Chinese Regulators Expose 105 Apps, Including Douyin and Baidu, for Illegal Personal Data Collection

The event involves the use of AI systems insofar as these apps likely employ AI technologies for data collection, user profiling, or service personalization. However, the report focuses on illegal or excessive personal data collection practices rather than a direct or indirect harm caused by AI system malfunction or misuse. There is no explicit mention of harm such as injury, rights violations directly caused by AI outputs, or disruption. Instead, this is a regulatory enforcement action addressing privacy violations. Therefore, this event is best classified as Complementary Information, as it provides governance and societal response context related to AI-enabled apps but does not describe a specific AI Incident or AI Hazard.

The event explicitly involves mobile applications that use AI technologies (e.g., short video apps, browsers) to collect and process personal data. The illegal and excessive collection of personal information constitutes a violation of users' privacy rights, a breach of applicable laws protecting fundamental rights. The involvement of AI systems in these apps' data handling and the resulting harm to individuals' privacy meet the criteria for an AI Incident. The harm is realized, not just potential, as the apps have been found to have already engaged in these practices, and official authorities have intervened. Hence, this is not merely a hazard or complementary information but an AI Incident.

The article explicitly reports on apps that use AI-related technologies (e.g., facial recognition, data collection algorithms) to collect and misuse personal data, causing violations of privacy rights and legal protections. The harms are ongoing and have materialized, with regulatory bodies acknowledging the violations but applying lenient enforcement, which indirectly perpetuates the harm. The AI systems' use in these apps is central to the harm, fulfilling the criteria for an AI Incident involving violations of human rights and legal obligations. Therefore, the event is best classified as an AI Incident.

The event involves apps that likely use AI systems for data processing and personalized services, but the reported issue is about illegal or excessive personal data collection and lack of compliance with data protection laws. There is no direct or indirect harm caused by AI system malfunction or misuse described here, nor is there a plausible future harm from AI system use indicated. The event is primarily about regulatory enforcement and compliance related to data privacy, which is a governance and legal response to AI-related data practices rather than an AI Incident or Hazard. Therefore, it fits best as Complementary Information, providing context on societal and governance responses to AI-related data privacy concerns.

The event involves AI systems insofar as these apps likely use AI technologies for data processing and personalized services. The illegal collection and misuse of personal data constitute a violation of users' fundamental rights to privacy and data protection, which falls under violations of human rights or breaches of applicable law protecting fundamental rights. Since the misuse has already occurred and is documented by the authority, this qualifies as an AI Incident due to the direct harm to users' rights caused by the AI-enabled apps' data practices.

The apps mentioned (Douyin, Kuaishou, Baidu, Sogou, LinkedIn) are known to use AI systems for personalized content delivery and data processing, so AI system involvement is reasonably inferred. The event involves the use of these AI systems in ways that violate privacy laws by illegally collecting personal information and failing to provide required user controls, which is a breach of legal obligations protecting fundamental rights. This constitutes a violation of rights (privacy rights) under the framework, thus qualifying as an AI Incident. The event reports actual regulatory action based on these violations, indicating harm has occurred or is ongoing, not just a potential risk. Hence, it is not a hazard or complementary information but an incident.

The event explicitly describes violations related to the collection and use of personal information by applications that likely employ AI technologies such as facial recognition and data analytics. The harms are realized, including breaches of privacy and potential human rights violations, especially considering the context of surveillance and misuse of biometric data. The involvement of AI is reasonably inferred given the nature of the applications and the mention of facial recognition systems. The event meets the criteria for an AI Incident because the AI systems' use has directly or indirectly led to violations of fundamental rights and harms to individuals' privacy.