Mobile apps have been heavily regulated in China for the last 18 months, under specific TC260 guidelines and CAC circulars. Since these have been in force China mobile app operators have had to comply with a long checklist of specific privacy requirements. Mobile apps have during this period been one of the regulator’s enforcement priorities, and there has been a stream of enforcement action (notably apps taken down from app stores) for non-compliance with these guidelines.
The relevant regulators yesterday jointly published new regulations, which will sit alongside the existing guidelines, and are designed to flesh out further the mobile app compliance framework: see http://www.cac.gov.cn/2021-03/22/c_1617990997054277.htm.
In particular, as there has recently been a spate of regulator enforcement activity against excessive data collection by various apps, these new regulations provide a list of personal information that they consider to be reasonable and necessary for app operators to collect.