Do you still have privacy in the internet age? Various problems of mobile APP appear one after another!

2024年12月9日 | admin | B2

  Cctv newsRecently, some mobile phone users reported that when some mobile phone apps were opened, the mobile phone automatically started taking photos or recording, and it was suspected that sneak shots were taken. These two incidents that may involve revealing personal privacy quickly attracted public attention.

  In order to realize the full-screen design, the mobile phone in the report video designed the front camera as a lifting and hiding function. The whistleblower said that when he opened the QQ mobile browser, the camera of the mobile phone suddenly rose out by himself, and he was suspected of being photographed or secretly recorded. This video quickly became a hot search on the internet that day, and caused strong dissatisfaction among netizens about the suspected sneak shots of mobile apps.

  In this regard, the QQ browser team quickly issued an official statement, saying that there is indeed an action of raising the camera, but this is just that the APP wants to obtain the parameters of the camera in order to support the QR code scanning, and will not turn on the camera, let alone shoot or record, and explain the cause of the problem and the technical principle for this abnormal phenomenon. The statement also stated that the mobile QQ browser will not collect any privacy of users, and will optimize the user’s experience and experience.

  Coincidentally, a few days later, some netizens reported that when using Baidu input method to search web pages in Baidu browser on mobile phone, the top of mobile phone showed that Baidu input method was recording. Similarly, the Baidu mobile phone input method team responded at the first time, saying that this phenomenon was caused by the optimization of voice microphone preheating, in order to speed up voice startup. He also said that Baidu input method will not record without the user’s consent at any time, nor will it collect privacy by any means.

  For Tencent and Baidu’s statements, many netizens said that they did not sneak shots. Why did they start the camera? Why don’t you steal the recording? If the camera is not designed to be mechanically lifted, we are still unconscious of this problem; Some netizens questioned that even if the camera parameters are read for scanning the QR code as stated in Tencent’s statement, is it necessary to use the front camera?

  The reporter contacted Tencent and Baidu through various channels, hoping to interview the relevant events. Tencent’s public relations staff declined after several detailed telephone conversations with reporters and learned the specific interview content, while Baidu made it clear that the official statement would prevail and refused the reporter’s interview.

  Multi-user authorization of mobile APP routine is "agreed"

  The successive incidents of mobile phone apps suspected of sneak shots have once again triggered public concern about the protection of personal information. Nowadays, mobile APP is like a double-edged sword, which brings convenience to our lives, but also lays a great security risk.

  APP routine 1: automatically check the agreement

  The reporter randomly downloaded a number of commonly used mobile APPs in the APP stores of Android and Apple phones, respectively, and found that after downloading the mobile APP, a line of fine print will be displayed at the bottom of its registration page to remind users that they need to read and check the User Agreement and Privacy Policy before using the app, and they can only be used normally after being authorized successfully. Many apps are automatically set to checked and default consent status without waiting for users to read.

  APP routine 2: the user agrees to authorize when logging in.

  Some apps are marked at the bottom of their registration page, and users only need to log in to indicate authorization. These mobile apps either require users to agree to share personal information with third parties in the privacy policy, or simply use third-party software to log in, and provide multiple third-party platforms such as WeChat and Weibo on the login page. In order to save trouble, users usually click on the third-party platform to log in quickly, but unconsciously choose the default authorization.

  APP routine 3: Explain that the words are too long and obscure

  After clicking on the Privacy Policy and User Agreement of a variety of mobile apps, the reporter found that many instructions are not only lengthy but also obscure, which is time-consuming and laborious to read.

  APP routine 4: indiscriminate use of personal information has become a common phenomenon

  The reporter’s investigation found that at present, the APPlication rights of mobile APP generally involve a number of personal information, including reading location, phone number, camera, SMS, address book, microphone, sports data, body sensor and other sensitive information. Once these rights are agreed, it means that the app can read relevant information at any time without user’s confirmation, which also explains why users start the camera and recording function when using mobile apps such as QQ browser and Baidu input method. Once the user refuses the authorization of some so-called core information, he can’t use the APP normally. For example, when using Sina Weibo, the user must agree to telephone authorization, which includes the right to read the user’s call records, otherwise it cannot be used; When using Baidu mobile phone input method, the application reminds users that they may collect all the words of users, including personal data such as passwords and credit card numbers.

  According to the Survey Report on the Protection of Internet Users’ Rights and Interests in China 2016 released by internet society of china, from the second half of 2015 to the first half of 2016, the economic losses suffered by Chinese Internet users due to spam messages, fraudulent information and personal information disclosure reached 91.5 billion yuan.

  Expert: Combating information leakage needs to be severely punished.

  As early as 1995, the European Union promulgated the Directive on the Protection of Personal Data, and on May 25th this year, the European Union promulgated the most stringent General Data Protection Regulation, which stipulated that data controllers and processors providing services to European users could be fined up to 20 million euros or 4% of the global turnover in the last fiscal year in case of serious illegal data processing. Take Google as an example. In 2017, Google’s total global revenue was $110.8 billion. Assuming that it leaked users’ personal privacy and other illegal acts, the EU could impose a maximum fine of more than $4.4 billion on Google. In China, if an individual illegally obtains other people’s privacy, such as stealing photos, etc., according to the Law on Public Security Administration Punishment, if the circumstances are serious, he will be detained for more than 5 days and less than 10 days, and 500 yuan will be fined: if a business entity leaks personal information, he will be fined up to 1 million yuan according to the Cyber Security Law.