Core Viewpoint - The National Cybersecurity Notification Center reported that 34 mobile applications were found to illegally collect and use personal information, violating laws such as the Cybersecurity Law and the Personal Information Protection Law [1][2][3]. Group 1: Violations in Personal Information Collection - 17 mobile applications failed to specify the purpose, method, and scope of personal information collection [1][5]. - 1 mobile application did not inform users of the purpose when requesting permission to collect personal information [2]. - 1 mobile application did not inform users of the purpose when collecting sensitive personal information [3]. - 4 mobile applications began collecting personal information before obtaining user consent [4]. - 17 mobile applications collected personal information beyond the scope authorized by users [5]. Group 2: Inadequate User Information and Consent - 1 mobile application had a personal information protection policy that described the need to collect personal information beyond what was necessary for its functions [6]. - 4 mobile applications declared permissions to collect personal information that exceeded what was necessary for their functions [7]. - 2 mobile applications collected personal information beyond what was necessary for their functions [8]. - 3 mobile applications collected personal information more frequently than necessary for their functions [9][10]. - 3 mobile applications required users to enable permissions not needed for the current function [11]. Group 3: User Rights and Misleading Practices - 4 mobile applications forced users to provide unnecessary personal information [12]. - 3 mobile applications did not provide users with a channel for complaints regarding personal information [13]. - 1 mobile application did not offer a specific way for users to correct or supplement their personal information [14]. - 2 mobile applications set unreasonable conditions or additional requirements in the account cancellation process [15]. - 2 mobile applications engaged in misleading or deceptive advertising practices [16].

本文转自【国家网络安全通报中心】； 《房车生活家》（版本5.7.9，vivo应用商店）。 4、征得用户同意前就开始收集个人信息。涉及4款移动应用如下： 《凹凸租车》（版本6.7.5，vivo应用商店）、《圆梦志愿》（版本7.3.1，豌豆荚）、《亲宝宝》（版本 11.7.5，豌豆荚）、《云集》（版本4.20.09041，vivo应用商店）。 5、实际收集的个人信息超出用户授权范围。涉及17款移动应用如下： 《王者代练》（版本2.2.28，华为应用市场）、《首汽租车》（版本6.2.2，应用宝）、《去上网（去 哒）》（版本1.9.37，vivo应用商店）、《潮自拍》（版本5.5.84，小米应用商店）、《极速二维码》 （版本3.2.8，小米应用商店）、《闪电扫码大师》（版本2.2.1，小米应用商店）、《艺愿星》（版本 3.6.22，vivo应用商店）、《UU跑腿》（版本7.5.1.0，vivo应用商店）、《酒便利》（版本3.12.02， vivo应用商店）、《爱口袋》（版本5.0.12，vivo应用商店）、《蝶变志愿》（版本5.1.4，vivo应用商 店）、《二三里》（版本7.7.4，vivo应用商店）、《爱宠游》（ ...