Shulou(Shulou.com)11/24 Report--

In November 2021, the personal Information Protection Law of the people's Republic of China (hereinafter referred to as the "individual Protection Law") was promulgated and implemented. as China's first specialized law to protect personal information, the "individual Protection Law" aims at social security issues such as the daily excessive collection of personal information, big data's "killing", information disclosure, and sharing precise locations with third parties without consent, and puts forward complete compliance requirements.

Today, it has been a year since the implementation of the "individual Protection Law", which has effectively enhanced the safety factor of personal information and built a safe "protection net". However, the protection of personal information can not be completed overnight, and there are still some phenomena worth paying attention to, such as many App user agreements are often more than 10,000 words, long and complex are complained by users, saying "do not understand"; some App are still reading the contents of the mobile phone clipboard without authorization.

In order to better protect the security of personal information, users need to enhance their awareness of security, and enterprises should constantly improve their compliance level from the perspective of users.

When it takes more than 50 minutes to watch the first download and use App, the user must click "I have read and agree to the user Agreement and Privacy Policy" before continuing to use it. User agreements and privacy policies play an irreplaceable role in the complete notification of the whole process of personal information collection, use, processing and protection, and they are also an important part of App data security and compliance. But in real life, how many users will read the user agreement and privacy policy carefully?

Reporters randomly asked the surrounding more than 10 App depth users, the results without exception, everyone said that "did not carefully look at the user agreement", they directly chose to "agree".

As for the reasons for doing so, everyone's answer is the same: "user agreements and privacy policies are too long, too many words, too dense to read or understand."

After looking at the most downloaded App applications in the application market, the reporter found that most App user agreements and privacy policies are more than 10,000 words, which means that users need to agree to the "ten thousand word thesis" before they can use the App. For example, App, an automobile information platform, has a user agreement of 12500 words and a privacy policy of 12700 words.

Most people's normal reading speed ranges from 300W / min to 500W / min. According to this calculation, it will take 50 to 84 minutes for users to finish reading the user agreement and privacy policy of this App. No wonder some netizens complain that "those who can read are all warriors, and those who can understand are doctors."

A few App have provided a brief version of the privacy agreement App user agreement and privacy policies can be tens of thousands of words, can be streamlined?

An industry source told reporters that before the introduction of the "individual Protection Law", various platforms actually had privacy policies for users, but some of the provisions were not explained in detail. After the "individual Protection Law" came into effect, enterprises enriched the details of the provisions. So it's longer. " In order to avoid its own risks, the platform connects a lot of professional words from a business point of view, so as not to cause user complaints and social regulatory reports because of lack of timely authorization and notification. "

The phenomenon that there are too many words in App user agreements and privacy policies that are difficult for consumers to understand has attracted the attention of consumer protection units. Not long ago, the Jiangsu Consumer Protection Commission put forward a suggestion that in the face of the problem that the contents of user agreements and privacy agreements, which have been criticized by users for a long time, are complicated and difficult to read, Internet enterprises should provide summaries of important provisions of complex agreements or display important provisions related to rights and obligations in simple and easy-to-understand tables and texts, so that consumers can read the important contents of the format terms without barrier.

Xia Lei, a public welfare lawyer for consumer rights protection of Jiangsu Consumer Protection Commission, has said that from a professional point of view, agreements can achieve compliance with more concise words; from a personal point of view, privacy agreements and user agreements with tens of thousands of words can hardly be read by ordinary consumers.

At present, App such as JD.com, Taobao and pinduoduo provide not only the full version of the privacy policy, but also the brief version of the privacy agreement. Taking JD.com as an example, the key information is reflected in the form of pictures and tables from the aspects of "types of personal information collected and used for providing services" and "permission to apply for use for providing services".

The consumer rights protection department hopes that more App operators will take active action to better protect consumers' right to know.

Niu Pengfei, Program Director of the Electronic signature Division of Shanghai Digital Certificate Certification Center Co., Ltd., suggested that individual users: "first, read the privacy policy provided by the platform appropriately, and leave screenshots and other electronic documents if you are not sure." second, when filling in the platform information, try not to fill in the non-required items as much as possible. The third is that if you no longer use a certain App, you should operate the step of canceling your account before uninstalling it, so as to prevent the platform from selling our legacy information again in the future. "

Unauthorized access to the clipboard is still an "age-old difficulty" except that user agreements and privacy policies are too long for people to read and understand, and another "old problem" in the field of personal information protection has recently attracted widespread attention.

Not long ago, the Guangzhou Internet Court issued a number of typical cases of personal information protection, one of which involved an App reading the contents of a user's mobile phone clipboard without authorization. The court ruled that App operators monitored and read mobile clipboard information without taking the initiative to inform users, so it was at fault and violated users' right to privacy.

In fact, it is not an isolated phenomenon that App monitors and reads clipboard information from users' mobile phones without authorization.

After testing several popular App, the reporter found that when visiting e-commerce App, App will automatically read the password information just copied from other social software, and can directly open the password page without authorizing the clipboard. When you visit a bank App, if you copy a bank card number, when you enter the next bank App, you will automatically read the card number you just copied and jump out of the interface to ask whether you want to transfer money to the account. After the cancellation or transfer is completed, the act of reading the card number will end.

In the above operations, App did not remind reporters to authorize the copying of clipboard information. In the system rights management of the two types of App, the reporter did not find the function of turning off the copy clipboard in a conspicuous place.

The protection of personal information still has a long way to go. A few days ago, the Information Office of the State Council issued a white paper entitled "working together to build a Community with a shared Future in Cyberspace." it is necessary to "further promote law enforcement in the areas of personal information protection, network information content management, network security and data security protection."

In order to fully protect personal information and data security, in addition to supervision in place, market constraints, industry self-discipline, personal awareness and other aspects can not be relaxed.

The picture is from JD.com.

This article comes from the official account of Wechat: IT Times (ID:vittimes), author: Mao Yu, Editor: Qian Lifu, kicked Girl, typesetting: Ji Jiaying

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.