Background:
A well-known hot pot brand 1The news that 500 million pieces of members' personal information and 180,000 pieces of employee information are at risk of leakage have recently rushed to the hot search and attracted attention.
The Cyberspace Administration of Shanghai Municipality (CAC) announced that it has imposed administrative penalties on a number of well-known enterprises that have failed to effectively fulfill their responsibilities for the protection of consumers' personal information and have serious problems in accordance with the law. The above-mentioned violations of laws and regulations of well-known hot pot chain brands are mainly reflected in two links: in the process of collecting personal information, their WeChat mini-programs are still forcibly requesting accurate location information; In the process of storing personal information, it has been established in the past 30 years500 million pieces of personal information of members and 180,000 pieces of information of company employees are not encrypted and stored, and "they have been in a state of 'streaking' for many years."
Qianjiang Evening News: Unencrypted personal information is in danger of being stolen by "ghosts" and other sources, and if it is combined with other data sources sold on the "dark web", users can be profiled more accurately. Leaked personal information could also be used for telecom fraud. In the era of personal privacy protection, there are such surprising information protection loopholes in well-known hot pot chain brands, which once again sounded the alarm bell and reminded us that there is a long way to go to protect personal information privacy.
The Paper: This punishment is of exemplary significance, which means that the "People's Republic of China Personal Information Protection" is growing "teeth". Companies that fail to protect personal information will be punished in real terms, which is far more powerful than interviews or criticism. It is also a reaffirmation of common sense: protecting consumers' personal information is not an "initiative" for businesses, but an obligation that cannot be compromised.
Upstream News: Personal information is protected by law and related to vital interests, and must not be infringed upon by any organization or individual. Some platforms collect information not to better serve users, but to seek more commercial benefits. However, seeking benefits at the expense of the risk of information leakage obviously violates the basic norms of the Internet and the ethics of the business society. It is very important for enterprises to improve their compliance awareness of personal information security protection, strengthen the strong and make up for the weak, and earnestly fulfill the obligations and legal responsibilities of personal information protection. All major companies should clarify the boundaries of responsibility and play an exemplary role in protecting personal information. For enterprises and platforms, the relevant departments also need to smooth reporting channels, strengthen law enforcement, and promptly correct the illegal behavior of long-term "streaking" of personal information.
What do you think about this?