The Ministry of industry and information technology re governs data security, and Netease Yidun "privacy compliance" keeps the bottom line of enterprise operation

The Ministry of industry and information technology re governs data security , Netease easy shield “ Privacy compliance ” Keep the bottom line of enterprise management

With the rapid development of Internet technology ,“ Weak privacy protection ”、“ Data security vulnerabilities ” Cause attention in our country , Relevant regulations and governance measures have been introduced .

In recent days, , The spirit of important instructions to promote the healthy development of the platform economy , The Ministry of industry and information technology decided to carry out special rectification actions for the Internet industry . This special rectification action lasts for half a year , The main focus is to disrupt the market order 、 Infringement of users' rights and interests 、 Threaten data security 、 Violating the regulations on resource and qualification management 8 Class problem , Co involved 22 A specific scene .

In terms of threatening data security , The Ministry of industry and information technology focuses on regulating enterprises in data collection 、 transmission 、 Storage and external supply , Failure to take necessary management and technical measures as required , Including that sensitive information is not encrypted during data transmission 、 Scenarios such as providing data to a third party without the consent of the user .

APP Actively embrace policy and governance

In recent years , Ministry of industry 、 The Internet information office conducted interviews on improper collection and use of personal information and data disclosure 、 Rectification and punishment . Yes APP The crackdown on infringement of personal privacy is increasing , When the mobile application is launched on the third-party distribution platform, it will be reviewed by the third-party platform , Urge enterprises with problems to rectify .

The last rectification notice occurred in 7 month 19 Japan , And ask for in 26 The rectification and implementation work has been completed recently . The bulletin mentioned 145 paragraph APP , The reason is that it infringes the rights and interests of users , Involving rebate Technology 、 Dongfang fortune and other listed companies .

This is the entry of the Ministry of industry and information technology 2021 Number of notifications since 6 batch APP. From the inspection and rectification content ,APP Illegal collection 、 Use personal information , mandatory 、 frequent 、 Over asking for permission and other behaviors are still “ Heavy disaster area ”. It is worth noting that , since this year on , The Ministry of industry and information technology has strengthened law enforcement . Ministry of industry and information technology 2020 In, a total of relevant off shelf notices were issued 8 Time , And in the 2021 It was issued just after half of the year 6 Batch notification , The frequency of picketing has increased significantly .

Beyond law enforcement , Laws and regulations related to privacy compliance continue to improve , Make privacy compliant 、 Data protection has become a certainty . The following is a brief list of relevant regulations ：

2021-06-10 | Member of the Standing Committee of the National People's Congress |《 Data security law of the people's Republic of China 》
2020-07-24｜ Ministry of industry ｜《 About carrying out in-depth promotion APP Notice of special rectification action against infringement of users' rights and interests 》
2020-10-01 | CSSA |《 Personal information protection norms 》
2019-12-30｜ Ministry of industry ｜《App Identification method of illegal collection and use of personal information 》
2019-02-27｜ The United States ｜《 Data privacy act 》
2018-05-25｜ The European Union GDPR｜《 General data protection regulations 》

In an increasingly clear legal environment ,APP We need a controllable risk 、 Reasonable and compliant solutions .

Yidun privacy compliance detection technology

Privacy collection violations may go deep into every line of code , Self inspection is difficult .2019 Beginning of the year , Netease Yidun goes online APP Compliance assessment security solutions , Realize one-stop automated troubleshooting , Provide customers with more professional services 、 More reassuring 、 More convenient service .

Netease Yidun provides one-to-one services of senior security evaluation experts , To give APP Developer professional rectification suggestions , Quickly locate and solve problems , help APP The developer has passed the regulatory evaluation of the safety inspection agency at one time , Such as the national computer network and Information Security Management Center 、 Three public security stations 、 Information industry information security evaluation center, etc .

Up to now , Netease Yidun has provided professional privacy detection services for dozens of enterprises . period , Netease Yidun keeps iterating , Closely follow the privacy compliance regulations related to mobile applications at home and abroad , Collect from personal information 、 Permission usage scenario 、 Privacy policy description and other dimensions correspond to privacy security compliance detection , And automatically output the compliance test report , For the purpose of APP Provide a complete and standardized testing scheme , Help customers better find relevant problems , Avoid privacy compliance risks . Some detection directions are ：

1. Is there a case of publicly collecting usage rules ;
2. Whether there is no explicit purpose of collecting and using personal information 、 The way and scope of the situation ;
3. Whether there is any situation of collecting and using personal information without consent ;
4. Whether there is a violation of the principle of necessity , Collection of personal information unrelated to the services provided ;
5. Whether there is any situation of providing personal information to others without consent ;
6. Is there any situation that the function of deleting or correcting personal information is not provided in accordance with the law ;
7. Whether there is APP Self start Association start ;
8. Whether there is misleading and deceiving behavior in open screen advertisements ;

about APP For developers , You should check the above aspects before putting on the shelves , Eliminate risks from the root . in general , Change the original thinking , Integrate self-examination and self-improvement into products and business processes as soon as possible , It is important for data compliance .

Besides , Mobile applications should also improve network security awareness , Prevent data theft 、 Illegal crawling 、 Collect and transmit security risks such as leakage . combination APP Reinforcement and other security solutions , Fully ensure the security of the whole link of users' personal information , Systematically embrace regulation .