How to legislate to protect users' privacy in the era of big data

How to legislate to protect users' privacy in the era of big data _ Data analyst exam

With the development of information technology such as Internet (especially mobile Internet), Internet of Things and cloud computing, big data has developed rapidly in recent years. Some Internet companies and telecom operators have launched big data development strategies, and the research on relevant policies and regulations, especially the legal issues involving user privacy, has become an indispensable part of the research on big data development. However, there are many controversial issues here.

The development of big data calls for user privacy protection.

The innovation and development of the Internet, especially the mobile Internet, not only brings great value to the society, but also brings great challenges to the protection of user information (including personal information and legal person information). The main reasons are: the network society is a stranger's society; Privacy is easy to leak, and radio, television and communication networks have the characteristics of various forms, full space perception, timely collection and dissemination of multimedia, global direct access, free interaction, large capacity and poor security. It is difficult to identify the subject of infringement, and everyone can post information anonymously on the Internet. Victims, perpetrators, editors, authors, disseminators and publishers are generally not acquaintances, and the related chain is complex. Once privacy is infringed, it is difficult to get adequate relief. Once the information subject is concerned, it can continuously obtain its rich information through the network, thus greatly amplifying its harm.

The dual development of network society and market economy makes user information more and more valuable, and its protection is more and more important. The contradiction between rational utilization and effective protection is becoming more and more prominent.

Information operators, including Internet companies and telecom operators, have set foot in data management (or "big data") business of "turning data into profits" or "monetizing data" in order to improve their marketing and management capabilities and find more profit growth points in data value-added products.

Tracking and studying the current situation and development trend of laws and regulations on user privacy protection at home and abroad can lay a foundation for big data projects to avoid policy and regulatory risks and put forward reasonable legislative demands.

Definition of user privacy protection

The concept of privacy is only 65,438+0,000 years old. It was first put forward by American scholars brandeis and Warren in an article about privacy published in Harvard Law Review in 65,438+0,890. Later, it was adopted by American precedents and gradually confirmed by relevant American laws, and it was widely adopted around the world. At present, the right to privacy is an important legal concept generally accepted or recognized by the two legal systems, and even becomes a constitutional right.

But interestingly, the core concepts of privacy in the United States and Europe are different: in the United States, it means more freedom (the original right of privacy in the United States refers to the right to be alone or not), while in Europe, it means more dignity and is more associated with "people must hide their shame". This is also the reason why the Snowden incident caused different reactions in the legal circles and the public in the US and Europe.

User's right to privacy (this paper mainly refers to personal privacy) generally refers to the civil right with the private interests of the information subject as its content. At present, personal privacy basically has no property attribute, or the property attribute is still relatively weak, so privacy is generally included in the category of personal rights.

The protection of users' privacy actually refers to the protection of users' privacy information. Generally speaking, the information that can identify the user subject once it is leaked is called personal identity information, which belongs to privacy sensitive information. For example: name, address, ID number, mobile phone number, email address, QQ number, WeChat account number, etc.

The concepts of user privacy protection and information security are closely related. The English word Cybersecurity is similar to "network and information security" in the official language of China (for example, when the China government submitted a proposal to ITU and other organizations), which includes both network security and information security. "Network security" includes access control, intrusion detection, identification and so on. In fact, "information security" mainly refers to content security. User privacy protection is a part of information security. This paper only studies its "legal rights and obligations" part.

The core of user privacy protection is to respect the personal wishes of information subjects, that is, information subjects have the right to freely control their personal information, including the scope, objects and methods of information disclosure.

Controversial privacy legal issues

Real name registration system-is it effective? Who is responsible for the large-scale disclosure of user privacy?

The original intention of implementing the real-name registration system of network users' identity (including the real-name registration system of telephone and the real-name registration system of network login) is to prevent crimes (such as terrorist attacks) and anonymous slander on the network. South Korea is the first country to implement real-name registration system registration, and it is also the most thorough country. However, due to the large-scale exposure of user privacy, the Korean government finally gave in and restricted the website from collecting and registering user ID cards.

The international controversy is that the real-name registration system on the Internet seems to have little effect on solving its original problems, but it inhibits the use of the Internet. For example, the research of Seoul National University shows that the number of defamatory posts only dropped from 13.9% before the implementation in real-name registration system to 12.2% later. The average number of participants in online forums dropped sharply from more than 2,500 to less than 800. The online real-name registration system allows more people to choose silence online. However, even if you are silent, personal information may still be stolen.

About the maximum retention time of data-is the operator's data its asset?

In the era of big data, it is generally believed that data is an asset. However, some cases encountered by Internet companies have challenged this idea: in 2009, the EU Data Protection Working Group sent letters to Google, Microsoft and Yahoo respectively, arguing that the reason why search engine service providers protect users' search records for more than six months was untenable, so they were required to shorten the retention time of users' search information. At present, the minimum storage time of user data (such as call details) is generally stipulated in China, and the maximum storage time may be stipulated in the future.

The second use of user information-notification and permission? Or should information users bear the responsibility?

The principle of notification and permission is facing challenges. Because the value of big data is increasingly derived from the secondary (and above) utilization of user data. This may subvert the current "notification and permission principle", that is, information collectors must inform users of the purpose of their data in advance. Some data development is actually impossible to obtain users' consent in terms of technology, manpower, financial resources, time (including timeliness and time-consuming) and business confidentiality.

Although on many occasions, information operators have provided privacy protection statements in advance, allowing users to choose "agree" or "disagree". However, users actually did not read these complicated legal documents carefully, but chose to trust reputable and branded information operators. Therefore, the possible alternative rule is to let the information users bear the responsibility themselves. Because they are the easiest to grasp their own risks and benefits.

Has the principle of anonymity failed in the era of big data?

The principle of anonymous use is a universal principle, but there are also examples of failure. In August 2006, AOL published a large number of old search data for social research. These data are carefully anonymized, that is, personal information such as the user's name and address is replaced by special digital symbols. Nevertheless, after comprehensively analyzing the search records in a few days, The New York Times found that "No.4 465 438+07 749" in the database represented Selma Arnold, a 62-year-old widow in Lille, Georgia. This aroused public anger and led to the dismissal of the chief technology officer and two other AOL employees. Can it be concluded that anonymity (or simply hiding) is not necessarily effective for big data in the Internet age?

Personal Motivation and Predictive Analysis —— Should People Be Responsible for Their Behavior Tendency?

Since the most important application of big data is prediction, people may be arrested only for their criminal motives in the future. Similar principles also apply to the government's major decisions on managing society and employees in enterprises. Therefore, we must broaden our understanding of justice and protect personal motives in order to safeguard people's free will to choose their own actions, that is, individuals can and should be responsible for their actual actions rather than their behavioral tendencies. Just like what we are doing now for procedural justice.

The Principle of Privacy Impairment —— How to Balance Privacy Protection and Public Interest?

The derogation of the right to privacy means that, unlike the right to life and health, the right to privacy should be restricted under certain circumstances, and even the obligee can temporarily stop exercising his rights under certain circumstances, or give priority to protecting other rights when it conflicts with other rights.

People can agree on the statistics and collection of personal privacy related to public health (such as epidemics). However, when it comes to issues such as national security (such as Snowden's "prism" project in the United States), the controversy is relatively large.

It is generally believed that public figures (such as stars and officials) should have less privacy.

In short, in the era of big data, we must effectively strengthen the protection of users' privacy, but we must also study and revise relevant policies and laws to meet the needs of the development of the times.

The above is what Bian Xiao shared with you about how to legislate to protect users' privacy in the era of big data. For more information, you can pay attention to more dry goods sharing of Global Ivy.

My beautiful life composition

How to write a summary of the work of Chinese teaching and research group

Opening report of English graduation thesis for British and American literature majors

What is the scope of repeated inspection of paper?

Causes of unqualified TOC in purified water

What are the three-dimensional modeling methods of clothing?

Four excellent argumentative essays on the crisis

The argument of deducing a new proposition by changing the quality or quantity of the proposition is ().

What are the logical methods?

Beijing defengtang honor