xi's moments
Home | Technology

Alipay makes changes after privacy criticism

By He Wei in Shanghai | China Daily | Updated: 2018-01-05 07:14

An employee scans a quick response (QR) code displayed on Alipay app at a store in Hong Kong. [Photo/VCG]

A digital spending profile based on a person's history of mobile purchases that went online on Wednesday has sparked a public outcry over privacy issues.

Alipay, the country's leading e-wallet app, was thrown into the spotlight after a lawyer complained on social media that the company was not explicit enough about its intention to share user data with its commercial partners.

Alipay's 520 million users were able to use the app starting Wednesday to review their 2017 transaction history. But a small section-checked by default and buried at the bottom of the landing page-contained an agreement that automatically enrolled its users in its credit rating service if they viewed their spending history by swiping upward on the screen.

In a Weibo post late Wednesday, lawyer Yue Shenshan alerted his followers of the feature, saying, "By agreeing to the privacy policy, which is hidden in smaller text, users have given Alipay the authorization to collect their information and share it with Alipay's partner organizations."

The post has since gone viral and caused outrage among netizens, forcing Alipay to issue an apology on Wednesday night. The company has also tweaked the settings, making the agreement statement more prominent on the page. Alipay also provided detailed instructions on how users can go about rescinding their consent.

The reaction to Alipay's attempts to assuage concerns has been lukewarm.

Cao Lei, a university administrative staff worker who is a regular user of Alipay, accused the company of "deliberately concealing" a data breach that could have compromised the information hundreds of millions of users.

Jiang Yongwei, a partner at Jiangsu Xinsu Law Firm, said Alipay should have presented the legal agreement on the page more explicitly and made it mandatory for users to manually agree or reject it before they could proceed.

The issue highlights growing concern over a lack of transparency in how companies gather and use personal data. A few days ago, messenger app WeChat denied allegations that it was keeping backups of users' chat conversations on its servers.

Victoria Petrock, principal analyst at consultancy eMarketer, expects similar problem to arise in the future as an increasing amount of data is shared across different apps, devices and platforms.

Under China's Cybersecurity Law, companies are permitted to collect customer data but they are also responsible for ensuring that the usage, storage and deletion of data are done within legal limits, said Ling Xiao, a partner at Hui Ye Law Firm.

Like many other countries, China is ramping up its data protection efforts through law enforcement, but there is still much to be done, such as rolling out more stringent rules for obtaining user consent and permission and also giving users to right to have information removed from online search results, Jiang said.

Global Edition
BACK TO THE TOP
Copyright 1995 - . All rights reserved. The content (including but not limited to text, photo, multimedia information, etc) published in this site belongs to China Daily Information Co (CDIC). Without written authorization from CDIC, such content shall not be republished or used in any form. Note: Browsers with 1024*768 or higher resolution are suggested for this site.
License for publishing multimedia online 0108263

Registration Number: 130349