China Flags 40 Apps for Illegal Personal Data Collection, Education Apps Dominate the List

Tech News

There’s a quiet tension running through China’s mobile app ecosystem that surfaces every few months: the gap between what apps tell users about their data practices and what those apps actually do under the hood. The latest enforcement sweep puts that tension in sharp relief.

IT-NEWS, June 22 — China’s National Cybersecurity Notification Center has published findings from the latest round of personal data protection inspections, identifying 40 mobile applications that violate one or more provisions of the country’s data privacy framework. The audit, conducted between May 6 and May 27, 2026, was carried out by the Ministry of Public Security’s Computer Information System Security Product Quality Supervision and Inspection Center, acting under a joint directive from the Cyberspace Administration of China (CAC), the Ministry of Industry and Information Technology (MIIT), and the Ministry of Public Security.

The violations span 11 distinct categories under China’s Personal Information Protection Law, Cybersecurity Law, and the Network Data Security Management Regulations, with the vast majority of flagged apps falling into the education sector — homework helpers, online tutoring platforms, and classroom tools make up the bulk of the list.

The most frequent offense, found in 25 of the 40 apps, was collecting personal information without user consent. Among the named apps are well-known platforms like Zhonggong Education (中公教育), the civil service exam prep giant; Zuoyebang Miaomiaoji (作业帮喵喵机), a hardware-linked homework tool from one of China’s largest edtech companies; Gaotu High School (高途高中), a tutoring app; and Xiaoe Tech Student Edition (小鹅通学员版), a learning management platform. Also caught in the sweep were utility apps like ApowerMirror (傲软投屏), a screen-mirroring tool, and iFixit (version 1.0.8), listed on the Wandoujia app store.

A particularly sensitive violation involved Doubanjiang (豆伴匠, version 2.9.7 on Xiaomi App Store), which was the sole app cited for processing personal data of children under 14 without establishing a dedicated privacy policy or obtaining parental consent — a direct breach of China’s strengthened minor protection provisions.

Three apps — Ai Jiajiao (爱家教), TVbox, and Buyan Calligraphy (不厌书法) — failed to accurately disclose what data they collect and how it is used, with the actual collection practices diverging from their stated policies. Buyan Calligraphy appeared repeatedly across multiple violation categories: beyond misleading disclosures, it was flagged for excessive data collection (gathering location, contacts, and SMS data in unrelated contexts), lacking an effective account deletion mechanism, and failing to provide a functional personalized-recommendation opt-out.

The notification center also reported that five apps — including Zhonggong Education and Geling Classroom (格灵课堂) — failed to inform users of the purpose when requesting permissions to access sensitive personal information, a requirement under Chinese law that mandates synchronous notice at the moment of permission prompts.

Fifteen apps lacked published channels for users to submit privacy complaints, among them Zhixuewang (智学网), an AI-driven education platform, and CoStudy, a virtual study-room app. Six apps — including Yijiaowang Jiajiao (易教网家教) and Homework Answer Search (作业答案搜题) — did not offer straightforward mechanisms for users to correct, delete, or refuse processing of their personal data.

IT-NEWS has learned from the announcement that eight apps from the previous round of inspections, which originally flagged 41 applications, still failed remediation testing and have been removed from their respective app distribution platforms. The enforcement pattern signals sustained regulatory pressure on China’s app ecosystem, particularly in the education sector where the collection of student and parent data has drawn heightened scrutiny from regulators concerned about the volume and sensitivity of information flowing through these platforms.

The 40 apps named in this round were distributed across Huawei App Market, Xiaomi App Store, OPPO Software Store, vivo App Store, Tencent App Store (应用宝), Baidu Mobile Assistant, and Wandoujia — underscoring that no major Chinese app marketplace was untouched by the enforcement action.