Please do three no's, Ministry of Public Security: Beware of the "Six Routines" for Obtaining Personal Information Citizen | Personal Information | Six Major Methods
On August 10th, Huang Xiaosu, the second level director of police technology at the Ministry of Public Security, announced that there are six methods to prevent criminals from obtaining personal information data, including information fraud, theft, insider leakage, illegal collection, resale, and alteration.
In May of this year, the police in Ningbo, Zhejiang discovered that Li and others had established a certain online media company and contacted "internet celebrities" to sell "internet celebrity teaching materials" at low prices on a live streaming page of a certain platform as bait, deceiving users into shopping and providing personal information of citizens, and selling the information to downstream fraud gangs. The fraud gang also takes advantage of the victim's urgent desire to become an "internet celebrity" to make money by selling fake live training courses. At present, the police have captured 12 suspect and defeated the downstream live training fraud gang.
The police in Xuancheng, Anhui have also solved such cases. A company disguises itself as a legitimate lending company and publishes advertisements on search engines, online short video platforms, and other platforms to attract individuals with loan needs to fill out personal information of citizens, and then sell the relevant information to the lending company in the borrower's hometown through agents for profit.
Huang Xiaosu, the second level director of police technology at the Ministry of Public Security, introduced that criminals mainly use six methods to obtain personal information data, including "fraudulently obtaining information, stealing information, insider leakage, illegal collection, reselling information, and altering information"
Using methods such as "local promotion" and impersonation to obtain personal information from citizens, such as scanning QR codes to give gifts, assisting in activating electronic medical insurance cards in rural areas, impersonating e-commerce customer service, and impersonating police officers to obtain personal information.
Stealing personal information of citizens both online and offline, such as using hacking techniques such as Trojan viruses, phishing websites, infiltration tools, and web crawlers to steal personal information of citizens. Or steal personal information of citizens offline through illegal entry or other means.
Illegally disclosing personal information of citizens through the convenience of their positions, such as internal staff of operators, express delivery companies, automotive 4S stores, real estate and other enterprises and institutions leaking personal information of citizens.
Illegal collection of personal information of citizens, such as supply chain manufacturers using their products to illegally collect personal information of citizens, such as apps, set-top boxes, mobile phones, smartwatches, etc.
Buying or exchanging personal information of citizens, such as using part-time jobs to buy ID cards, bank cards, facial recognition and other information from idle individuals in society, or engaging in illegal exchange of internal data by practitioners in industries such as finance, education, and real estate.
Processing and altering personal information of citizens, such as colliding different data sources such as identity information and shopping information, adding new tags to form new data sources, or using AI technology to generate dynamic facial recognition information from photos.
In response to this, the police insist on cracking down on governance, while strengthening publicity and guidance, reminding the general public to achieve the "three nots": first, not littering, properly storing and disposing of documents, express orders, takeout orders, etc. that record personal information; Second, it is not allowed to distribute personal information randomly on the Internet platform or for others to use, especially personal ID number, phone number, home address, bank card number, etc; Thirdly, do not randomly click or download links to unknown websites, QR codes, free WiFi hotspots, etc. Do not click the "agree" button on app mobile software to obtain device permissions, and install protective software on computers and mobile phones to prevent malicious Trojans and programs from stealing personal information.
Network operators should obtain personal information of citizens through legal and compliant channels, and also adhere to the "three no's": first, they should not collect information indiscriminately, clearly state the purpose, method, and scope of collecting and using information, and obtain the consent of the recipient; The second is to avoid disorderly storage, comply with the network security level protection system in accordance with the law, centrally and uniformly store and prevent information leakage, damage, and loss; The third is to avoid misuse, adopt hierarchical classification management for data, and not disclose, sell or illegally provide personal information of citizens to others. For those who violate laws and regulations, the police will impose administrative penalties, and those with serious circumstances will be held criminally responsible.