Privacy Policy.
Typical problems are “the user is not clearly informed of the purpose of the information when collecting sensitive information, although the personal information is not provided separately and obtained the user’s consent,” automatically check the agreement “,” the user agrees to authorize upon login “, There are unreasonable disclaimers such as ‘at your own risk’ and so on. ”
According to the China Consumers Association report, there are certain problems with Industrial and Commercial Bank of China, Alipay, Meitu Xiuxiu, Qunar.com, Pinduoduo, etc. For example, the Alipay App does not indicate personal sensitive information in the type of information on the mobile phone, and does not distinguish between core and additional functions, which makes it easy for users to think that the collected information is required.
Legal policies continue to follow up on such incidents.
Early this year, the four departments of the Central Cyberspace Office, the Ministry of Industry and Information Technology, the Ministry of Public Security and the General Administration of Market Supervision jointly issued the “Announcement on the Implementation of the Special Management of Personal Information on Mobile Phones App Illegal and Illegal”. It is understood that this round of rectification focuses on “collecting personal information privately”, “collecting personal information beyond the scope”, “privately sharing to third parties”, “forcing users to use targeted push functions”, “no permissions being granted,” “frequently applying permissions”, ” Excessive requests for permissions, “setting obstacles to user account logout” and other violations.
According to the announcement, Bank of China Mobile Banking, Chunyu Doctor, Yunda Express and other publicly used to collect personal information. Twenty apps, including Qudian, Tantan, and Renren, require multiple personal information permissions. If you do not agree, you cannot install them.
Apps with a large number of users obviously have a lot of loopholes.
On November 1, the Supreme People’s Court and the Supreme People’s Procuratorate announced clear regulations on the prerequisites and incrimination criteria for the crime of refusing to perform the obligations of information network security management.
Has “caused the disclosure of more than five hundred trace track information, communication content, credit information, and property information” “caused the leakage of accommodation information, communication records, health and physiological information, transaction information and other information that may affect the safety of people and property 8 situations, such as more than 5,000 user information, should be considered as “causing serious consequences” as stipulated in the Criminal Law. Imprisonment of not more than three years, detention or control, and a fine or a single fine.
The security of users’ personal information has not only received widespread attention in China, but in the United States, it has already issued a “high price ticket.” Facebook has paid high “tuition fees” because of multiple leaks of user privacy.
In 2018, California passed the Consumer Privacy Act (CCPA), which will take effect in January 2020. At that time, similar to the EU bill, CCPA will regulate all data business activities that do business with California residents. Gain many rights related to personal data. It mainly includes: data access rights, data deletion rights, non-discrimination rights, obvious “do not sell personal information” options on product pages, and omission of new privacy policies, minor and guardian authorization, and private litigation rights.
The EU introduced GDPR as early as April 2016, known as the “Strict User Personal Data Protection Act in History,” and it was officially implemented in May 2018. Companies that violate relevant regulations will face a maximum fine of 4% of their annual turnover. In January of 2019, Google paid a fine of 50 million Euros to the French authorities because it did not clearly explain the collection and use of personal data in targeted advertising.
The road to user privacy protection is still quite long. Although we enjoy the convenience brought by technology, we should also be wary of becoming “transparent people”.