[Editor to fill: 200-word domain overview.]
§ DOMAIN · APP COMPLIANCE
App Compliance.
App 合规
Mobile app personal-information collection rules, the necessary-information catalogue, SDK compliance, and app store removal.
The legal corpus.
1 law.
In this domain.
3 briefs.
- § 01 · PERSONAL-INFORMATION
Ai Lin — Why Platform Gig Workers Need PI-Protection Tilt and How to Build It
Ai Lin (Jilin University Law School) takes on the under-attended question of personal-information protection for platform gig workers — the food-delivery couriers, ride-hail drivers, freight drivers, and 'internet marketers' who occupy China's new-employment-form category. The structural problem: PIPL's individual-consent baseline doesn't work in employment relations where the worker has no meaningful bargaining power against the platform's algorithmic management. Ai imports the alienated-labor framework from Marx and the 'scenario fairness' principle from contextual integrity to argue for a tilt-protection regime. Three operational responses: enhanced transparency + tiered PI safeguards; treating algorithmic rules as workplace regulations subject to collective bargaining; full-process regulatory accountability. Highly relevant for multinationals operating platform-gig models in China or contracting with Chinese platform workforces.
- § 02 · ENFORCEMENT
Seven Lessons for Data Compliance Teams from the SAMR 'Ghost Takeout' Series — 3.5 Billion Yuan, 9-Month Suspensions, and the Per-Merchant Aggregation Doctrine
In April 2026, the State Administration for Market Regulation (SAMR) imposed administrative penalties on seven major e-commerce platforms in the 'ghost takeout' series — 3.5 billion yuan in aggregate corporate fines, nearly 20 million yuan in individual fines on legal representatives and food-safety officers, and 3-to-9-month business suspensions. While the cases were ostensibly food-safety enforcement, their analytical structure — pierce-the-paper-compliance, per-merchant aggregation of penalties, identification of licensed-entity liability holders, dual penalties on individual compliance officers — translates directly to data-compliance enforcement. Adapted from a substantive practitioner analysis by 黄春林 (Huang Chunlin), this DCC brief works through seven operational lessons that DSO / PIPO / DPO and compliance counsel should apply *before* the analogous enforcement wave reaches data compliance.
- § 03 · ENFORCEMENT
MIIT Public-Naming Bulletin 2026 Batch 3 (Total Batch 56): 31 Apps and SDKs Cited for PI Violations and Window-Redirect Abuse
MIIT's Information & Communications Administration Bureau published its 2026 Batch 3 public-naming bulletin (total Batch 56) on May 21, 2026, citing 31 apps and SDKs for violations of personal-information collection rules and window-redirect abuse. DCC frames this as the first entry in our enforcement tracker — explaining the joint CAC + MIIT + MPS 2026 Special Campaign that authorizes the batches, the four-statute legal architecture invoked, the rectification-then-enforcement pathway each named entity faces, the cadence of the bulletin series (roughly monthly, 56 batches since inception), and the operational picture this gives overseas counsel of which PI-protection violations actually attract enforcement in the Chinese mobile-app channel.