Source: https://mp.weixin.qq.com/s/g_ApJ0na3EzxytzHsszi_A
In recent years, mobile Internet applications (App) have become widely used and play an important role in promoting economic and social development and in serving people's livelihood. At the same time, Apps often collect excessive personal information or force collection of personal information, with users unable to install them if they don't consent.
In order to implement the principle of the Cyber Security Law of the PRC that the collection of personal information is to be legal, proper, and necessary; to standardize Apps' collection of personal information, and to ensure the security of citizens' personal information, the State Internet Information Office has researched and drafted this Scope of Necessary Personal Information for Common Types of Mobile Internet Applications (APPs), which is now released to the public for comments.
The public may email feedback and comments to: security@cac.gov.cn; the deadline for feedback is December 16, 2020.
Attachments: Scope of Necessary Personal Information for Common Types of Mobile Internet Applications (APPs) (Draft for Solicitation of Comments)
Cybersecurity Administration
2020/12/1
Scope of Necessary Personal Information for Common Types of Mobile Internet Applications (APPs) (Draft for Solicitation of Comments)
This document specifies the scope of necessary personal information for 38 common types of App, such as maps and navigation, online car-hailing, instant messaging, and so forth. Necessary personal information refers to the personal information necessary to ensure the normal operation of Apps' basic functions and services without which the Apps cannot provide basic functions and services. As long as the user agrees to the collection of necessary personal information, Apps must not refuse the users' installation and use.
1. Maps and navigation:
Basic functions and services: Positioning and navigation.
Necessary personal information: location information.
2. Online car-hailing:
Basic functions and services: Booking car trips.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) The departure place, arrival place, location information, and tracking of passengers.
3. Instant messaging:
Basic functions and services: Provide instant messaging services such as for text, pictures, voice, and video.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) Account information: Account, list of contact accounts.
4. Online Communities:
Basic functions and services: Interactive discussion, information sharing and following on blogs, forums, and communities.
Necessary personal information: The registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
5. Online payment:
Basic functions and services: Payment institutions provide monetary fund transfer services (such as payments, cash withdrawals, transfers, etc.) as remotely initiated by payment orders from the payees or payers through the public networks.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) The payer's name, ID type and number, ID expiration date, photocopy of ID, bank card number and mobile phone number associated with the bank.
(3) The payee's name and bank card number.
6. Online shopping:
Basic functions and services: Purchase of goods.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) The name, address, and telephone number of the recipient.
(3) Payment information.
7. Food and beverage delivery:
Basic functions and services: Food and beverage purchases.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) The name, address, and telephone number of the recipient.
(3) Payment information.
8. Courrier and logistics:
Basic functions and services: Express delivery of parcels, printed materials, and other items.
Necessary personal information:
(1) The sender's real name, address, and telephone number.
(2) The name, address, and telephone number of the recipient.
9. Transportation ticketing:
Basic functions and services: Transportation-related ticketing services and trip management (like ticket sales, changes, returns, trip management etc.)
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) Passengers' names, ID types and numbers, Passenger categories. Passenger categories usually include child, adult, student, and so forth.
(3) Passengers' place of departure, destination, departure time, car/boat/flight number, seat/cabin class, seat number (if any).
(4) Payment information.
10. Marriage and dating:
Basic functions and services: Marriage and dating.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) The sex, age, and marital status of the person looking for marriage or dating.
11. Job search and recruitment:
Basic functions and services: Job information query and job-seeker resume delivery.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) The resumes provided by job applicants.
12. Online lending:
Basic functions and services: Individual consumer loans realized through Internet platforms.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) The borrower's name, ID type and number, ID expiration date, a copy of the ID, and a bank card number.
13. Housing rental and sales:
Basic functions and services: Personal housing resource information publishing and housing rentals or sales.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) Basic information of housing: The house address, area/house type, asking sale price or rent.
14. Used car trading:
Basic functions and services: Used car sales and purchasing.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) The purchasers' name and I.D. type and number.
(3) Seller’s name, ID type and number, vehicle license number, and vehicle identification number.
15.Medical consultation and booking:
Basic functions and services: Online consultation and booking.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) Patient name, ID type and number.
(3) The hospital and department for the patient's appointment.
16. Travel Services:
Basic functions and services: Ordering travel products.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) The travellers' destination and time of travel.
(3) The travellers' names, ID type and numbers.
17. Hotel services:
Basic functions and services: Hotel reservations.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) The lodgers' names, contact information, check-in and check-out times, and name of the hotel.
18. Online Games:
Basic functions and services: Proving game products online.
Necessary personal information: The registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
19. Study and education:
Basic functions and services: Online tutoring or internet classes.
Necessary personal information: The registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
20. Local Living:
Basic functions and services: Services such as domestic cleaning and repairs, furniture and decoration, trading in used goods, and other routine life services.
Necessary personal information: The registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
21. Women's Health:
Basic functions and services: Health management services for women's menstrual cycles, pregnancy and childcare, and beauty.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) Historical information used for health management.
22. Car services:
Basic functions and services: bike-sharing, ca-sharing, car rentals, and other such services.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) The ID type and number, and copies of the drivers licenses for users that will use shared or rental car services.
23. Investment and financial management:
Basic functions and services: Investment and financial management services related to stocks, futures, funds, securities, etc.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) The investment and financial management user's name, ID type and number, ID expiration date, and photocopies of the ID.
(3) The investment and financial management user's cash accounts and bankcard numbers.
24. Mobile banking:
Basic functions and services: Provision of services such as bank account management, information inquiries, transfers, and transfers provided through mobile smart-terminal devices such as mobile phones.
Necessary personal information:
(1) the registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
(2) The user's name, ID type and number, ID expiration date, copy of ID, bank card number, and mobile phone number associated with the bank.
(3) The payee's name and bank card number.
25. Email and cloud drives:
Basic functions and services: Email boxes, cloud drives, etc.
Necessary personal information: The registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
26.Remote conferencing:
Basic functions and services: Providing audio or video conferencing online.
Necessary personal information: The registered user's mobile phone number or other real identity information (the App provider is to provide a variety of options, for the user to choose one).
27. Webcast/Livestream:
Basic functions and services: Proving sustained information services such as videos, audio, images, and other forms.
Necessary personal information: Basic functional services are to be available without requiring personal information.
28. Online audio and video:
Basic functions and services: Video and music broadcasting and downloads.
Necessary personal information: Basic functional services are to be available without requiring personal information.
29. Short video:
Basic functions and services: Search and broadcast of videos that do not exceed a set length.
Necessary personal information: Basic functional services are to be available without requiring personal information.
30. News:
Basic functions and services: Browsing and searching news information.
Necessary personal information: Basic functional services are to be available without requiring personal information.
31. Sports and fitness:
Basic functions and services: Services such as recording exercise and health management.
Necessary personal information: Basic functional services are to be available without requiring personal information.
32. Browsers:
Basic functions and services: Browsing Internet information resources.
Necessary personal information: Basic functional services are to be available without requiring personal information.
33. Input methods:
Basic functions and services: Input of text, punctuation, etc.
Necessary personal information: Basic functional services are to be available without requiring personal information.
34. Security management category:
Basic functions and services: Killing viruses, cleaning malicious plug-ins, fixing vulnerabilities, cleaning for optimization, harassment interception, rights management, etc.
Necessary personal information: Basic functional services are to be available without requiring personal information.
35. Electronic books:
Basic functions and services: E-book reading.
Necessary personal information: Basic functional services are to be available without requiring personal information.
36. Photography enhancement:
Basic functions and services: photography, aesthetic enhancement, filters, etc.
Necessary personal information: Basic functional services are to be available without requiring personal information.
37. Application stores:
Basic functions and services: App downloads and management.
Necessary personal information: Basic functional services are to be available without requiring personal information.
38. Practical tools:
Basic functions and services: Calendar, weather, dictionary translation, calculator, remote control, flashlight, compass, clock/alarm clock, file transfer, file management, wallpaper or ringtones, screenshot, audio recording, work coordination, etc.
Necessary personal information: Basic functional services are to be available without requiring personal information.
English
中文(简体)
[…] Here are a few examples of what’s considered “necessary” personal data for different types of apps, as translated by China Law Translate: […]