Konrad Kollnig , Lu Zhang , Jun Zhao , Nigel Shadbolt
{"title":"中国 iOS 应用程序中的隐私问题及个人信息保护法的影响","authors":"Konrad Kollnig , Lu Zhang , Jun Zhao , Nigel Shadbolt","doi":"10.1016/j.clsr.2024.106041","DOIUrl":null,"url":null,"abstract":"<div><p>Privacy in apps is a topic of widespread interest because many apps collect and share large amounts of highly sensitive information. In response, the Chinese legislator introduced a range of new data protection laws over recent years, notably the Personal Information Protection Law (PIPL) in 2021. So far, there exists limited research on the impacts of these new laws on apps’ privacy practices. To address this gap, this paper analyses data collection in pairs of 634 Chinese iOS apps, one version from early 2020 and one from late 2021.</p><p>Our work finds that many more apps now implement consent. Yet, those end-users that decline consent will often be forced to exit the app. Fewer apps now collect data without consent but many still integrate tracking libraries. Market concentration in app data collection has seen limited change. At the same time, there exists a larger number of influential and equal market participants than in the West. Among them, Apple was the only relevant foreign company.</p><p>We see our findings characteristic of a <em>first iteration</em> at Chinese data regulation with room for improvement. With the help of enhanced technological capabilities, we expect increased enforcement of the new data rules. There is also room to refine the new laws and make them more targeted at mobile apps and the online sphere, particularly through clear and up-to-date technical specifications for software developers. As such, our findings could also be motivation for non-Chinese policy- and lawmakers to enhance their own data protection regimes.</p></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"55 ","pages":"Article 106041"},"PeriodicalIF":3.3000,"publicationDate":"2024-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0267364924001079/pdfft?md5=f35185751c76a76e671e0f0e5d8cac53&pid=1-s2.0-S0267364924001079-main.pdf","citationCount":"0","resultStr":"{\"title\":\"Privacy in Chinese iOS apps and impact of the personal information protection law\",\"authors\":\"Konrad Kollnig , Lu Zhang , Jun Zhao , Nigel Shadbolt\",\"doi\":\"10.1016/j.clsr.2024.106041\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Privacy in apps is a topic of widespread interest because many apps collect and share large amounts of highly sensitive information. In response, the Chinese legislator introduced a range of new data protection laws over recent years, notably the Personal Information Protection Law (PIPL) in 2021. So far, there exists limited research on the impacts of these new laws on apps’ privacy practices. To address this gap, this paper analyses data collection in pairs of 634 Chinese iOS apps, one version from early 2020 and one from late 2021.</p><p>Our work finds that many more apps now implement consent. Yet, those end-users that decline consent will often be forced to exit the app. Fewer apps now collect data without consent but many still integrate tracking libraries. Market concentration in app data collection has seen limited change. At the same time, there exists a larger number of influential and equal market participants than in the West. Among them, Apple was the only relevant foreign company.</p><p>We see our findings characteristic of a <em>first iteration</em> at Chinese data regulation with room for improvement. With the help of enhanced technological capabilities, we expect increased enforcement of the new data rules. There is also room to refine the new laws and make them more targeted at mobile apps and the online sphere, particularly through clear and up-to-date technical specifications for software developers. As such, our findings could also be motivation for non-Chinese policy- and lawmakers to enhance their own data protection regimes.</p></div>\",\"PeriodicalId\":51516,\"journal\":{\"name\":\"Computer Law & Security Review\",\"volume\":\"55 \",\"pages\":\"Article 106041\"},\"PeriodicalIF\":3.3000,\"publicationDate\":\"2024-08-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.sciencedirect.com/science/article/pii/S0267364924001079/pdfft?md5=f35185751c76a76e671e0f0e5d8cac53&pid=1-s2.0-S0267364924001079-main.pdf\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computer Law & Security Review\",\"FirstCategoryId\":\"90\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0267364924001079\",\"RegionNum\":3,\"RegionCategory\":\"社会学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"LAW\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Law & Security Review","FirstCategoryId":"90","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0267364924001079","RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"LAW","Score":null,"Total":0}
Privacy in Chinese iOS apps and impact of the personal information protection law
Privacy in apps is a topic of widespread interest because many apps collect and share large amounts of highly sensitive information. In response, the Chinese legislator introduced a range of new data protection laws over recent years, notably the Personal Information Protection Law (PIPL) in 2021. So far, there exists limited research on the impacts of these new laws on apps’ privacy practices. To address this gap, this paper analyses data collection in pairs of 634 Chinese iOS apps, one version from early 2020 and one from late 2021.
Our work finds that many more apps now implement consent. Yet, those end-users that decline consent will often be forced to exit the app. Fewer apps now collect data without consent but many still integrate tracking libraries. Market concentration in app data collection has seen limited change. At the same time, there exists a larger number of influential and equal market participants than in the West. Among them, Apple was the only relevant foreign company.
We see our findings characteristic of a first iteration at Chinese data regulation with room for improvement. With the help of enhanced technological capabilities, we expect increased enforcement of the new data rules. There is also room to refine the new laws and make them more targeted at mobile apps and the online sphere, particularly through clear and up-to-date technical specifications for software developers. As such, our findings could also be motivation for non-Chinese policy- and lawmakers to enhance their own data protection regimes.
期刊介绍:
CLSR publishes refereed academic and practitioner papers on topics such as Web 2.0, IT security, Identity management, ID cards, RFID, interference with privacy, Internet law, telecoms regulation, online broadcasting, intellectual property, software law, e-commerce, outsourcing, data protection, EU policy, freedom of information, computer security and many other topics. In addition it provides a regular update on European Union developments, national news from more than 20 jurisdictions in both Europe and the Pacific Rim. It is looking for papers within the subject area that display good quality legal analysis and new lines of legal thought or policy development that go beyond mere description of the subject area, however accurate that may be.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
