Core Viewpoint - The ongoing governance of personal information collection by applications is highlighted, with specific issues identified in 15 apps and 16 SDKs regarding transparency and compliance with personal information protection laws [1][2][7]. Group 1: Issues Identified - 15 apps, including popular ones like Moji Weather TV version and Youdao Premium Course, failed to list the SDKs used for personal information collection and did not accurately state the purposes, methods, and scope of data collection [1][3][5]. - 16 SDKs were found to lack clear rules for personal information collection and did not respond timely to user rights requests, leading to increased risks of data misuse and compliance violations [2][6][7]. - The lack of transparency in data collection practices violates the "notice and consent" principle outlined in the Personal Information Protection Law, potentially exposing users to risks such as data theft and unauthorized sharing [7][9]. Group 2: Company Responses and Compliance - Companies like Moji Weather and Youdao have acknowledged the issues and are working towards compliance, with Moji Weather indicating that the TV version is not their main product and will undergo necessary rectifications [4][8]. - Some apps, such as Tuhu Car Maintenance, have already updated their versions to comply with the requirements, while others like Youdao Premium Course have not yet made necessary updates [8][9]. - The need for companies to enhance their understanding of legal regulations and improve compliance practices is emphasized, as non-compliance can lead to significant operational risks and reputational damage [9][10]. Group 3: Recommendations for Improvement - Companies are advised to integrate privacy design principles during the development of apps and SDKs, including data minimization and encryption [10]. - Establishing a security assessment system for SDKs and implementing dynamic permission management mechanisms are recommended to enhance data protection [10]. - Regular compliance audits and the establishment of user rights response systems are crucial for ensuring user rights are adequately protected [10].

Core Viewpoint - Recent announcement by the Central Cyberspace Administration of China (CAC) highlights that 15 apps, including popular ones like墨迹天气tv版 and 途虎养车, have been flagged for issues related to personal information collection [1][2]. Group 1: Regulatory Actions - The CAC, along with other governmental bodies, has initiated a series of special actions for personal information protection, in accordance with various laws including the Cybersecurity Law and the Personal Information Protection Law [2]. - The identified apps failed to adequately disclose the SDKs used for collecting personal information, as well as the purposes, methods, and scope of such data collection [2][3]. Group 2: Specific Apps and SDKs - A list of apps, including 烟台出行, 亲邻开门, and 学霸在线, were noted for not accurately listing the SDKs and their data collection practices [3]. - SDKs such as CTP and 金仕达 were also mentioned for not providing rules for personal information collection and failing to respond to user rights requests in a timely manner [4]. Group 3: Compliance and Rectification - The involved app and SDK operators are required to complete rectification within 15 working days from the announcement and report back to the authorities [4]. - The CAC will conduct follow-up inspections and take necessary actions based on the compliance status [4].