This article was first published by the International Law Office, a premium online legal update service for major companies and law firms worldwide. Register for a free subscription.
The Beijing Communications Administration (BJCA) recently organised a two-month examination of the network and data security of apps to target the illegal, compulsory and excessive collection of user information.(1)
The examination selected 50 apps with a certain influence and number of users, covering social media, online rental and automotive services, online education, finance, online medical care, basic telecom enterprises and six other areas. The examination revealed the following issues with these apps:
- the failure to explicitly inform users of the effect on services if users refuse to consent to the collection of certain user information;
- preventing users from using other business functions of apps if they refuse to consent to the collection of certain user information; and
- the failure to specify the purpose of collecting sensitive personal information.
The BJCA interviewed the relevant enterprises and required them to carry out immediate rectification in accordance with the relevant laws and regulations. In addition, the BJCA will further strengthen the supervision of data security matters and penalise enterprises that are found guilty of serious breaches and which fail to rectify them.
(1) Further details are available here.