Introduction: The National Computer Virus Emergency Response Center recently discovered through Internet monitoring that 15 mobile apps had privacy violations.
The National Computer Virus Emergency Response Center has recently discovered through Internet monitoring that 15 mobile apps have privacy non-compliance behaviors in accordance with the Cybersecurity Law, the Personal Information Protection Law, the Identification Methods for Apps' Illegal and Irregular Collection and Use of Personal Information, and other laws and regulations as well as relevant national standards. (See attachment for details)
Attachment: The National Computer Virus Emergency Response Center found 15 illegal mobile applications
1. The privacy policy does not list the purpose, method, scope, etc. of the App's collection and use of personal information; it does not state the basic information of the App operator. The 7 Apps involved are as follows:
“Bohai Baobei” (version 3.6.3, App Store)
“Doctor Coretech” (version 4.7.4, App Store)
“Qukan Movies and TV” (version 1.7.2, Huawei App Store)
“Business Helper Freight” (version 4.0.2, Android)
Dice Hunter (version 6.2.4, vivo)
“All-round Scanner” (version 2.1.4, vivo)
“Xiao Jin Le Xuan” (version 2.5.5, Tengniu.com)
2. App clients provide personal information to third parties without user consent and without anonymization; personal information processors provide personal information they process to other personal information processors without informing the individual of the recipient’s name or name, contact information, purpose of processing, processing method, and type of personal information, and without obtaining the individual’s separate consent. The following 6 apps are involved:
“Business Helper Freight” (version 4.0.2, Android)
Children's Songs for Kids (version 2.0.00, Xiaomi App Store)
“Pastoral Ranch” (version 1.1.5, oppo)
“Haijian Fitness” (version 4.4.1, oppo)
Dice Hunter (version 6.2.4, vivo)
“Xiao Jin Le Xuan” (version 2.5.5, Tengniu.com)
3. The App starts collecting personal information or opens the permission to collect personal information before obtaining the user's consent. The two apps involved are as follows:
“Qianyun Driver App” (version 2.4.40, oppo)
“Haijian Fitness” (version 4.4.1, oppo)
4. The App does not provide effective functions for correcting, deleting personal information, or canceling user accounts, or sets unnecessary or unreasonable conditions for correcting, deleting personal information, or canceling user accounts; provides users with ways and methods to withdraw their consent for collecting personal information, but does not specify this in the privacy policy and other collection and use rules; the manual processing (commitment) time limit for canceling user accounts exceeds 15 working days. The five Apps involved are as follows:
“Qukan Movies and TV” (version 1.7.2, Huawei App Store)
Children's Songs for Kids (version 2.0.00, Xiaomi App Store)
“Qianyun Driver App” (version 2.4.40, oppo)
“Love to Make PPT” (version 1.1, oppo)
“Haijian Fitness” (version 4.4.1, oppo)
5. The App failed to establish and publish channels for complaints and reports on personal information security, or failed to accept and handle complaints within the promised time limit. The following 5 Apps are involved:
Children's Songs for Kids (version 2.0.00, Xiaomi App Store)
“Pastoral Ranch” (version 1.1.5, oppo)
Dice Hunter (version 6.2.4, vivo)
“Go Out and Play” (version 1.0.0, vivo)
“Qianyun Driver App” (version 2.4.40, oppo)
6. Where personal information is processed based on personal consent, the individual has the right to withdraw his or her consent. The personal information processor has not provided a convenient way to withdraw consent. The five apps involved are as follows:
Children's Songs for Kids (version 2.0.00, Xiaomi App Store)
“Qianyun Driver App” (version 2.4.40, oppo)
Dice Hunter (version 6.2.4, vivo)
“All-round Scanner” (version 2.1.4, vivo)
“Haijian Fitness” (version 4.4.1, oppo)
7. Pushing information and commercial marketing to individuals through automated decision-making, without providing options that are not specific to their personal characteristics, or failing to provide individuals with a convenient way to refuse; the privacy policy does not state that the collected user personal information is used for targeted push, Precision marketing; the privacy policy clearly states that there is a targeted push function, but there is no significant distinction between personalized push services on the page. The 4 apps involved are as follows:
“Business Helper Freight” (version 4.0.2, Android)
“Yuedian Fingertip Earning Money Edition” (version 1.0.3, oppo)
“Qianyun Driver App” (version 2.4.40, oppo)
“Haijian Fitness” (version 4.4.1, oppo)
8. Processing sensitive personal information without obtaining the individual’s separate consent. The four apps involved are as follows:
“Business Helper Freight” (version 4.0.2, Android)
“Qianyun Driver App” (version 2.4.40, oppo)
Dice Hunter (version 6.2.4, vivo)
“Haijian Fitness” (version 4.4.1, oppo)
9. Personal information processors handle personal information of minors under the age of 14 without formulating special personal information processing rules; and collect information of minors without obtaining separate consent from their guardians. The following 4 apps are involved:
“Pastoral Ranch” (version 1.1.5, oppo)
Dice Hunter (version 6.2.4, vivo)
“Love to Make PPT” (version 1.1, oppo)
“Haijian Fitness” (version 4.4.1, oppo)
10. Apps frequently start up by themselves or in conjunction with other apps without clearly informing users and consent, and without reasonable usage scenarios. The following 1 app is involved:
Sino-German Bank (version 1.0.4, App Store)
In response to the above situation, the National Computer Virus Emergency Response Center reminds the majority of mobile phone users to first be cautious when downloading and using the above-mentioned illegal mobile apps, and at the same time, pay attention to carefully read their user agreements and privacy policies, do not arbitrarily open and agree to unnecessary privacy permissions, do not arbitrarily enter personal privacy information, and regularly maintain and clean up related data to avoid the leakage of personal privacy information.
*Note: The App detection time listed in the article is from May 1 to June 1, 2024.
Source: National Computer Virus Emergency Response Center
If reprinted, please indicate the original address
Thank you for your support, I will continue to work hard!
OpenWeChatScan and click on the upper right corner to share
You may also be interested in
-
The National Computer Virus Emergency Response Center found 15 illegal mobile applications
-
IDC: 360 XDR is the market leader in extended detection and response platforms
-
As low as 98,000 yuan/year! Emergency cloud service management platform is innovatively launched
-
Native integrated security on the go | BCS Cloud Native Security Forum held in Beijing
-
The National Energy Administration issued the “Emergency Plan for Power Network Security Incidents” (attached with full text)
-
The Eastern Hemisphere's top cybersecurity competition is about to open, and these contents of the “Matrix Cup” are worth paying attention to
GIPHY App Key not set. Please check settings