China in renewed crackdown on app developers for overzealous collection of private data
- The apps being tested include fintech product Gome Easecard and smart home app Midea Aircon Controller
China has launched a renewed crackdown on smartphone apps that collect user data illegally and has ordered a number of tech companies, including big names such as Alibaba Group Holding and Tencent Holdings, to remove non-compliant apps as soon as possible.
The authorities will also test over 50 apps via third-party organisations and remove them from app stores if they are found to be in violation of data privacy rules, China’s Ministry of Industry and Information Technology said in a statement on Friday.
Specifically, the apps will be tested to see if the SDK technology they use, a collection of software tools from app developers Beijing Zhaocai Wangwang Technology and Shanghai CraiditX Technology, is open to abuse.
The apps being tested include fintech product Gome Easecard and smart home app Midea Aircon Controller, both of which were accused by the Chinese 315 Gala consumer rights show of being capable of collecting user information, such as personal contact lists and text messages via SDK, without explicit consent from users.
In response to the allegations made on 315 Gala, shown on CCTV on Thursday, CraiditX said in a statement on Friday that it has launched an internal investigation and had discontinued the use of SDK by the end of 2019 due to the potential for misuse.
Calls to Zhaocai Wangwang by the Post were not answered immediately.
Aside from investigations into these two companies, the MIIT has also asked major tech companies to check if apps provided on their app stores use similar technology. MIIT also pledged to step up the punishment and exposure of apps which illegally access customer data.
The latest move continues Beijing’s sustained drive to block commercial breaches of personal privacy in a market with the world’s largest internet population. Last December Chinese regulators published new rules designed to prevent illegal collection and use of personal app user information.
These rules banned practices such as not publishing service regulations, failure to clarify the purpose and methods of data collection, collection and sharing of personal information without user consent and the collection of user information not related to the service provided.
Earlier this month China’s top lawmaking body the National People’s Congress Standing Committee began to review draft data security legislation, aimed at protecting the “legitimate rights of individuals and organisations” and to “promote development of the digital economy”, according to official news agency Xinhua.
MIIT said it has tested more than 80,000 apps since November last year, and ordered rectification measures for 8,000 apps.
Alibaba owns the South China Morning Post.