Express delivery has become the hardest hit area for information leakage, and it is urgent to strengthen the source management of information security
Prevent personal information from "streaking", and privacy is a "required option"
reading
tips
With the popularization of the real-name system for express delivery, express delivery forms have become the hardest hit area for personal information leakage.
Recently, multiple departments have jointly launched a special campaign for personal information security management in express delivery, emphasizing strengthening the management of information security at the source, promoting the popularization of privacy face sheets, and requiring the goal of full coverage of individual information hiding on the express delivery face within the year.
After the real-name system for express delivery is fully popularized, personal information such as name, phone number, address, etc. are all available on a small express delivery form, and the express delivery form has become the hardest hit area for personal information leakage.
Recently, the State Post Bureau, the Ministry of Public Security, and the National Cyberspace Administration of China jointly held a video promotion meeting for the special action of personal information security management of major e-commerce platform companies involving postal express delivery, emphasizing the strengthening of information security source governance, promoting the popularization of privacy sheets, and clearly proposing that within the year. A timetable for achieving full coverage of postal express delivery.
It has been 5 years since the privacy sheet appeared, but the penetration rate is not high.
This time, the privacy sheet has changed from "optional" to "required". Will the personal information on the express package continue to be "streaking"?
How did the express order become a "leak order"?
On June 28, the police in Yuyao, Zhejiang reported that they had destroyed a new black and gray industrial chain that violated citizens’ personal information. The gang used Trojan software to steal more than 5 million pieces of information about the express delivery from Yuncang and sold them to fraud gangs. Profit of more than 30 million yuan.
According to the suspect's account, the express delivery is priced according to the freshness and category. The highest price is the real-time single-category single, which is mostly generated on the same day and has not been signed for. Common single items include mother and baby, cosmetics, clothing, etc.
On average, an express delivery order is sold at a price of 1 to 2 yuan.
After layers of price increases, express delivery orders were finally sold to overseas "material suppliers" at 5.5 to 7 yuan, becoming "weapons and ammunition" for illegal telecommunications activities such as online fraud.
With the popularization of the real-name system for express delivery, express delivery forms have become the hardest hit area for personal information leakage.
From time to time, criminal activities of selling personal information through express delivery have been exposed from time to time.
In order to prevent the leakage of personal information on express receipts, as early as 2017, some express companies and platforms tried to launch privacy receipts.
Some replace the middle 4 digits of the recipient's mobile phone number with an asterisk, while others hide the specific address.
But 5 years later, the penetration rate of privacy face sheets in the express delivery industry is not high.
The reporter visited several express outlets in Dongcheng District and Chaoyang District of Beijing, and found that most of the express delivery receipts clearly displayed important personal information such as the recipient's name, phone number, and delivery address.
"Every time I threw out the courier, I had to tear up the face sheet before throwing it away, or write down the phone number with a pen," said Ms. Han, who lives in Chaoyang District, Beijing.
Why is the implementation of the privacy sheet not smooth?
Why is the implementation of the privacy sheet not smooth?
Can consumers choose to use a privacy sheet?
Reporter interviews found that some express companies provide privacy single service.
However, when the mini program developed by the courier company places an order for express delivery, only a few courier companies list "hide the middle digits of the mobile phone number" and "only display the last name but not the first name" as the default options. Not the default service, the user needs to manually select this service.
In the express delivery link, privacy face sheets face greater operational difficulties.
"If we use the privacy sheet, we have to use the code scanner to scan one courier by one courier before dispatching." Xiao Liu, the courier brother, said that the delivery of the privacy sheet is more "hard", which will greatly affect the delivery efficiency.
The reporter learned that at the end of the delivery, the courier usually distributes the courier according to the mobile phone number.
The use of the privacy sheet not only requires additional inspection by the courier, but also increases the cost of the courier company.
The dispatcher and senior Gongchai Shining of China Post Shanghai Branch found that when the express delivery with the privacy sheet is delivered, it is necessary to check the contact number in the system. In the case of a large delivery volume, the company is bound to To increase staffing, thereby increasing costs.
Some express delivery companies once listed the privacy sheet as a value-added service. If users want to hide their personal information, they need to pay extra.
How to prevent the "streaking" of express personal information?
The implementation of personal information de-identification technologies such as privacy sheets and virtual numbers is an important means to stop criminals from committing crimes from the source of information.
In order to speed up and improve the promotion and application of the privacy face sheet, the regulatory authorities this time require all e-commerce platforms, etc. to break through the information bottleneck with the delivery company, share relevant data in a timely manner, and cooperate with the promotion of the privacy face sheet.
At present, some companies have responded.
ZTO Express proposes to provide consumers who use Douyin electronic bills with full privacy billing services, desensitize consumers’ personal information on express bills, and use asterisks to replace part of the consumer’s mobile phone number.
At the end of June, Yuantong Express forced its own platforms such as front-line couriers, outlets, and terminal stations to switch privacy forms.
Regarding the practical operation problems faced by the privacy face sheet, Liao Huaixue, a partner of Tahota Law Firm, believes that in terms of technical measures, the construction of security verification should be strengthened.
In addition to the traditional account password verification, other verification methods are used to enable the courier to improve the efficiency of delivery while ensuring that privacy is not leaked.
At the same time, strengthen the authority management of the information system, and only allocate the minimum operation authority and the minimum range of accessible information to employees to meet the needs of the work.
While preventing the express order from becoming a "leak order", it is also necessary to strengthen the internal system construction of express delivery companies to prevent personal information leakage.
Many experts suggest that express delivery companies should establish an internal control mechanism for personal information protection, sign confidentiality agreements with employees, and strictly implement a disciplinary mechanism for breach of contract.
Clarify the information security responsibilities of various departments and positions within the company, and strictly prohibit irrelevant personnel from entering and leaving the express processing and storage site; the company can arrange for professionals to conduct security monitoring of information processing in receipt, sorting, transportation, delivery and other links.
Gan Xi