In the era of big data, personal privacy protection has attracted more and more attention.
On April 25, according to Xinhua news agency, the National Computer Virus Emergency Response Center recently found that 17 mobile apps had privacy violations through Internet monitoring, violated the relevant provisions of the network security law and the personal information protection law, and was suspected of collecting personal privacy information beyond the scope.
The Chinese reporter of securities companies noted that the notification of the National Computer Virus Emergency Response Center is more like a spot check on the mobile app of the securities industry. A total of 13 securities companies were named, including both head securities companies and small and medium-sized securities companies. At the same time, the names also include four third-party stock speculation software, such as Shanghai Dzh Limited(601519) , Yougu stock speculation, etc.
In this regard, some relevant persons of securities companies informed of APP violations responded to the Chinese reporter of securities companies, saying that there are many Android application markets, most operating institutions publish in the main application markets, and some small application markets crawl from other markets without authorization. In the process of crawling, the crawling version is too old and the crawling information is lost, The detected version is not downloaded from the application market officially released by the organization.
At the same time, the above securities traders also said that as a national financial business unit, securities operating institutions attach great importance to safety. In the process of application on the shelves, they will conduct strict safety monitoring for the new version. If there are safety problems, they will reject it and are not allowed to be on the shelves. These 17 apps have been successful in the mainstream application market, indicating that the relevant application market is recognized.
Caitong Securities Co.Ltd(601108) also responded that for the Android version 9.9.3 of Caitong Securities Co.Ltd(601108) app exposed this time, it is confirmed that Peapod platform has not cooperated with the company, and the company has not uploaded the client version on the platform, which has not been confirmed by Caitong Securities Co.Ltd(601108) Caitong Securities Co.Ltd(601108) .
13 brokerage app was named and suspected of privacy non-compliance
According to the notification from the National Computer Virus Emergency Response Center, this is more like a special inspection for apps in the securities industry, involving the inspection of privacy compliance of relevant apps in multiple application download markets.
It is understood that the 17 mobile apps reported by the National Computer Virus Emergency Response Center have privacy violations, mainly involving four aspects.
1. The 16 apps do not explicitly apply for all privacy rights to users, which is suspected of privacy non-compliance. These 16 apps include the apps of 12 securities companies in the corresponding application market and 4 third-party stock speculation software.
The securities (version 6.0.5, pea pod) Wanhe mobile securities software (version 9.00.26, Peapod), Huitong Qifu (version 6.6.4.0, Peapod, which belongs to Shanxi Securities Co.Ltd(002500) company), new era securities (version 6.0.1.0, Xiaomi app store), China Post securities (version 7.1.2.0, Xiaomi app store), Zhongshan securities (version 6.3.3, Xiaomi app store), East Asia Qianhai yuezhang (version 4.2.0, Xiaomi app store, which belongs to East Asia Qianhai securities) Guoyuan Zhifu (version 8.89, Xiaomi app store, under Guoyuan Securities Company Limited(000728) banner).
third party stock speculation software: Yougu stock speculation (version 6.673360 mobile assistant), niuguwang stock (version 6.2.7360 mobile assistant), Shanghai Dzh Limited(601519) (version 9.47, pea pod), annuu zhitou (version 6.2.7, pea pod).
2. App began to collect personal information before obtaining the user’s consent, which is suspected of privacy non-compliance. One app involved is as follows: Caitong Securities Co.Ltd(601108) (version 9.9.3, pea pod).
3. Failure to provide effective correction, deletion of personal information and cancellation of user account, or unreasonable conditions for cancellation of user account, suspected of privacy non-compliance. Nine apps are involved, all of which are mobile apps of securities companies, including:
Guangfa easy gold rush (version 10.1.0.0, baidu mobile assistant), Western Securities Co.Ltd(002673) (version 4.0.3, Huawei application market), ehaitongcai (version 8.75, Le store), Guolian Securities Co.Ltd(601456) Zunbao (version 6.01.031, Le store), Wanhe mobile securities software (version 9.00.26, pea pod), Huitong Qifu (version 6.6.4.0, pea pod), new era securities (version 6.0.1.0, Xiaomi application store) China Post securities (version 7.1.2.0, Xiaomi app store), East Asia’s former Haiyue rise (version 4.2.0, Xiaomi app store).
4. Failure to establish and publish channels for personal information security complaints and reports, or exceeding the promised response time limit, suspected of privacy non-compliance. One app involved is as follows: China Post securities (version 7.1.2.0, Xiaomi app store).
latest response
According to the Chinese reporter from the relevant securities companies, the app evaluation for the securities industry is a random inspection, not an industry wide inspection.
At the same time, one of the securities companies reported this time responded to the Chinese reporter of the securities company, saying:
On the one hand, there are many Android application markets. Most operating institutions release apps in the main application markets. Some small application markets crawl from other application markets through technical means. In this process, the crawled version is too old and the crawled information is lost. In this test, the extracted version is not downloaded from the application market officially released by the agency. It is recommended that the testing agency extract the version through a unified channel.
On the other hand, as a national financial business unit, securities operating institutions attach great importance to safety. China’s mainstream application market also strictly abides by the relevant provisions of the national security law and Document No. 191. In the process of application on the shelves, strict safety monitoring will be carried out for the new version. If there are safety problems, it will be rejected and not allowed to be put on the shelves. These 17 apps have been successful in the mainstream application market, indicating that the relevant application market is recognized. At present, various monitoring institutions and application markets have inconsistent understanding of monitoring standards. It is suggested that the state issue detailed testing standards for app so that all units can unify their requirements.
Caitong Securities Co.Ltd(601108) also responded to this: in response to the exposure of Caitong Securities Co.Ltd(601108) app Android version 9.9.3, it is confirmed that Peapod platform has not cooperated with the company, and the company has not uploaded a client version on the platform, which has not been Caitong Securities Co.Ltd(601108) confirmed. Customers are requested to download the latest official version through the company’s official website, Huawei, Xiaomi, app, apple and other markets.
At the same time, some of the above-mentioned brokerage apps and third-party stock speculation software people who were named responded anonymously that many of the above-mentioned mobile apps were unpopular application markets, such as Peapod and 360 mobile assistant, and less involved in the relevant mobile versions of Huawei application market and Apple App store, resulting in the neglect of updating the app versions of these infrequent markets.
personal privacy protection is paid more and more attention
With the great development of Internet financial technology, the focus of securities companies’ development and customer service has gradually shifted to the mobile terminal. Securities companies’ mobile app has become an important position to serve retail, wealth, high net worth customers and other important positions. The head securities companies invest more than 1 billion yuan in information technology every year.
At the same time, with more and more accurate service to customers and improving customer experience, how to balance the relationship between accurate service and protecting customers’ privacy is becoming more and more important. The protection of customers’ personal privacy has gradually attracted the attention of the state.
It is understood that according to the official website of the National Computer Virus Emergency Response Center, the center was recommended by the Ministry of public security and approved by the former state information office in 2001. It is the only specialized agency in charge of computer virus emergency response in China. Its main responsibility is to quickly find and deal with computer virus outbreaks and network attacks, and protect the security of China’s computer networks and important information systems.
At the same time, the National Computer Virus Emergency Response Center, as the technical support unit of the Ministry of public security, the Ministry of industry and information technology and other departments, has established the China Internet computer virus and network attack monitoring and early warning center and the national mobile Internet application security management center, and regularly releases the computer virus epidemic forecast through CCTV and Xinhuanetco.Ltd(603888) every week.
According to previously disclosed information, the National Computer Virus Emergency Response Center will irregularly detect whether there are privacy violations in mobile apps in relevant industries.
For example, on April 13, the National Computer Virus Emergency Response Center found that 16 mobile apps had privacy violations through Internet monitoring, violated the relevant provisions of the network security law and the personal information protection law, and were suspected of collecting personal privacy information beyond the scope. These mobile apps include good doctor, will find a room, weather forecast, etc.
In view of the violation of mobile app, the National Computer Virus Emergency Treatment Center reminded that the majority of mobile phone users should first carefully download and use the above illegal and illegal mobile app. At the same time, they should pay attention to carefully reading their user agreement and privacy policy instructions, not arbitrarily opening and agreeing to unnecessary privacy rights, not arbitrarily entering personal privacy information, and regularly maintaining and cleaning relevant data to avoid the disclosure of personal privacy information.