最新动态
联系我们

苏州侦探-苏州私家侦探、私人调查-苏州婚姻外遇调查社

手机:

微信:

公司宗旨:

您浏览的位置:主页 > 服务项目 >

如何管好越了界的App 保护用户隐私信息安全

发布于:2018-12-20 15:58

近日,有网友发现,大众点评、航旅纵横等手机应用,在没有明确提示的情况下加入社交属性,令用户的各类信息暴露在好友甚至陌生人面前。此外,还有网友在使用某款手机时发现,打开部分App会导致手机的摄像头升降,以及被提示正在录音。
 
Recently, some netizens found that mobile phone applications, such as public comments, voyages, etc., add social attributes without explicit prompts, exposing users'various kinds of information to friends or even strangers. In addition, some netizens found that opening part of the App would cause the camera of the mobile phone to rise and fall, and be prompted to record.
 
 
 
 
 
两个事件,将App随意公开用户隐私和过度索取手机权限的问题再度推上舆论风口。如何管好越了界的App,保护用户的隐私信息安全,是亟待解决的一道现实考题。
 
Two incidents brought the issue of Apple's arbitrary disclosure of user privacy and excessive requests for mobile phone rights back to the forefront of public opinion. How to manage App well beyond the boundaries and protect users'privacy and information security is a realistic test to be solved urgently.
 
 
 
用户变成“透明人”
 
Users become "transparent people"
 
 
 
点评收藏信息未经提示随意公开
 
Comments on Collection Information
 
 
 
觉得这个餐厅很好吃,去大众点评给个五星;被推荐了一个不错的酒店,在大众点评里点个收藏打算下月休假去体验……近日,通过微信登录大众点评的用户发现,自己的点评、收藏信息,在没有明确提示的情况下,被推送给了自己的微信好友。
 
I think this restaurant is delicious. I went to the public to comment on it and gave it a five-star restaurant. I was recommended a good hotel. I put a collection in the public comment. I plan to take a vacation next month to experience it. Recently, users who log on to the public comment by Wechat found that their comments and collections of information were pushed to their Wechat friends without explicit prompts.
 
 
 
“当时使用微信登录大众点评,主要是为了获得5元奖励,也没有认真看相应的隐私协议。但没想到却是以自己变成‘透明人’为代价,真是不值得。”一名网友发帖抱怨。
 
"At that time, the use of Wechat for public comment was mainly to get a 5 yuan reward, and did not seriously look at the corresponding privacy agreement. But unexpectedly, at the cost of becoming a transparent person, it's really not worth it." A netizen posted complaints.
 
 
 
无独有偶。今年6月,航旅纵横的“虚拟客舱”功能,也被质疑泄露用户隐私信息。用户在值机选座后,点击其他已选座位,可查看到该座位乘客选择航空公司的偏好、常去的目的地等信息。此外,用户还可以给其他用户添加个性化标签,比如某用户就被贴上了“天秤座”“偏爱深航”“广东”“座位靠窗派”的标签。
 
It happens that there is a similar case. In June this year, the vertical and horizontal "virtual cabin" function was also questioned to leak user privacy information. After checking in and choosing seats, users can click on other selected seats to see the preferences of passengers in that seat for airlines and their frequent destinations. In addition, users can also add personalized labels to other users, such as a user who is labeled "Libra", "Deep Aviation Preference", "Guangdong", "Seat by the Window" label.
 
 
 
虽然大众点评与航旅纵横两款App在被质疑后,均及时道歉并改进相关功能,但仍引发了手机网民对各类App不经明确提示,随意公开用户个人信息的不满。“如果是分享给熟悉的好友也就罢了,万一这些敏感信息落在不法分子手里,后果不堪设想。”经常使用航旅纵横办理值机手续的陈先生说。
 
Although public comment and navigation apps apologized and improved their functions in time after being questioned, they still caused the dissatisfaction of mobile netizens who disclosed users'personal information at will without explicit prompts. "If it's shared with a familiar friend, just in case these sensitive information falls into the hands of illegal elements, the consequences are unimaginable." Mr. Chen, who often uses air travel to check-in formalities vertically and horizontally, said.
 
 
 
今年5月1日,《信息安全技术个人信息安全规范》正式实施,对个人信息和个人敏感信息、个人信息的授权同意及明示同意做出明确规定,要求收集个人敏感信息时,应取得个人信息主体的明示同意。当个人信息主体拒绝时,可不提供相应的附加功能,但不应以此为理由停止提供核心业务功能,并应保障相应的服务质量。
 
On May 1, this year, the Code for Personal Information Security of Information Security Technology was formally implemented. The authorized consent and express consent of personal information and personal sensitive information were clearly stipulated. It is required that the subject of personal information should obtain express consent when collecting personal sensitive information. When the main body of personal information refuses, it can not provide corresponding additional functions, but it should not be used as a reason to stop providing core business functions, and should guarantee the corresponding quality of service.
 
 
 
中国政法大学传播法研究中心副主任朱巍认为,个人信息的权利属于用户自己,任何手机应用收集和使用个人信息应先取得用户本人同意。同时,App的隐私协议不可要求用户一概性授权使用个人信息,必须明确向用户告知收集个人信息的具体范围,如何使用收集到的信息,以及在保护用户信息方面采取的相应措施等。
 
Zhu Wei, deputy director of the Communication Law Research Center of China University of Political Science and Law, believes that the right to personal information belongs to the user himself. Any mobile phone application that collects and uses personal information should first obtain the user's own consent. At the same time, App's privacy protocol does not require users to authorize the use of personal information. It must clearly inform users of the specific scope of personal information collection, how to use the collected information, and the corresponding measures taken to protect user information.
 
 
 
强索权限存疑点
 
Doubts about the Competence of Claim
 
 
 
3家手机地图取消无关隐私获取
 
3 Mobile Maps Cancel Unrelated Privacy Acquisition
 
 
 
近日,一款新型手机火了。用户发现在该款手机上打开QQ浏览器App,手机的摄像头会有升降的动作。此外,在未对手机进行任何操作时,会被提示百度输入法正在录音。随后,腾讯和百度分别发出声明,表示摄像头的升降是为了获取镜头参数,正在录音的提示是预热麦克风导致的,并未通过拍摄和录音来采集用户隐私。
 
Recently, a new mobile phone fire. Users found that when QQ browser App is opened on the phone, the camera of the phone will move up and down. In addition, Baidu input method will be prompted to record when no operation is performed on the phone. Subsequently, Tencent and Baidu issued statements that the camera was lifted to obtain lens parameters, and that the recording prompt was caused by preheating the microphone, which did not capture user privacy through shooting and recording.
 
 
 
虽然是虚惊一场,但用户对App索取手机摄像头、麦克风、定位、通讯录等权限的使用目的依然持怀疑态度。“如果说外卖App要求获得用户的位置权限是为了推荐周边餐厅和送餐方便,那么它同时要求获得摄像头和通讯录权限又是为了什么呢?”一位网友在微博上这样写道。也有网友在尝试关闭某视频App读取手机通讯录、短信等功能后发现,该App依然能够正常打开使用,因此说明这些默认获取的权限并非必需。
 
Although it is a false alarm, users are still skeptical about the purpose of Apple's access to mobile camera, microphone, location, address book and other permissions. "If takeaway App requests location permissions to recommend surrounding restaurants and convenience for delivering meals, then why does it require access to both cameras and address books?" wrote a netizen on Weibo. Some netizens also found that after trying to shut down some video App to read mobile phone address book, SMS and other functions, the App can still open and use normally, so it shows that these default access rights are not necessary.
 
 
 
智能手机时代,App要正常使用,确实需要用到手机里的一些权限,但据DCCI互联网数据中心与腾讯社会研究中心联合发布的《网络隐私安全及网络欺诈行为研究分析报告(2017年一季度)》显示,基于对800多个安卓手机应用隐私权限检测,发现获取用户手机隐私权限的现象较为普遍,占比高达96.6%,其中25.3%存在越界获取用户手机隐私权限的情况,目前已成为网络诈骗的重要源头。
 
In the era of smartphones, App does need some privileges in mobile phones to be used properly, but according to the "Research and Analysis Report on Network Privacy Security and Network Fraud" (the first quarter of 2017), published jointly by DCCI Internet Data Center and Tencent Social Research Center, based on the detection of more than 800 Android mobile phone applications'privacy privileges, it is found that access to users' mobile phone privacy rights is now available. Elephants are more common, accounting for 96.6%, of which 25.3% have cross-border access to users'mobile phone privacy, which has become an important source of network fraud.
 
 
 
《移动互联网应用程序信息服务管理规定》指出,依法保障用户在安装或使用过程中的知情权和选择权,未向用户明示并经用户同意,不得开启收集地理位置、读取通讯录、使用摄像头、启用录音等功能,不得开启与服务无关的功能。
 
The Regulations on the Management of Information Services for Mobile Internet Applications point out that users'right to know and choose in the process of installation or use should be guaranteed according to law. Without explicit instructions to users and their consent, they should not open functions such as collecting geographical location, reading address books, using cameras, and enabling recording. They should not open functions unrelated to services.

下一篇:天涯社区入局区块链 写文章就能“挖矿”
上一篇:新零售成行业趋势 家居产业变革将至 精准消费被提上议程