China: National Computer Virus Emergency Response Centre issued ruling in investigation into 68 mobile applications for alleged violations of data protection laws

On 11 July 2025, the National Computer Virus Emergency Response Centre announced that 68 mobile applications were found violating China’s Cybersecurity Law and Personal Information Protection Law during checks conducted between 11 June and 1 July 2025. The investigation applies to mobile application developers and distributors across various sectors, including e-commerce, social networking, and software development, operating through platforms such as WeChat applets, Huawei App Market, Xiaomi App Store, and official websites. Breaches included failure to display or provide access to privacy policies, collecting personal data without explicit consent, sharing data with third parties without approval and inadequate mechanisms for data correction or account deletion. It also highlighted a lack of opt-out options for targeted marketing, processing sensitive and minors’ data without consent, and insufficient security measures such as encryption. Non-compliant apps have been ordered to rectify issues, and some have been removed from app stores for continued violations.