close
tech

Forefront | The location of the original image leak, and these methods can protect privacy

02cdee9a-15be-11ea-83e6-aaaa00151f43.jpg

In the past few days, the statement about “WeChat sent the original image or leaked location information” has been hotly debated, and once on the Weibo hot search list.WeChat officials immediately responded: Image source: Weibo screenshots In fact, as early as 2017, the same issue has also received widespread attention. WeChat has already responded to this.Experts said that if the following three conditions are met, the location will be leaked: 1. Turn on the GPS of the mobile phone; 2. Set the camera to save the geographic location; 3. Send the original image after taking the picture.Therefore, if we pay attention to these aspects, the information security of photos will be greatly improved.Not only WeChat, when using a lot of software, the original image will be sent with the accompanying information, and it has no absolute relationship with the mobile app.Although WeChat took a backseat this time, this incident also reflects users’ concerns about the privacy protection of mobile apps.This year, “ZAO”, which became popular because of “Changing Face”, has been criticized for its “Bawang” privacy clause.Abuse of mobile phone app permissions and inadequate content of privacy clauses pose a certain threat to users’ privacy and security, and cyber security incidents such as the illegal sale of personal information also occur frequently.Except that the users themselves do not pay special attention to the authorization regulations, in fact, some users cannot escape even if they pay attention.In some cases, in order to be able to download and use the app smoothly, they have to agree to the behavior of asking for permissions, which to some extent has encouraged some apps to be more unscrupulous “request”, and users are tantamount to being “hijacked” by the app.Image source: IC photo In November of last year, the China Consumers Association evaluated 100 mobile apps and found that 47 apps did not meet the privacy requirements, of which 34 apps had no privacy clause.Typical problems are “the user is not clearly informed of the purpose of the information when collecting sensitive information, although the personal information is not separately notified and obtained the user’s consent,” automatically check the agreement “,” the user agrees to authorize when logged in, “exists’ selfRisk-taking ‘and other unreasonable disclaimers “etc.According to the China Consumers Association report, there are certain problems with the Industrial and Commercial Bank of China, Alipay, Meitu Xiuxiu, Qunar.com, and Pinduoduo.For example, the Alipay App does not indicate personal sensitive information in the type of information on the mobile phone, and does not distinguish between core and additional functions, which makes it easy for users to think that the collected information is required.For such incidents, legal policies are also being followed up.At the beginning of this year, the four departments of the Central Cyberspace Office, the Ministry of Industry and Information Technology, the Ministry of Public Security and the General Administration of Market Supervision jointly issued the “Announcement on the Implementation of the Special Management of Personal Information on Mobile Phones That App Is Illegal and Illegal.”It is understood that this round of rectification focuses on “collecting personal information privately”, “collecting personal information beyond the scope”, “privately sharing to third parties”, “forcing users to use targeted push functions”, “no permissions being granted,” “frequently applying permissions”, “Excessive requests for permissions, “setting obstacles to user account logout” and other violations.On November 1, the Supreme People’s Court and the Supreme People’s Procuratorate announced the clear rules and prerequisites for the crime of refusing to perform the obligations of information network security management, as well as the criminalization criteria.Has “caused the leakage of more than 500 pieces of track information, communication content, credit information, and property information” and “caused the leakage of accommodation information, communication records, health and physiological information, transaction information and other user information that may affect the safety of people and property.8 cases including “more than a thousand articles” should be regarded as “causing serious consequences” as stipulated in the Criminal Law.Imprisonment of not more than three years, detention or control, and a fine or a single fine.The security of users’ personal information has not only received widespread attention in China, but in the United States, it has already issued a “high price ticket”.Facebook has paid high “tuition fees” because of multiple leaks of user privacy.The California Consumer Privacy Act (CCPA) was passed in California in 2018 and will take effect in January 2020.At that time, similar to the EU bill, the CCPA will regulate all data business practices that do business with California residents.Gain many rights related to personal data.It mainly includes: data access rights, data deletion rights, non-discrimination rights, obvious “do not sell personal information” options on product pages, and omission of new privacy policies, minor and guardian authorization and private litigation rights.The EU introduced GDPR as early as April 2016, known as “the strictest user personal data protection bill in history,” and it was officially implemented in May 2018.Companies that violate relevant regulations will face a fine of up to 4% of their annual turnover.In January 2019, Google paid a fine of 50 million euros to the French authorities because it did not clearly state the collection and use of personal data in targeted advertising..