Nov 05, 2021 09:02 PM

Dozens of Apps Named and Shamed for Privacy Violations

A brand doll of the Little Red Book stands in a shopping mall in Nanjing, East China’s Jiangsu province, in September 2020. Photo: VCG
A brand doll of the Little Red Book stands in a shopping mall in Nanjing, East China’s Jiangsu province, in September 2020. Photo: VCG

China’s government has named and shamed 38 apps for misdeeds such as excessively collecting users’ data or publishing misleading information, in its first such rectification notice since the new Personal Information Protection Law came into force.

Household names including Tencent’s QQ Music streaming service, social media platform Xiaohongshu, online learning app Zuoyebang, dating app Tantan and film-scoring site Douban were found to have collected personal information beyond what’s necessary to offer their services, according to a Wednesday announcement (link in Chinese) from the Ministry of Industry and Information Technology (MIIT).

Tencent News and the “lite” version of Alibaba’s mobile UC Browser were also found have committed violations including misleading their users, the announcement said.

Other violations by the listed apps include frequently requesting users’ permission for their data to be collected and forcing them to allow push notifications as a condition of service.

The MIIT said that those who fail to fix these problems by Nov. 9 will face penalties.

While it is only the latest in a long series of rectification notices released by the ministry targeting dodgy app behavior, it is the first since China’s new Personal Information Protection Law was enacted on Monday. The law adds new legal teeth to the sustained regulatory scrutiny of personal information collection and use, and sets strict rules on how companies and government departments should treat this kind of data.

The law stipulates that an app developer can be fined up to 50 million yuan ($7.8 million), or as much as 5% of its annual revenue if it violates the law.

 Read more  
Six Things You Should Know About China’s Personal Information Protection Law

The implementation of the law will end the era in which many internet companies built their business models on abusing users’ information, a legal expert working for an internet firm told Caixin on condition of anonymity.

Also on Monday, the MIIT released a circular that ordered app operators to make two lists — one for all the personal information which they have collected and one for the information they plan to share with third-party companies. The lists should be made available to users in order to enhance transparency, the ministry said. It also encouraged app stores to review apps’ data practices before they make them available on their platforms.

In early October, the MIIT released new regulations that mandated data be classified into “core data,” “important data” and “ordinary data” based on the level of importance and risks to national security and overseas interests, to support the implementation of the Data Security Law that came into force on Sept. 1.

Contact reporter Ding Yi ( and editor Joshua Dummer (

Download our app to receive breaking news alerts and read the news on the go.

Get our weekly free Must-Read newsletter.

You've accessed an article available only to subscribers
Share this article
Open WeChat and scan the QR code
Get our CX Daily, weekly Must-Read and China Green Bulletin newsletters delivered free to your inbox, bringing you China's top headlines.

We ‘ve added you to our subscriber list.

Manage subscription
China Stories: The Rural Hardship Behind the Mine Murders That Shocked China