The article discusses the discovery of malware in Pinduoduo, a Chinese e-commerce company that was found to have been collecting and exploiting users' personal data without their consent. The malware, which was developed by a team of engineers and product managers at Pinduoduo, allowed the company to access users' locations, contacts, calendars, notifications, and photo albums, as well as change system settings and access social network accounts.
The discovery of the malware raises concerns about data privacy and cybersecurity in China, where regulators have been criticized for their lack of understanding of technology. The Ministry of Industry and Information Technology (MIIT) and the Cyberspace Administration of China (CAC) have been accused of failing to take adequate action against companies like Pinduoduo that engage in malicious activities.
The article notes that Pinduoduo's apparent malware would be a violation of China's data privacy laws, which prohibit companies from collecting, processing, or transmitting personal information without consent. The fact that regulators did not detect the malware before it was discovered is seen as embarrassing for the MIIT and CAC.
The incident has also sparked debate on Chinese social media about why regulators have not taken action against companies like Pinduoduo that engage in malicious activities. Some experts argue that regulators lack understanding of technology and coding, while others point to a lack of resources or willpower to take action.
The article concludes by noting that CNN has reached out to the MIIT and CAC for comment, but no response has been received.
Key points:
* Pinduoduo's malware was found to have accessed users' personal data without consent.
* The malware allowed the company to change system settings and access social network accounts.
* China's data privacy laws prohibit companies from collecting or processing personal information without consent.
* Regulators failed to detect the malware before it was discovered, which is seen as embarrassing for the Ministry of Industry and Information Technology (MIIT) and the Cyberspace Administration of China (CAC).
* The incident has sparked debate on Chinese social media about why regulators have not taken action against companies that engage in malicious activities.
* CNN has reached out to the MIIT and CAC for comment, but no response has been received.
The discovery of the malware raises concerns about data privacy and cybersecurity in China, where regulators have been criticized for their lack of understanding of technology. The Ministry of Industry and Information Technology (MIIT) and the Cyberspace Administration of China (CAC) have been accused of failing to take adequate action against companies like Pinduoduo that engage in malicious activities.
The article notes that Pinduoduo's apparent malware would be a violation of China's data privacy laws, which prohibit companies from collecting, processing, or transmitting personal information without consent. The fact that regulators did not detect the malware before it was discovered is seen as embarrassing for the MIIT and CAC.
The incident has also sparked debate on Chinese social media about why regulators have not taken action against companies like Pinduoduo that engage in malicious activities. Some experts argue that regulators lack understanding of technology and coding, while others point to a lack of resources or willpower to take action.
The article concludes by noting that CNN has reached out to the MIIT and CAC for comment, but no response has been received.
Key points:
* Pinduoduo's malware was found to have accessed users' personal data without consent.
* The malware allowed the company to change system settings and access social network accounts.
* China's data privacy laws prohibit companies from collecting or processing personal information without consent.
* Regulators failed to detect the malware before it was discovered, which is seen as embarrassing for the Ministry of Industry and Information Technology (MIIT) and the Cyberspace Administration of China (CAC).
* The incident has sparked debate on Chinese social media about why regulators have not taken action against companies that engage in malicious activities.
* CNN has reached out to the MIIT and CAC for comment, but no response has been received.
! I mean, a company as big as Pinduoduo being able to just collect and exploit users' data without their consent? That's just not cool 
. But you know what the bright side is? The fact that it's exposed now means that people are talking about it and maybe something will change 
.
. But, on the other hand, if they didn't have a system in place to detect this kind of thing, then what? It's all just a big learning curve, you know?
. That's like, super empowering for everyone involved.
!
i mean china has laws in place to protect people but it seems like nobody was paying attention or the regulators just didnt care about tech stuff at all 
and now its like theyre trying to sweep this under the rug by not responding to cnn 
. And don't even get me started on our regulators - they're supposed to be the ones keeping these companies in check, but they just seem to be asleep at the wheel 
. It's like they're too busy collecting their own paychecks or something 
. Meanwhile, we're left dealing with the fallout when some major security breach happens and everyone finds out about it after the fact 
. I mean, how could a company be collecting and exploiting users' personal data without their consent? It's just basic human decency, right? 
. It raises so many questions about the lack of understanding of technology and cybersecurity in China. Are our data protections really that weak? 
I just hope something gets done about this, but until then, I'll be super cautious when using Pinduoduo's services 
. And now we're supposed to believe that they didn't even know about it before it was exposed? Come on! 
. They need to get out of their comfort zone and start learning some basic cybersecurity stuff 
! The fact that CNN reached out for comment and got crickets is just a big middle finger to the public 
. Something needs to change, stat! 
i mean, if pinduoduo got caught red-handed, it means their users are actually paying attention and not just blindly using their services. that's more power to the people! 
And it seems like Pinduoduo's malware would have made their data vulnerable to all sorts of risks. I mean, if they can access users' locations and photos without consent... what's next? It's just common sense that companies need to protect user data, not exploit it! 
I'm surprised the regulators didn't catch this sooner. It makes me wonder how many other companies are doing something similar behind closed doors. 
As a parent, you want your kids to be able to trust technology and feel safe online. This just makes me worry that we need stricter regulations in place ASAP! 
I feel so sorry for all those Pinduoduo users who got their personal info hijacked 
... it's just not right that a company can do this without anyone checking 
. But still, 4 eyes should be watching these companies, you know? They can't just play by their own rules 
. It's like, what are the consequences gonna be for Pinduoduo and whoever created this malware? 
. and honestly, it's kind of sad that regulators didn't detect this sooner. like, how hard is it to find malware these days? 
.
.
. I mean, you'd think that with all the tech giants around, someone would be able to keep them in line, but nope, not this time 
. Maybe they should start by taking a look at their own security measures... or lack thereof 
. Anyway, hope the regulators step up their game soon 
. The fact that they were collecting and exploiting users' personal data without consent is straight up wrong 
? I mean, you'd think they'd be all over this like a bad rash 
. But honestly, it's not entirely surprising. We've been talking about this for years and nothing's really changed 