微车", "in", "找零工", "汇博招聘" [6]. Group 2: Inadequate User Rights and Information - Three applications had personal information protection policies that described the need for information collection beyond necessary functions: "地铁查询宝", "文件解压管家", "微车" [6]. - One application declared the collection of personal information permissions in its configuration file that exceeded necessary functions: "爱看书免费小说" [7]. - Six applications collected personal information beyond the necessary scope of their functions: "豆果美食", "百思漂流瓶", "优惠券", "乐播投屏", "卡牛信用管家", "轻喜到家" [9]. - One application collected personal information more frequently than necessary: "家宝兔" [9]. - Two applications required users to enable permissions not needed for current functions: "同城招聘", "找零工" [9]. - One application forced users to provide unnecessary personal information: "e家政" [9]. - One application did not provide users with a way to correct or supplement their personal information: "当日急聘" [9]. - One application did not offer a way for users to cancel their accounts: "找零工" [9]. - Two applications set unreasonable conditions or additional requirements in the account cancellation process: "597直聘", "快马日结" [9]. - Three applications did not provide an option to exit or close personalized display modes: "壁纸多多", "找零工", "汇博招聘" [9].

近日，甘肃省张掖市高台县公安局网络安全保卫大队大队长田睿卿在央视《今日说法》栏目披露了一则涉及80万条公民个人信息泄露的案件。 2023年12月，甘肃高台县工程车司机韩先生被微信好友"汤姆"以充值返利为由诈骗，民警经韩先生网购记录查到"无货源电商"老板张伟，后者提供的"解密 中介"沟通群信息显示，该群由前快递员李广飞（化名）掌控。 "无货源电商"的运作模式是无货的商家A将订单转手卖给有货的商家B，由B给买家发货，A从中赚取差价。随着《中华人民共和国个人信息保护法》的出 台，电商平台会对顾客订单信息进行加密处理，传统"无货源电商"模式无法运转，催生出"解密中介"产业。据披露，解密每条信息的价格从几毛到2元不 等。 依靠各互联网平台为据点，一个很小的数据源点就可能迅速形成完整犯罪链条。 胡文军向警方交代，订单解密并不难，因为每家快递公司都有一个信息平台，负责快递业务的收揽、发送等事项，虽然各大电商平台对顾客的订单信息进行 了加密处理，但由于快递公司内部信息平台与各大电商平台有合作，加密信息内容在该平台都可以查询到。 知道创宇首席安全官周景平对第一财经记者表示，该案件的犯罪手法技术含量比较低，核心在于犯罪分子掌握了 ...

Core Viewpoint - The case highlights the illegal purchase of personal information by insurance companies to boost sales, leading to severe legal consequences for involved executives and a broader discussion on data privacy in the insurance industry [1][3][12]. Group 1: Case Details - Six executives from Tianan Insurance and China Life Insurance were found guilty of purchasing over 200,000 pieces of personal information to enhance their insurance sales [1][3]. - The data included sensitive information such as names, ID numbers, phone numbers, and vehicle details, sold at prices ranging from 0.7 to 0.9 yuan per entry [3][4]. - The illegal activities spanned from 2019 to 2022, with significant transactions including 90,000 entries for 90,000 yuan and 30,000 entries for 37,500 yuan [3][4][5]. Group 2: Legal Proceedings - The first-instance court ruled that the actions constituted a serious violation of personal information rights, leading to fines and penalties for the involved parties [7][9]. - The second-instance court upheld the original verdict, dismissing the defendants' claims of legality and procedural violations in evidence collection [8][9]. Group 3: Industry Implications - The case reflects a troubling trend in the insurance industry where illegal data acquisition has become a "common practice" to meet sales targets [10][12]. - Previous cases have shown a pattern of similar illegal activities within the insurance sector, indicating a systemic issue with data reliance for sales [12]. - New regulations are being introduced to enforce stricter data protection measures in the financial and insurance sectors, aiming to curb such illegal practices [13][14].

Core Viewpoint - The insurance industry is facing significant challenges regarding the protection of personal information, as recent incidents reveal that personal data is being illegally sold by insiders within insurance companies [1][2][3]. Group 1: Incident Overview - A recent criminal ruling disclosed that several employees from Tianan Property Insurance Company were involved in the illegal purchase and sale of personal information, leading to penalties for the offenders [2]. - The data sold included sensitive information such as vehicle identification numbers, ID numbers, phone numbers, names, addresses, and insurance expiration dates, highlighting the severity of the data breach [3]. Group 2: Regulatory Environment - The financial regulatory authorities are increasing scrutiny on personal information protection within the insurance sector, with new regulations set to be implemented by December 2024 [4]. - The principle of accountability for data management is emphasized, requiring insurance companies to clearly define responsibilities for data security across various business areas [4]. Group 3: Recommendations for Improvement - Insurance companies are advised to establish robust customer information security management systems in compliance with the Personal Information Protection Law, detailing responsibilities and operational norms for data handling [5]. - Collaboration among insurance companies, regulatory bodies, and law enforcement is essential to effectively protect consumer personal information and address violations [5][6].

保险业"内鬼"狂飙 监管重锤砸向数据黑产 作者：李秀梅 车险将要到期推销电话不停，只买了一份保险却收到了几十条推销短信，不用怀疑，你的个人信息被泄 露了。 8月19日，北京商报记者注意到，近期中国裁判文书网公布了一则刑事裁定书，显示杨某某、何某某、 俞某某等人为拓展保险业务，购买公民个人信息数万条，犯下侵犯公民个人信息罪。而这些个人信息， 同样来自于保险公司，一位"内鬼"倒卖。 当前，保险业数字化程度不断提升，侵害公民个人信息权益的问题也随之而来。如何保护好客户的个人 信息，是保险公司面临的新课题。 倒卖车险信息遭罚 身为保险公司部门负责人，不考虑如何扩展业务，竟动了歪心思，想通过购买客户信息"走偏门"？近期 中国裁判文书网公布的一则刑事判决书，将某保险公司多名员工侵犯保险客户个人信息的犯罪细节公布 于众。 判决书显示，杨某某为天安财险安庆中心支公司原总经理，何某某为天安财险安庆中心支公司电销部门 原负责人，俞某某为天安财险黄山中心支公司电销部门原负责人。2020年3—12月期间，杨某某为推动 电销部门工作，安排何某某通过向杨某(另案处理)转账3.75万元，两次从杨某处购买公民个人信息3万余 条。2019年3 ...

杨某的个人信息来自何处？竟然是同业保险公司。裁判文书显示，证实杨某丰是某大型保险公司安徽省 公司电销负责人，也是杨某（另案处理）之前的同事，杨某丰手中有安徽省全省的购车数据，数据里面 有车架号、身份证号、电话、姓名、住址以及保险到期日。2018年杨某同杨某丰合谋出售购车数据牟 利。杨某丰将数据按照各个地市的分类打包好给杨某，杨某再按照每个地市的信息以每条七至九毛钱出 售，所获利润和杨某丰三七分成，杨某拿七成。出售对象都是各保险公司的从业人员。 8月19日，北京商报记者注意到，近期中国裁判文书网公布了一则刑事裁定书，显示杨某某、何某某、 俞某某等人为拓展保险业务，购买公民个人信息数万条，犯下侵犯公民个人信息罪。而这些个人信息， 同样来自于保险公司，一位"内鬼"倒卖。 当前，保险业数字化程度不断提升，侵害公民个人信息权益的问题也随之而来。如何保护好客户的个人 信息，是保险公司面临的新课题。 倒卖车险信息遭罚 车险将要到期推销电话不停、只买了一份保险却收到了几十条推销短信，不用怀疑，你的个人信息被泄 露了。 身为保险公司部门负责人，不考虑如何扩展业务，竟动了歪心思，想通过购买客户信息"走偏门"？近期 中国裁判文书网 ...

Core Viewpoint - The National Computer Virus Emergency Response Center has identified 70 mobile applications that illegally collect and use personal information, highlighting ongoing concerns regarding data privacy and compliance with Chinese laws [1] Company Summary - The application "Ark Health Online Pharmacy" (version 6.42.0, OPPO software store) has been flagged for multiple violations, including failure to inform users about the transfer of their personal information to other parties and not providing a convenient way to withdraw consent for data collection [1] - Ark Health Online Pharmacy is operated by Guangzhou Ark Pharmaceutical Co., Ltd., which is a wholly-owned subsidiary of Guangzhou Ark Cloud Health Information Technology Group Co., Ltd. [1] - Established in 2015, Ark Health focuses on internet-based chronic disease management services and aims to become the largest chronic disease service platform in China [1]