Tencent Apologizes for Reading User Browser History

Get the latest APAC ESG insights straight to your inbox

Email must be formatted correctly

Contact Us
  • Twitter

  • Linkedin

  • Tencent Apologizes for Reading User Browser History

    Share this article

    Tencent [0700:HK] apologized on January 18 for its instant messaging software, QQ, for reading users’ browser history, after an internet article exposed it on January 17, as reported by The Paper on January 19. Tencent explained that the reading was to evaluate login security risks and identify malicious logins. The tech giant purported that the software would neither upload data to the cloud, nor use the data for any other purposes. The company also stated that it had amended internal code to solve the issue.

    The Information Security Technology – Personal Information Security Specification, issued by the State Administration for Market Regulation (SAMR) and Standardization Administration of China (SAC), regards browser history as personal and sensitive information. Based on this regulation, Tencent breached user privacy policy as it did not specify that QQ would collect historical information stored in browsers. However, according to The Paper, since Tencent claimed that it did not upload such data without users’ consent, the company has not breached user privacy.

    In its 2019 annual report, Tencent said that QQ’s monthly active users (MAU) on smart devices was 647m as of December 31, 2019. Earlier, in January 2021, former US President Donald Trump issued an executive order banning transactions with several Chines apps for fear of data privacy breaches, with QQ on the list. The immediate reason for Trump’s ban was QQ’s cloud computing configurations, which saved user conversations. These could then be reopened and used on other devices. In the past few years, China’s data economy has been growing rapidly. In the meantime, data leakages have caused increasing concerns. In view of these concerns, regulators have strengthened the country’s data privacy legal framework, with the Cybersecurity Law marking a shift toward more comprehensive supervision. In November 2020, the country released a draft for the Personal Information Protection Law, the first law in this area to further enhance the protection of personal data.







    Email must be formatted correctly

    Please First name this required field.

    Please Last name this required field.

    Please Company this required field.