Core Viewpoint - The article highlights the detection of 70 mobile applications that violate personal information protection laws, emphasizing the need for compliance with privacy policies and user consent in data handling practices [1][2][3]. Group 1: Violations in User Consent and Information Handling - 23 mobile applications failed to provide clear notifications for users to read privacy policies upon first use, making it difficult for users to access these policies [1]. - 24 mobile applications did not specify the purposes, methods, and scope of personal information collection in their privacy policies [2]. - 14 mobile applications shared personal information with third parties without user consent or proper notification [3]. - 5 mobile applications began collecting personal information without obtaining user consent first [4]. - 4 mobile applications did not offer effective options for users to correct, delete personal information, or cancel their accounts [5]. - 2 mobile applications failed to process complaints and requests for personal rights in a timely manner [6]. - 23 mobile applications did not provide users with a way to withdraw consent for personal information collection [7]. Group 2: Security Measures and Policy Compliance - 34 mobile applications did not implement adequate security measures such as encryption or anonymization of personal information [11]. - 9 mobile applications lacked a privacy policy altogether, which is a significant compliance issue [12]. - 13 mobile applications did not have specific rules for handling personal information of minors, failing to obtain necessary parental consent [10]. - 1 mobile application did not inform users about the necessity and impact of processing sensitive personal information [9]. - 3 mobile applications used automated decision-making for information push and marketing without providing options for users to refuse [8].

Core Points - The article highlights the detection of 70 mobile applications that violate personal information protection laws, as mandated by the Cybersecurity Law and the Personal Information Protection Law [2][3][4] Group 1: Violations in User Notification - 23 mobile applications failed to clearly inform users about the collection and use of personal information at the first run, including the lack of accessible privacy policies [2] - 24 mobile applications did not specify the purposes, methods, and scope of personal information collection in their privacy policies [3] Group 2: Consent and Information Sharing - 14 mobile applications shared personal information with third parties without user consent or proper anonymization [5] - 5 mobile applications began collecting personal information without obtaining user consent first [6] Group 3: User Rights and Complaint Handling - 4 mobile applications did not provide effective mechanisms for users to correct, delete personal information, or cancel their accounts [6] - 2 mobile applications failed to process complaints and reports within the promised timeframe [6] Group 4: Withdrawal of Consent - 23 mobile applications did not offer users a way to withdraw consent for personal information collection [6] Group 5: Automated Decision-Making and Sensitive Information - 3 mobile applications used automated decision-making for marketing without providing options to refuse [7] - 1 mobile application did not inform users about the necessity and impact of processing sensitive personal information [7] Group 6: Minor Protection and Security Measures - 13 mobile applications did not have specific rules for processing information of minors or obtain parental consent [8] - 34 mobile applications lacked adequate security measures such as encryption or de-identification [8] Group 7: Absence of Privacy Policies - 9 mobile applications were found to have no privacy policy at all [9] Group 8: Follow-up on Previous Violations - 28 out of 69 previously reported applications still exhibited violations upon re-examination, leading to their removal from distribution platforms [9]