Telecoms Regulator Takes New Aim at Apps That Violate User Privacy

China’s telecoms regulator is drafting new rules to rein in mobile app operators that leverage personal information and profit off targeted advertising without users’ consent, in the latest move aimed at reining in the country’s rising tech giants.

The Ministry of Industry and Information Technology (MIIT) said it is boosting its efforts to regulate internet companies that collect excessive amounts of user data by illegally accessing microphones, photo albums and contact lists on their personal devices without their permission.

By collecting and analyzing such private information, some apps have been able to generate detailed profiles of individual users and sell them to third-party companies that push targeted ads to those users, deputy minister Liu Liehong said at a meeting Friday.

The move marks the latest by the MIIT against apps that breach users’ privacy. More broadly, the latest campaign reflects China’s efforts to better protect people’s private information from apps and website operators that often use such data for marketing purposes and sell it to third parties without users’ permission.

In November last year, the MIIT called a meeting where it issued a directive calling on apps to collect only personal data that is necessary and within the scope of users’ consent. A dozen tech giants, including Alibaba’s financial affiliate Ant Group, retailer Suning.com, smartphone maker Xiaomi Corp. and online video platform iQiyi Inc, attended that meeting.

Liu emphasized that the apps cannot collect data from users’ contact books or share such information with third parties without their permission.

Despite constant criticism for collecting data without user consent, some popular apps “still haven’t learned their lesson, and still suffer from the same issues,” Lu Chuncong, another high-ranking MIIT official, said at the November meeting.

Privacy issues and corporate data theft have been increasingly scrutinized in China as the nation prepares to enact sweeping legislation intended to protect data from misuse by corporations.

A string of high-profile data breaches in recent years has strengthened public calls for the government to pass a unified law safeguarding the personal information of citizens. In the first seven months last year, more than 8,000 apps and 478 companies were penalized by regulators for violating data collection rules.

Contact reporter Anniek Bao (yunxinbao@caixin.com) and editor Yang Ge (geyang@caixin.com)

Support quality journalism in China. Subscribe to Caixin Global starting at $0.99.