26 measures! The Ministry of Industry and Information Technology issued a document related to every APP you install

　　Chinanews.com, February 27th (Chinanews Finance and Economics reporter Wu Tao) APP automatic download, bundled download, membership automatic renewal, pop-up windows flying all over the screen... Have you ever encountered these situations when playing with your mobile phone?

The key is to make a complaint, but the customer service has not yet been contacted. Do you think it is annoying?

　　On the 27th, the "Notice of the Ministry of Industry and Information Technology on Further Improving Mobile Internet Application Service Capabilities" (hereinafter referred to as the "Notice") was released.

The document clearly proposed 26 measures to regulate the above-mentioned chaos.

From App listing to removal, from installation to uninstallation, from use to complaints, it covers the entire chain of the user's use of the APP.

Screenshot of the official account of "Gongxin Weibao"

——Do not deceive and mislead users to download and install by means of "silent download"

　　The "Notice" proposes that recommending apps to users for download should follow the principles of openness and transparency.

In addition, users can only download and install after confirming their consent, effectively protecting the user's right to know and right to choose.

.

　　Without the user's consent or voluntary choice, it is not allowed to automatically or forcibly download the APP, or force the user to download and open the APP by means of folding display, active pop-up windows, frequent reminders, etc., which will affect the normal browsing of information by the user.

Without justified reasons, downloading APPs and reading webpage content shall not be bound together.

　　In response to the problem that users often encounter difficulties in uninstalling, the "Notice" pointed out that APPs should be easily uninstalled, and users should not be maliciously prevented from uninstalling by means of blank names, transparent icons, and background hiding.

——Remind users in a prominent way 5 days before automatic renewal

　　In terms of app experience, the "Notice" clearly states that the screen opening and pop-up information windows provide clear and effective close buttons to ensure that users can close them conveniently; frequent pop-up windows are not allowed to interfere with the normal use of users, or use "full-screen heat map", high-sensitivity "Shake" and other methods that can easily cause false triggers induce user operations.

　　Many netizens have previously reported that APP often runs secretly in the background.

The "Notice" clearly pointed out that "in non-essential or unreasonable scenarios, it is not allowed to self-start and associate start other APPs, or perform actions such as waking up, calling, and updating."

　　In terms of customer service, the "Notice" proposes that major Internet companies publish the telephone numbers of the customer service hotlines in prominent positions on their websites and apps to simplify manual service transfer procedures.

Encourage the improvement of customer service hotline response capabilities. The average monthly response time limit is up to 30 seconds, and the manual service response rate exceeds 85%.

　　It is worth noting that in the payment link, the "Notice" proposes to clearly state the product function rights and tariffs, and if there are additional conditions such as membership activation and fees, it should be clearly reminded.

Restrictive conditions shall not be arbitrarily added in the process of providing product services without expressly expressly, and use this as an excuse to terminate the product functions and services normally used by users, or to reduce the service experience.

　　In addition,

convenient way to unsubscribe at any time and the automatic renewal and automatic renewal cancellation method will be provided during the service period.

Data map.

Photo by Yin Liqin

——Establish

　　Personal information security has always been the focus of users' attention.

The "Notice" released this time emphasizes that engaging in personal information processing activities should have a clear and reasonable purpose, and

.

　　It is worth noting that when a user refuses to provide personal information that is not necessary for the current service, it shall not affect the user's basic functions of using the service.

　　The "Notice" also emphasizes that users should be informed of the personal information processing rules in a concise, clear, and easy-to-understand manner. If there is any change, users should be informed of the latest situation in a timely manner.

Highlight the purpose, method and scope of processing sensitive personal information, establish a list of collected personal information, and must not use default checks, reduced text, lengthy text, etc. to induce users to agree to personal information processing rules.

　　"When the corresponding business function is started, dynamically apply for the required permissions, and the user must not be required to agree to multiple necessary permissions that are not required for this business function. When calling the terminal photo album, address book, location and other permissions, the user is simultaneously informed of the purpose of applying for the permission .Without the user's consent, the user's unauthorized permission status shall not be changed."

　　In addition, the "Notice" proposes to strengthen APP behavior record reminders.

Enhance the ability to record permission call behaviors, and provide convenience for users to query permission call status.

to ensure that users understand the status of personal information collection in a timely and accurate manner.

——APP is put on the shelf for distribution and hot update is more standardized, otherwise it will be removed from the shelf

　　The "Notice" also emphasizes strengthening the management of the use of software development tools (SDK).

Before using the SDK, evaluate its personal information protection capabilities, and clearly stipulate the rights and obligations of all parties through contracts and other forms to ensure that personal information processing complies with laws and regulations.

Centrally display and update the embedded SDK name, function and rules for processing personal information in a timely manner.

If the user's personal information is jointly processed and the user's rights and interests are infringed and damage is caused, the corresponding responsibility shall be borne in accordance with the law.

　　Why use SDK as an important part of the whole chain management?

　　The Ministry of Industry and Information Technology interpreted that in recent years, SDK functions have been continuously expanded and the degree of specialization has become higher and higher, which is a necessary tool for APP development and operation.

According to statistics, at present, SDKs are basically embedded in mainstream APPs, and the average number of SDKs used in each APP is about 20.

SDK has become an important link in the mobile Internet application service chain.

　　In the link of APP listing, the "Notice" pointed out that the person in charge should be identified for relevant audits, and audit log records should be kept, and those that do not meet the requirements will not be put on the shelves.

Publish all APPs on the shelf, and indicate the APP name and function, developer operator, version number, user terminal permission list and purpose to be obtained, personal information processing rules and other information in a prominent position.

　　It is worth noting that the "Notice" also clarifies that for illegal apps that are inconsistent with the public information, or use "hot update, hot switch" and other methods to change the main functions of the APP, the permissions of the application, the scene and scope of personal information collection and use, etc., The service should be discontinued.

　　This means that the previous method of putting the app on the shelves first and then "hot updating" the violations is no longer feasible.

　　In the distribution process, the "Notice" encourages the electronic signature certification of distributed APPs to realize the traceability of the entire process of putting apps on the shelves and distribution behaviors.

The Ministry of Industry and Information Technology interpreted that the distribution platform, as a bridge connecting APP developers and operators and users, must fulfill the responsibility of "gatekeeper" and provide users with compliant products.

(over)