Shanghai, China: Cracks Down on App Privacy Violations

Written By Jerry Sin

The Cyberspace Administration of Shanghai (CAS) recently wrapped up a thorough inspection into how 21 local apps collect and use personal information. The review, which took place between April and July 2024, was part of efforts to enforce China’s Personal Information Protection Law (PIPL).

Key Findings

The CAS found over 80 privacy violations, including:

  • Vague privacy policies that failed to explain what data was being collected or why.

  • Unnecessary and excessive data collection.

  • Lack of transparency when handling sensitive personal data.

  • Defaulting users into accepting privacy policies without clear consent.

  • Collecting personal data, like device information, before asking for user approval.

  • Using data for purposes beyond what was initially disclosed.

The administration reported that all app operators have since fixed these issues. CAS also reminded developers to be more transparent, collect only essential data, and safeguard personal information in compliance with the law.

For more details, please refer to the official announcement (available only in Chinese) - here.

Jerry Sin
Previous

Australia: Introduces New AI Policy for Government
Next

China: Releases New Guidelines for Digital and Green Transformation