Core Viewpoint - The National Cybersecurity Incident Response Center has identified 69 mobile applications that illegally collect and use personal information, including Datong Securities and Xinda Futures [1] Group 1: Violations by Datong Securities - Datong Securities failed to clearly list the purposes, methods, and scope of personal information collection in its privacy policy, including third-party involvement [2] - The company did not inform users about the recipients of their personal information, nor did it obtain explicit consent for sharing this information with third parties [2][3] Group 2: Violations by Xinda Futures - Similar to Datong Securities, Xinda Futures also did not adequately disclose the purposes, methods, and scope of personal information collection in its privacy policy [3] Group 3: Legal Framework - The violations are in accordance with the Cybersecurity Law and the Personal Information Protection Law, as well as the announcement regarding the 2025 personal information protection initiative [4] Group 4: Specific Violations Identified - 24 applications failed to provide clear prompts for users to read privacy policies upon first use [4] - 31 applications did not list the purposes and methods of personal information collection in their privacy policies [5] - 17 applications shared personal information with third parties without user consent [7] - 3 applications began collecting personal information without user consent [8] - 41 applications did not implement adequate security measures for personal information [11] - 3 applications lacked a privacy policy altogether [12]