Editor’s Note — DCC.
This brief covers a single local enforcement notice: the Notification on Taking Down 46 Apps (SDKs) for Infringing User Rights (关于下架46款侵害用户权益行为APP(SDK)的通报), issued by the Shanghai Communications Administration (上海市通信管理局, SHCA) — the Ministry of Industry and Information Technology’s directly-administered provincial-level communications authority — via its 上海通信圈 account on 24 June 2026. The 46-app list is published as an image table attached to the notice; DCC has transcribed it below from that image (app name and ICP filing entity), and the transcription may contain minor error — the authoritative list is the original. The structural framing is DCC’s.
Read it against DCC’s enforcement tracker: the CAC 30-app naming notification and the MIIT Batch 56 bulletin, both running under the same 2026 joint special campaign. This notice is the rung above naming — takedown.
The notification
Citing the Personal Information Protection Law, the Cybersecurity Law, the Telecom Regulations (电信条例), and the Provisions on Protecting the Personal Information of Telecommunications and Internet Users, and acting under the CAC + MIIT + MPS Announcement on Carrying Out the 2026 Personal Information Protection Series of Special Campaigns — the same campaign document behind the CAC notifications and the MIIT batched bulletins — SHCA describes a clean enforcement sequence:
- In June 2026, SHCA publicly named a batch of apps and SDKs found to infringe user rights through unlawful collection and use of personal information.
- Operators were given a rectification deadline.
- On recheck after the deadline, 46 apps (SDKs) still had not rectified as required.
- SHCA therefore takes the 46 down (采取下架处理).
SHCA adds that it will keep tracking the named apps and, as warranted, take further measures: suspension of access (停止接入), administrative penalty, and inclusion in the telecom-business bad-record list (电信业务经营不良名单).
Why this notice is different: the enforcement ladder
DCC’s earlier enforcement entries captured the naming tier — the CAC notification gave 30 apps a 15-working-day rectify-and-report window; the MIIT batches name apps and threaten disposition. This SHCA notice is what happens at the bottom of that ladder when the window is missed:
PUBLIC NAMING → rectify within the window → (compliant: closed)
│ (window missed)
▼
TAKEDOWN (下架) → removed from distribution
│ (further, as warranted)
▼
SUSPENSION OF ACCESS · ADMINISTRATIVE PENALTY · BAD-RECORD LIST
Two structural points for the tracker:
- Local tier, operative sanction. The provincial communications administrations are MIIT’s operational arm; they execute testing and disposition in their own jurisdiction and can order removal through app stores and access providers. Where the CAC notification’s operative verb was “rectify and report,” SHCA’s is “take down.” This is naming converting into a distribution consequence.
- The bad-record list bites beyond the app. Inclusion in the telecom-business bad-record list is not app-specific housekeeping — it attaches to the operator and carries knock-on consequences for its telecom-business credit standing. The sanction reaches the company, not just the binary.
Who got taken down — the 46
The striking feature of the list is its profile: almost every entry is a Shanghai-registered, long-tail O2O lifestyle-service app — moving and relocation, housekeeping and cleaning, pet services, local travel agencies, community group-buy food, fitness, and restaurants/catering. These are not big-name national apps; they are the small-operator long tail, which typically ships with thin privacy disclosures and is the natural yield of local communications-administration testing.
A second pattern: several operators appear with multiple apps taken down at once — one company, a cluster of removals. Examples from the list include the 星颜到家 beauty-service trio (上海昕颜优享美容服务有限公司, #6–8), the 帮宠到家 / 哇咕 / wagoo pet cluster (帮宠到家(上海)宠物服务有限公司, #16–18), the 百瑞福 / 食百道 food trio (食百道(上海)绿色食品股份有限公司, #26–28), the 老兵搬家 moving pair (上海老兵搬家有限公司, #24–25), the 美湫 / Meishu travel pair (美湫(上海)旅行有限公司, #40–41), the 家链食品 pair (#43–44), and the 加伽磅 fitness pair (上海君邦健身有限公司, #45–46).
| # | App (SDK) | ICP filing entity |
|---|---|---|
| 1 | 喜鹊日式搬家 | 上海喜鹊搬家服务有限公司 |
| 2 | 修押鸭 | 上海科锐达维修技术服务有限公司 |
| 3 | 净悦 | 上海爱喜衣清洁技术有限公司 |
| 4 | 喔洗喔洗 | 上海爱善衣清洁技术有限公司 |
| 5 | 食物本义本地生活 | 上海布锦餐饮管理有限公司 |
| 6 | 星颜到家 | 上海昕颜优享美容服务有限公司 |
| 7 | 星颜到家手艺人 | 上海昕颜优享美容服务有限公司 |
| 8 | 星颜到家 home | 上海昕颜优享美容服务有限公司 |
| 9 | YSJ 雅士嘉 | 上海雅嘉家政服务有限公司 |
| 10 | 航阳南旅(商旅出行服务) | 上海航阳国际旅行社有限公司 |
| 11 | 有数出行 | 上海航阳国际旅行社有限公司 |
| 12 | 宠邻里 | 上海壹温宠物商店有限公司 |
| 13 | 闪听米诺 | 上海闲数文化旅游发展有限公司 |
| 14 | 尾星出发 | 桁戈(上海)文化传播有限公司 |
| 15 | 德宁医生 | 德宁(上海)医疗服务有限公司 |
| 16 | 好爱游旅行小助手 | 上海好爱游旅游咨询有限公司 |
| 17 | 哇咕 | 帮宠到家(上海)宠物服务有限公司 |
| 18 | wagoo | 帮宠到家(上海)宠物服务有限公司 |
| 19 | BODYCONCEPT STUDIO | 上海宝迪康德运动科技有限公司 |
| 20 | 旷晨国际商旅 | 上海旷晨旅游咨询有限公司 |
| 21 | 花王保洁 | 上海宝爹保洁服务有限公司 |
| 22 | 优政企业保洁 | 上海优政保洁服务有限公司 |
| 23 | 岚猫管家 | 上海岚猫管家家政有限公司 |
| 24 | 老兵硬汉搬家 | 上海老兵搬家有限公司 |
| 25 | 正步老兵搬家 | 上海老兵搬家有限公司 |
| 26 | 百瑞福利平台 | 食百道(上海)绿色食品股份有限公司 |
| 27 | 食百道绿色食品 | 食百道(上海)绿色食品股份有限公司 |
| 28 | 百瑞福蛋糕商城 | 食百道(上海)绿色食品股份有限公司 |
| 29 | 法小满家服 | 上海春潮家政清洁服务有限公司 |
| 30 | 好班长搬家 | 上海迁易搬家有限公司 |
| 31 | SH Market BONITA | 上海朋笙餐饮管理有限公司 |
| 32 | 鲶坊生活(家烹保洁开荒家电清洗) | 上海宅尔保洁服务有限公司 |
| 33 | 格莱美品质洗护 | 上海酷米洗衣管理有限公司 |
| 34 | 聚晚晴(聚会旅游演艺旅居) | 聚晚晴(上海)国际旅行社有限公司 |
| 35 | MAX SHANGHAI | 渌福餐饮娱乐(上海)有限责任公司 |
| 36 | 菲咪 | 上海菲咪宠物服务有限公司 |
| 37 | 外港智慧餐厅 | 上海优荐餐饮管理有限公司 |
| 38 | 斯里兰卡 ETA 中文申请通道 | 旗旅国际旅行社(上海)有限公司 |
| 39 | Funshot Coffee | 上海蓓果餐饮管理有限公司 |
| 40 | Meishu GOLF | 美湫(上海)旅行有限公司 |
| 41 | Meishu 美湫旅行 | 美湫(上海)旅行有限公司 |
| 42 | 太慧旅游 | 上海久程旅游有限公司 |
| 43 | 心能源空间 | 家链食品(上海)有限公司 |
| 44 | 农场零距离 | 家链食品(上海)有限公司 |
| 45 | 加伽磅健身 | 上海君邦健身有限公司 |
| 46 | 加伽磅之家 | 上海君邦健身有限公司 |
Transcribed from the image table attached to the original notice; the notice also lists each app’s ICP record number (partially masked in the original). The original is authoritative.
What overseas compliance teams should take from it
- Local communications administrations are a real enforcement channel. If your China app is filed for ICP through a local entity, the provincial communications administration — not only CAC and central MIIT — tests it and can take it down. Map which administration your filing sits under, and treat its channel as a live enforcement surface.
- The takedown list is the missed-window list. Every app here was named first and given time to fix. The disposition is for failure to rectify, not for the underlying finding alone. The operational lesson is the same one the CAC brief drew: have a standing rectification playbook — owner, test protocol, report template — so a naming never ages into a takedown.
- One operator, many apps, one sweep. Operators running a family of apps off a single corporate entity saw the whole cluster removed together. A shared privacy/SDK defect replicated across a product family is a cluster-takedown risk; remediate at the platform level, not app by app.
- Takedown is not the floor. SHCA expressly reserves suspension of access, administrative penalty, and bad-record-list inclusion as further steps. The bad-record list in particular reaches the operator’s telecom credit standing — a consequence that outlasts any single app.
The continuity with DCC’s earlier entries is the enforcement model itself: visible, testing-driven, batched public naming — now shown converting, at the local tier, into the removal of apps that did not fix what they were named for. In the 2026 campaign, the naming is the warning; the takedown is what the warning was for.
— 上海市通信管理局, 关于下架46款侵害用户权益行为APP(SDK)的通报 (Notification on Taking Down 46 Apps (SDKs) for Infringing User Rights), published via the 上海通信圈 WeChat Official Account, June 24, 2026. Original notification (Chinese).
Not legal advice. The above is DCC’s structural analysis of the notification. The 46-app list was transcribed from the image table attached to the original notice and may contain minor transcription error; the original is authoritative.