On September 10, China's Cyber Security Association released a list of apps that have completed compliance rectifications for personal information collection and usage. This announcement marks a significant step forward in enhancing data privacy standards across a wide range of app categories. A total of 62 apps, including popular platforms such as JD.com, Taobao, Vipshop, Amap, Huawei Browser, Jinri Toutiao, and Tencent Video, have all been re-released on app stores with versions that meet compliance requirements. The app operators have committed to maintaining this compliance with future updates as well.
The covered apps span 10 categories, including online shopping, navigation, browsers, news, online streaming, e-books, photography, cloud storage, short videos, and ticketing. Under the guidance of the China Cyber Security Association, these app operators have worked to address key issues, such as over-collection of personal data, excessive use of sensitive permissions, and difficulties in account cancellation or managing permissions.
This announcement follows similar initiatives by local authorities, such as the Shanghai Cyberspace Administration, which earlier conducted special inspections on 21 apps for personal information collection. Even after addressing the identified issues, the administration issued further notifications on these apps’ operational information and remaining concerns.
The Ministry of Industry and Information Technology (MIIT) also remains heavily involved in this effort, having released seven batches of announcements this year alone regarding apps that violate user rights.
The regulations governing these compliance efforts are rooted in key Chinese laws, including the Personal Information Protection Law, Cybersecurity Law, and Telecommunications Regulations, among others. These laws provide a robust framework for protecting user data and enforcing stricter penalties for non-compliance.
Notably, the Consumer Rights Protection Law Implementation Regulations, which came into effect on July 1, 2024, prohibit the excessive collection of consumer data and the use of blanket or default authorisations, ensuring that app operators cannot force or indirectly compel users to consent to data collection unrelated to their core services.
This concerted effort by regulatory bodies and industry players reflects China's growing emphasis on safeguarding user privacy in the digital age. The continued oversight and compliance upgrades signal a stronger commitment to protecting personal data and enhancing user trust in the country's digital ecosystem.
Comments