[TheRecord] China gives 38 app operators five days to change their data collection practices

China’s Ministry of Industry and Information Technology (MIIT) notified the operators of 38 popular apps that they have five days to change the way they collect user data or face fines and penalties.

“Our department has continued to increase our oversight over apps and their infringements on users rights,” MIIT said in a statement announcing that it had embarked on a third “look back” investigation and found a roster of companies were not collecting user data correctly. “A total of 38 apps were found to have problems and their issues need to be rectified before November 9th.”

The Ministry’s announcement comes just three days after China’s Personal Information Protection Law (PIPL), went into effect on November 1. It has been seen as a Chinese version of the EU’s super-strict General Data Protection Regulation (GDPR). 

China’s PIPL fundamentally changes the way personal information is treated and gives Beijing a regulatory vehicle that allows it to tighten its control on how the country’s big tech companies use personal information and whether they can move it overseas. 

Yahoo announced late last month that its suite of services wouldn’t be available in mainland China once the law went into effect.

MIIT’s new list of data privacy law offenders reads like a Who’s Who of China tech companies. Tencent’s news and music apps, the social media platform Xiaohongshu, and the online dating app Tantan all stand accused of routinely having “excessive collection of personal information” and were told to make changes. 

Alibaba’s UC Browser was included on a list of companies MIIT says “forces, misleads, and deceives users” into giving the company personal information so, among other things, they can be targeted by push notifications.

The app developers could face fines of up to 50 million reminbi, or some $7.8 million, or up to 5 percent of their annual revenue. Authorities said they also reserve the right to remove platforms from app stores or pull their operating license. 

Back in March, Chinese regulators laid out the “appropriate amount of personal information” apps would be able to collect in order to maintain their core services. If they collect beyond that amount, they can be held accountable. Thursday’s announcement is part of that effort. The companies did not immediately respond to requests for comment.

The post China gives 38 app operators five days to change their data collection practices appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] Adobe Patches Major Security Flaws in PDF Reader, Photoshop

All posts, Security Week

Adobe’s product security response machine revved into high gear this week with the release of multiple patches for gaping security holes in widely deployed software products. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[HackerNews] Urgent Apple iOS and macOS Updates Released to Fix Actively Exploited Zero-Days

All posts, HackerNews

Apple on Thursday released security updates to fix multiple security vulnerabilities in older versions of iOS and macOS that it says have been detected in exploits in the wild, in addition to expanding patches for a previously plugged security weakness abused by NSO Group’s Pegasus surveillance tool to target iPhone users. <!–adsense–> Chief among them is CVE-2021-30869, a type […]

Read More

[ThreatPost] Critical Cisco Bug in VPN Routers Allows Remote Takeover

All posts, ThreatPost

Security researchers warned that at least 8,800 vulnerable systems are open to compromise. Source: Read More (Threatpost)

Read More