格隆汇1月10日｜据网信中国，国家互联网信息办公室起草了《互联网应用程序个人信息收集使用规定 （征求意见稿）》，现向社会公开征求意见。征求意见稿中指出：互联网应用程序应当为用户提供注销 账号的便捷功能。互联网应用程序应当仅在用户主动选择使用拍照、发送语音、录音录像等功能时调用 相机、麦克风权限，不得在用户停止使用相关功能或者无关场景调用相机、麦克风权限。 ...

Core Viewpoint - The integration of digital economy and fintech has led to the rise of "traffic finance" as a monetization path for internet traffic platforms, exemplified by the launch of the "borrowing service platform" by the travel app Hanglv Zongheng [1][10]. Group 1: Service Launch and Modifications - Hanglv Zongheng, developed by China Aviation Information Technology Co., Ltd., has introduced a borrowing service platform aimed at providing financial support for travel and daily consumption needs [1][11]. - The initial user agreement included clauses that required users to authorize the processing of their personal information, which raised legal concerns regarding potential overreach into credit reporting services [1][3]. - Following feedback, the agreement was revised to remove the controversial clauses and clarify that the service provider acts solely as a technical support entity for licensed financial institutions [2][11]. Group 2: Compliance and Legal Considerations - Legal experts highlighted that if a lending platform processes personal information and provides credit analysis, it may be classified as a credit reporting service, necessitating appropriate licensing [3][12]. - The revised agreement emphasizes that Hanglv Zongheng will not provide additional user data beyond what users voluntarily submit, ensuring compliance with financial regulations [4][13]. - Concerns were raised about vague language in the agreement that could lead to excessive data collection under the guise of improving service quality, which may violate regulatory standards [5][14]. Group 3: Data Protection and User Privacy - The company has committed to not sharing user data with third parties without explicit user consent, particularly in the context of facial recognition processes for loan applications [7][15]. - Experts recommend that non-financial platforms engaging in lending services should adhere to strict data protection principles, ensuring that personal information collection is limited to what is necessary for service provision [8][16]. - Suggestions were made for integrating with national identity verification systems to enhance user data security during the borrowing process [9][17].

Group 1 - The core issue identified is the violation of personal information protection laws by 71 mobile applications, including those from automotive companies such as Fengshen, Ledao, and Shenlan [1][2] - The detection was conducted based on the Cybersecurity Law and the Personal Information Protection Law, as part of a special action announced by multiple government agencies [1] - The report highlights 13 types of violations, including failure to inform users about the collection of personal information and lack of rules for processing information of minors under 14 [1] Group 2 - Specific violations were noted for the Fengshen app, which failed to inform users about the sharing of their personal information with other processors without obtaining separate consent [2] - The Ledao and Shenlan apps did not implement necessary security measures such as encryption and de-identification [2] - A previous report had identified 69 non-compliant applications, with 27 still having issues upon re-evaluation, leading to their removal from distribution platforms [2]

个人信息保护，越来越密集地进入我们的视野。尤其2025年年末，《大型网络平台个人信息保护规定 （征求意见稿）》《数据安全技术 电子产品信息清除技术要求》《人工智能拟人化互动服务管理暂行 办法（征求意见稿）》《关于报送未成年人个人信息保护合规审计情况的公告》……一系列政策文件与 国家强标接连公布，国家对个人信息保护工作的重视不言而喻。 回首这一年，给"摄像头"立法，对"强制刷脸"说"不"；启用"网络身份证"，为个人信息穿上"隐身衣"； 个保合规审计成为企业"必答题"，个人信息安全出境路径有章可循，AI拟人互动服务有了规范，大型网 络平台个保规则越发明晰……这些背后，是我国个人信息保护制度"拼图"的加速完善，对企业合规发展 的实质指引，以及网络安全屏障的进一步巩固。 南方都市报、南都大数据研究院特别梳理了2025年以来新公布的涉及个人信息保护的政策法规细则，发 现了这些新的"进化"。 法律体系衔接更紧密 制度协同性增强 "保障个人信息安全，维护公民在网络空间的合法权益"，是大家坚守的方向。中共中央政治局2025年11 月底就加强网络生态治理进行集体学习，明确指出要筑牢网络安全和数据安全防线。中央网信办主任庄 荣文 ...

2023年至2025年监管通报侵害用户 个人信息App数量 单位:款 4000 - 3852 - 3000 - 2129 2000 - 1529 1000 - 2023年 2024年 2025年 面方都需報 刻一网 OCBCCcom 2025年全国层面App监管通报 | 不同监管机构每月通报App数量分布 ● 国家计算机病毒应急处理中心 工信部 ● 公安部计算机信息系统安全产品质量监督检验中心 中央网信办 1月 2月 3月 4月 5月 6月 7月 8月 9月 10月 11月 12月 0 20 40 80 100 120 140 60 单位:款 2025年对外通报App数量前五的单位 通报数量 上海市通信管理局 819 国家计算机病毒应急处理中心 663 工信部 335 北京市通信管理局 230 公安部计算机信息系统安全 225 在于给您您能通過品化 1 万部市報 -网 OPECCarom 在国家四部门联合开展个人信息保护系列专项行动的政策背景下，2025年，全国和地方监管部门及相关 机构通报的侵害用户权益App数量出现大幅上升，同比增加约152%。南都记者近日结合专业机构提供 的数据梳理发现，截至2025年1 ...

Core Viewpoint - The State Administration for Market Regulation and the National Internet Information Office have announced measures to address issues in online transactions, including malicious marketing, internet water armies, and personal privacy breaches [1] Group 1: Regulatory Measures - The Central Internet Information Office will strengthen the management of marketing and sales information content, guiding online transaction platforms to enhance management in key areas such as product descriptions, user reviews, search recommendations, and account information [1] - A list of non-compliant products will be compiled, and clear definitions of illegal marketing behaviors will be established to combat fabricated scenarios and unethical marketing practices [1] Group 2: Combatting Internet Water Armies - A long-term governance mechanism for internet water armies will be established in collaboration with multiple departments, focusing on organized activities such as score manipulation, review control, follower increase, and fraudulent transactions [1] - Increased efforts will be made to address malicious marketing information, targeting four main issues: malicious false staging, dissemination of false information, violations of public order and morals, and illegal traffic marketing [1] Group 3: Personal Information Protection - The relevant departments will conduct a series of special actions for personal information protection, addressing typical issues related to the illegal collection and use of personal information in common services and daily scenarios, such as apps, smart terminals, vending machines, and QR code ordering [1]

Core Viewpoint - The Ministry of Industry and Information Technology is actively addressing violations of user rights by apps, with 22 apps and SDKs reported for infringing user rights [2]. Group 1: Violations Identified - A total of 22 apps and SDKs were found to have issues such as forced automatic renewals and excessive permission requests [2]. - Specific violations include unauthorized collection of personal information and failure to disclose information collection lists [3][4][5][6]. Group 2: Apps and SDKs Listed - Notable apps include "妹聊" by Beijing Zhixing Technology, which was reported for unauthorized collection and excessive use of personal information [3]. - "Sinzar" by Hainan Xinzhi Technology also faced similar issues of unauthorized data collection [3]. - "PS 照片修复" by Wuhan Chuyue Education was flagged for excessive permission requests [4]. - "乐趣点点" by Hainan Kengdehai Culture was noted for both unauthorized collection and excessive data usage [6].

Core Viewpoint - A total of 71 mobile applications have been reported for illegal collection and use of personal information, as detected by the National Computer Virus Emergency Response Center, highlighting significant compliance issues within the industry [1][2]. Group 1: Violations Identified - The report identifies 13 types of violations, including failure to prompt users to read privacy policies at the first app launch and collecting personal information without user consent [1]. - Specific applications, such as Yu Xiao Er and Le Zu Xing, did not provide clear access to privacy policies or adequately inform users about the handling of their personal information [2]. - 31 mobile apps, including Dan Zai Pai Dui and Zhong Gong Wang Xiao, failed to list the purposes, methods, and scope of personal information collection in their privacy policies [2]. Group 2: Security Measures Lacking - 27 mobile applications, including Le Dao Automobile and Shen Lan Automobile, were reported for not implementing necessary security measures such as encryption and de-identification [2]. - Five applications, including Ai Ju Zhao Fang and Chang Long Tourism, were noted for lacking any privacy policy altogether [2].

Core Viewpoint - A significant number of mobile applications have been reported for violating user rights, with a total of 93 apps flagged by the National Cybersecurity Notification Center and the Ministry of Industry and Information Technology for issues related to personal information collection and usage [1][6]. Group 1: National Cybersecurity Notification Center Findings - The National Cybersecurity Notification Center reported that 71 mobile applications were found to illegally collect and use personal information, with issues including lack of privacy policies and inadequate notification of data collection practices [3][4]. - The detection period for these applications was from November 21, 2025, to December 25, 2025, covering 13 types of issues [3]. - Notable applications included "Egg Party" (version 1.0.238), "Keep Medal," and "Chimelong Tourism," sourced from major app stores and platforms like WeChat Mini Programs and Alipay [3][4]. Group 2: Ministry of Industry and Information Technology Findings - The Ministry of Industry and Information Technology reported 22 apps and SDKs for infringing user rights, with issues primarily related to personal information collection and usage compliance [6][7]. - Specific applications mentioned include "Sui Sui" (version 5.5) for forced auto-renewal and "Yangquan Xing" (version 1.1.0) for improper information window behavior [7]. - The Ministry has conducted ongoing inspections, with a total of 54 batches of reported infringing apps since the start of 2026 [7][8]. Group 3: Focus on Facial Recognition Technology - The National Cybersecurity Notification Center has included compliance checks for facial recognition technology in its reports, highlighting that certain apps used facial recognition as the sole verification method without providing alternative options [5]. - Applications like "HelloTalk" and "Bida Group" were noted for this practice, raising concerns about user consent and alternative verification methods [5]. Group 4: Overall Trends and Regulatory Actions - The regulatory environment has intensified, with a notable increase in reported infringing apps, rising from 1,529 in 2024 to 3,852 in 2025, indicating a growing focus on user rights protection [8]. - The Ministry emphasized that apps and SDKs must rectify their issues according to regulations, with potential legal actions for non-compliance [8].

Core Viewpoint - The Ministry of Industry and Information Technology (MIIT) of China is actively addressing user rights protection by enforcing regulations against APPs that violate user rights, following laws such as the Personal Information Protection Law and the Cybersecurity Law [1] Group 1: Regulatory Actions - MIIT has conducted inspections and identified 22 APPs and SDKs that infringe on user rights, which will be publicly reported [1] - The identified APPs and SDKs are required to rectify their violations, and failure to comply will result in further legal actions by MIIT [1] Group 2: List of Violating APPs and SDKs - The reported APPs include "妹聊" (Mei Liao) for illegally collecting personal information and "Sinzar" for exceeding the scope of personal information collection [2][3] - Other notable violations include "逸舒到家" (Yishu Daijia) and "PS 照片修复" (PS Photo Repair), which are cited for excessive permission requests [3] - "雷电 SDK" (Thunder SDK) is highlighted for inadequate information disclosure and excessive permission requests [4]