Apps including Alibaba-backed food-ordering platform ele.me and US-based travel site TripAdvisor are accessing sensitive private information that's not related to their functions, and this enables them to "peep into users' lives and acquire users' private information," according to recent test results released by local authorities in Shanghai.
The tests, which were conducted by the Shanghai consumer council, involved 39 apps covering online shopping, travel and daily living/services. More than 60 percent of the apps accessed sensitive user data that wasn't needed, including calendars and phone records.
Other apps that were found to have problems include car rental platform China Auto Rental (CAR) and food-ordering platform nuomi.com, backed by domestic internet giant Baidu.
Most of the apps have corrected their settings and released updated versions, according to a report from the People's Daily on Wednesday.
According to a statement CAR sent to the Global Times on Sunday, the company said it had indeed found cases involving "applying functions it did not need," although the company insisted that it had never used the functions to acquire users' information and had always given top priority to users' privacy.
"We have our upgraded app version and deleted related authorization requests, and will strengthen protection over users' information in the future," the company said.
TripAdvisor said in an email it sent the Global Times on Sunday that it has deleted authorization requests to access users' phone records, and it will continue to optimize its products and cooperate with supervision by local authorities.
These developments come as China's mobile phone user base rises, its internet economy grows rapidly and regulators intensify scrutiny of the internet economy.
Since 2016, China has enacted at least 18 laws and regulations related to internet administration, including the Cyber Security Law and regulations covering online advertising, publications, financing, payments, news services and the internet-based sharing economy.
Industry analysts said domestic consumers should become more aware of protecting private information when using the internet and downloading apps. Allowing app developers to gain access to calendars, for example, might lead to the leak of business secrets or personal schedules.
"I still think getting users' consent to get their personal data just by putting an 'agree or disagree' button up before using an app or program is too simple and risky," Chen Shuyan, a Shanghai-based while-collar worker, told the Global Times on Sunday.
"I think the process should be upgraded to better protect our privacy. I have almost everything on my phone now, including my bank card, meeting details, work schedule ... everything you can imagine," he said.