China adopts ‘carrot and stick’ approach to apps

Back to Communications Law Committee publications

Jihong Chen
Zhong Lun, Beijing

Yun Luo
Zhong Lun, Beijing


The carrot: Voluntary Mobile Application Security Certification

On the World Consumer Rights Day, 15 March 2019, the State Administration for Market Regulation and the Cyberspace Administration of China jointly published their ‘Announcement on the Mobile Application (Apps) Security Certification Implementation Rules’. Mobile app operators are encouraged to obtain certification from the Cybersecurity Review Technology and Certification Centre to prove compliance with the recommended national standard, namely GB/T 35273 Information Security Technology – Personal Information Security Specification. Search engines and app stores are encouraged to prominently mark and recommend certified apps.

The stick: zero-tolerance enforcement for illegal apps

In January 2019, the Office of Central Cyberspace Affairs Commission, Ministry of Industry and Information Technology, Ministry of Public Security, and State Administration for Market Regulation (the 'four ministries') jointly issued the ‘Announcement of Launching Special Crackdown against Illegal Collection and Use of Personal Information by Apps’ (the 'Announcement'). To implement the Announcement, the four ministries entrusted the App Special Working Group to investigate the illegal collection and use of personal information by apps. Since then, the Working Group has been conducting the investigation. The Working Group has also issued the ‘Self-assessment Guide for Illegal Collection and Use of Personal Information through Apps’ for app operators to carry out self-examination.[1]

After the '3.15 Gala' - the annual Consumer Rights Show aired by the state broadcaster - exposed and reported a number of companies that reaped benefits from illegally collected personal information, the Ministry of Industry and Information Technology soon ordered those companies to cease the relevant activities and initiated the investigation. In implementing ‘Internet Clearance 2019’, local police also target illegal mobile apps. The Internet Police of Beijing’s Bureau of Public Security have shut down more than 400 illegal apps and conducted on-the-spot inspections on 37 mobile internet application platforms and more than 20,000 illegal apps have been removed from mobile app stores.


[1] ‘Understanding of Self-assessment Guide for Apps’, available at: https://mp.weixin.qq.com/s/pbItsKSBP9GjQNoWQ4pkvg, last accessed 5 March 2020.