双语:中国过半网贷公司滥取用户隐私数据

分享到:

导读:对200个金融应用进行的调查显示,111个应用的合规水平为“低”。违规行为包括读取短信和从用户的通信录收集电话号码,这些电话号码可能被用于骚扰造势,羞辱用户让其还款。

双语:中国过半网贷公司滥取用户隐私数据

More than half of Chinese internet finance lenders are failing to comply with data privacy regulations, research has found, raising risks for investors as China steps up the implementation of laws to protect consumer data.

研究发现,超过半数的中国互联网金融贷款公司未能遵守数据隐私规定,给投资者带来风险。目前中国正在加大力度实施保护消费者数据的法律。

The breaches include collecting phone numbers from users’ contact lists, which can be used to mount harassment campaigns and shame users into repaying debts.

这些违规行为包括从用户的通信录中收集电话号码,这些电话号码可能被用于骚扰造势,通过羞辱用户来敦促其还款。

The survey of 200 finance apps by Renmin University and Nandu Personal Data Protection Research Centre, a Beijing think-tank, ranked 111 apps as having “low” compliance.

中国人民大学和北京智库-南都个人信息保护研究中心(Nandu Personal Data Protection Research Centre)对200个金融应用进行的调查显示,111个应用的合规水平为“低”。

It found that almost half - 95 apps - wanted to read users’ text messages, while 97 of them wanted access to users’ contact lists, despite such access not being necessary for the app’s functioning.

调查发现,几乎有一半-95个应用-试图读取用户的短信,而97个应用试图访问用户的通信录,尽管此类访问对于这些应用的正常运行并不必要。

By asking users for such information, the app providers are brushing against the country’s new personal information security standard to be implemented on May 1, which specifies that companies should seek the minimum information needed to make their apps work.

应用提供商要求用户提供此类信息,违反了中国即将于5月1日实施的《个人信息安全规范》。这一新标准规定,企业只能收集使其应用正常运行所需的最少信息。

“Investors should certainly expect more government scrutiny on their business model from a data protection perspective,” said Luo Yan, special counsel at the Covington & Burling law firm in Beijing.

“投资者肯定应该预计到,政府将从数据保护的角度对他们的商业模式进行更多的审查,” 美国科文顿.柏灵律师事务所(Covington & Burling law firm)驻北京的资深律师罗嫣表示。

Among the worst-scoring companies in the report are two of the world’s largest banks, Bank of China and China Construction Bank. Other offenders named were Yidai Credit, which is backed by SoftBank China, and the New York-listed Qudian.

报告中得分最低的公司包括两家全球大型银行-中国银行(Bank of China)和中国建设银行(China Construction Bank)。其他违规公司包括由软银(中国)(SoftBank China)支持的宜贷网(Yidai Credit)和在纽约上市的趣店(Qudian)。

Many apps lacked a privacy agreement that was available upon registration to explain what user data would be protected, leaving the user with little recourse if their details were leaked or misused.

许多应用在用户注册时,没有提供解释哪些用户数据将会受到保护的隐私协议。如果用户的详细信息被泄露或被滥用,他们几乎没有任何追索权。

Although all the apps surveyed collect sensitive financial data, most also ask for permission to access user data that is not needed for the functioning of the app, the report found.

报告发现,尽管所有被调查的应用都收集了用户的敏感财务数据,但多数应用还要求允许其访问应用正常运行并不需要的用户数据。

For example, more than half of the Android apps - including that of Bank of China - wanted microphone access, despite none having a voice input option, the researchers found.

例如,研究人员发现,超过半数的安卓(Android)应用-包括中行的应用-希望使用用户的麦克风,尽管这些应用并没有语音输入选项。

“The attitude of the vast majority of [companies] is ‘no matter whether we need the data or not, let’s collect it first and then decide’,” said Nadiya Ni, lead author of the report.

该报告的主要作者Nadiya Ni表示:“绝大多数(公司)的态度是,‘不管我们是否需要这些数据,我们先收集到手再说,然后决定如何使用’。”

Internet finance companies have a history of using personal information to shame debtors into repayment. Intrusive techniques to hound debtors - such as one debt-collecting “granny gang” who shamed and intimidated borrowers into repayment - have blossomed in the absence of a comprehensive credit-scoring system.

互联网金融公司有使用个人信息来羞辱借款人、以促使其偿还贷款的历史。在缺乏全面的信用评分体系的情况下,不停骚扰债务人的侵扰式方法-比如采用羞辱和恐吓方式促使借款人还钱的“大妈讨债团”应运而生 。

The privacy policy of one online lender, Ideal Treasure, stipulates that in the case of non-payment, the company has the right to share data with third parties, “based on their own judgment”. Ideal Treasure said it “began to improve compliance in strict accordance with regulations from 2017”.

网上贷款公司理想宝科技有限公司(Ideal Treasure)的隐私政策规定,如果借款人不还款,公司有权“根据其自己的判断”与第三方分享用户数据。理想宝表示,从2017年开始,公司“开始严格按照监管规定来改善合规水平”。

Bank of China said its app “strictly follows the laws and protects the rights of users”, adding that the installation process notifies users about its data collection policies and users sign physical copies of agreements when they open online accounts.

中行指出,其应用“严格遵守法律,保护用户的权利”,并补充说,安装过程中会向用户通报其数据收集政策,且用户在开通网上账户时,要签署协议的实物副本。

Qudian said it “attaches great importance to personal data protection and has built a strict personal information protection system”. The group’s user agreement states that the company protects personal data, “unless we get [users’] approval or we have to provide it because of legal obligations”.

趣店表示,其“非常重视个人数据保护,并建立了严格的个人信息保护系统”。该集团的用户协议指出,该公司保护个人数据,“除非获得(用户的)允许,或根据法律义务的要求不得不提供。”

China Construction Bank and Yidai did not respond to requests for comment.

建行和宜贷网没有回应记者的置评请求。

来源:金融时报   

爱语吧作者:peppa

右侧教学logo

品牌宣传、推广营销、渠道合作

  • 010-68890808
  • 010-68890800
  • jiaoxue@cri.cn
国广控股_fororder_{C0F4C757-F8D6-49FB-92A8-E2CC0B7C498C}国广控股Google翻译Google翻译有道有道淘宝教育淘宝教育腾讯精品课腾讯精品课腾讯课堂腾讯课堂百度教育百度教育新华网教育新华网教育人民网教育人民网教育中国网教育中国网教育央视网央视网央广网教育央广网教育中国青年网教育中国青年网教育中国经济网教育中国经济网教育中新网中新网中青在线中青在线中国教育新闻网中国教育新闻网腾讯教育腾讯教育搜狐教育搜狐教育网易教育网易教育新浪教育新浪教育凤凰网教育凤凰网教育千龙网教育千龙网教育中国教育在线中国教育在线芥末堆芥末堆多知网多知网澎湃澎湃新京报新京报中国学生健康报中国学生健康报大燕教育大燕教育北京考试报北京考试报证券时报证券时报华尔街日报华尔街日报黄河新闻网科教黄河新闻网科教36kr36kr青塔网青塔网新浪微博微博搜狐公众平台搜狐公众平台一点资讯_fororder_{A5F5A403-F328-4B86-B205-112B938EE863}一点资讯全美在线_fororder_{A5D8CAAF-D895-4B03-A25C-FA2EF4F51937}全美在线新东方在线新东方在线沪江网沪江网学堂在线学堂在线培生中国培生中国雅思中国雅思中国欧风欧风环球网校环球网校中大网校中大网校达内IT培训达内IT培训人教学习网人教学习网跨考教育跨考教育中公教育中公教育畅游畅游智慧文创智慧文创